Under the GDPR, the definition of ‘personal data’ means “any information relating to an identified or identifiable natural person”. Sensitive personal data relates to information which requires extra care. A business cannot process any information falling within the list above without taking extra precautions. This is particularly relevant in relation to employees, as many personnel […]
What is Sensitive Personal Data? Read More »
GDPR defines a data controller as: “a natural or legal person, which alone or jointly with others, determines the purposes and means of personal data processing.” … The data controller will decide the purpose for which personal data is required and what personal data is necessary to fulfil that purpose The data controller determines the purposes for which and the means by which personal data is processed. So, if your company/organisation decides
What is a Data Controller? Read More »
GDPR certification refers to becoming legally compliant with the European Union’s (EU) General Data Protection Regulation (GDPR). This is a feature of GDPR law that allows people or entities to receive certification from approved certification bodies to show both the EU and consumers that they are in compliance with GDPR. Certification is scalable and can be different for organizations of differing size and
GDPR Certification Read More »
Many people are still unsure what exactly the term ‘personal data’ refers to, even though it forms the core of the EU General Data Protection Regulation (GDPR). The EU-wide GDPR, which was brought into UK law on 25 May 2018, broadened the definition of what counts as personal data. When we think of personal data, things like name,
What constitutes personal data for GDPR? Read More »
There are seven key GDPR principles: Lawfulness, fairness and transparency. Purpose limitation. Data minimisation. Accuracy. Storage limitation. Integrity and confidentiality (security). Accountability. Lawfulness, fairness and transparency The first principle of GDPR requires that the data controller provide the data subject with information about his/her personal data processing in a concise, transparent and intelligible manner, which
What are the 7 GDPR Principles Read More »
Businesses must acknowledge that being transparent about how data is used and protected is now required by law. Each organization (including charities and public sector entities) must define a scope for which they collect specific data. You should only collect personal information that is needed to provide the service or product and nothing more. Also,
What are my options for maintaining GDPR compliance? Read More »
GDPR came into effect on May 25, 2018. However, some organizations still struggle to both understand and comply with GDPR and its complexities. The primary objective of the GDPR is to give citizens back control of their personal data. GDPR is a regulation that requires businesses to protect the personal data and privacy of EU
What is GDPR Compliance and how can my business be compliant? Read More »
The simple answer is that every company who processes personal data about people in the European Union (EU) is affected by the General Data Protection Regulations (GDPR). The regulations came into effect in May 2018. A wide-ranging set of legislation designed to protect the privacy of individuals in the EU and give them control over
Who is affected by GDPR Regulations? Read More »
