AI in business AI is transforming how organisations operate. However, without strong data protection practices in place, it can just as quickly introduce significant risk. The difference between safe and unsafe AI use often comes down to how effectively core data protection principles are applied in practice. Drawing on insights from our data protection experts,
Safe vs unsafe AI use Read More »
A quick AI question worth asking Before you paste that data into an AI tool, pause for a moment and ask yourself a simple question: would I share this with a stranger? Because, in many cases, that is effectively what you are doing. Why this matters more than you think AI tools are powerful and
Would you share this with a stranger? Read More »
Online platforms like Booking.com have become a target for scammers who impersonate hotels or the platform itself. After making a real booking, customers may receive a message claiming there’s an issue with payment or confirmation. These messages often include a link to a fake website designed to steal personal and payment details. Because the booking
The Booking.com scam: what you need to know Read More »
The Data Use and Access Act 2025 (DUAA) amends the GDPR and UK data protection laws. Changes are being phased in between June 2025 and June 2026. For organisations, the biggest update for Article 6 of the GDPR is the introduction of a new lawful basis called recognised legitimate interests. This is a separate basis
What the Data Use and Access Act means for GDPR Read More »
How massage and beauty therapists can keep customer data safe Keeping customer data safe If you run a massage or beauty business, trust is everything. Your clients trust you with their comfort, their wellbeing and often some quite personal information too. From contact details to treatment notes, you’re handling more than just bookings. The good
GDPR for massage therapists and beauty therapists Read More »
Will you be hit by a class action lawsuit after a data breach? Executive summary Group lawsuits after data breaches are rising in the UK and EU. Regulators (like the ICO) still issue fines and guidance, but claimants are increasingly using GDPR rights to sue en masse. High-profile cases show that both customers and employees can
Class action lawsuit after a breach Read More »
Breaking news: UK bank apps show customers other users’ transactions Customers using mobile banking apps from Lloyds, Halifax and Bank of Scotland were able to see other people’s banking transactions due to a technical glitch, raising serious concerns about personal data protection. The incident occurred on the morning of 12 March 2026, when users reported
UK bank apps show customers other users’ transactions Read More »
Does your employer know too much about you? Most employees never stop to ask an important question “what exactly does my employer know about me and how well are they protecting that information?” The answer might be more concerning than you think. How much personal data does your employer hold? Your employer is likely storing
Does your employer know too much about you? Read More »
When data goes wrong: can staff be personally liable? The famous Morrisons data breach case gave organisations across the UK a nasty shock. In that incident, a disgruntled employee deliberately leaked payroll data for thousands of colleagues. The courts examined whether the supermarket could be held responsible for the actions of a rogue staff member.
Can staff be personally liable? Read More »
Have your employees already suffered a data breach? It might be simpler than you think When executives hear the words “data breach”, they often imagine hooded hackers, blinking servers and a dramatic cyber-attack straight out of a thriller. Sometimes that does happen. The UK armed forces learned this in 2024 when a major UK armed
Have your employees suffered a data breach? Read More »
