As experts in data protection, privacy and the GDPR, we wanted to share our knowledge with you to ensure your compliance journey is as simple as possible. With a clear understanding, data protection best practice will become a natural part of your organisation’s way of working - a benefit to you and your business.
So take a look over our GDPR and data protection resources below.
Numpty Nigel thinks you’re interested
Numpty Nigel thinks he’s great. He thinks he’s wise. When he speaks, everyone should listen (or so he thinks). Like that bloke on the train who is talking into his mobile phone, but acts like he wants the whole carriage to hear. Annoying isn’t he? A right numpty.………… at the very least!
How to choose a lawful basis for processing personal data
If you think that to process personal data all you need is a tick box, think again. If you think that all you need is consent, take another guess. And if you think that you can get away with only one lawful basis, then perhaps you should read this article.
Numpty Nigel forgets to lock the door
For many people the bathroom is a safe place. A private space. Imagine you have a state of the art Japanese toilet. The seat is heated. Your expensive bluetooth stereo system is playing your favourite tunes through hidden speakers. The air conditioning system with built in AI knows just the temperature you like it. You sit down, get nice and comfortable and then………..
How to write a privacy notice
There are three types of privacy notice. There are those that have been copied and pasted from someone else’s site with a few names changed. There are those drafted by professionals who have little idea of the business that they are writing them for. And then there are those that are done right.
How to create a Record of Vendors & Partners
“Accountability”. It is the cornerstone of trust. You can’t trust someone if they are not accountable for their actions. We all know someone who seems to get away with murder (or more likely avoiding work, or responsibility when things go wrong). Well, privacy regulation knows about such people which is probably why one of the principles of the GDPR is ‘accountability’. Not only must you be compliant, you must be able to demonstrate your compliance. And one thing you need to be able to demonstrate is who you are sharing personal information with.
Numpty Nigel presses ‘Send’
We’ve all done it. We hit ‘Send’ and then scramble to try and get the email back, or stop it sending. That sinking feeling as we realise that the email has gone. The mistake has been made. And we have to face the consequences. What is worse is where the mistake leaves a person worried that their organisation may have to report their mistake to the regulator and they may have just lost their job. That is the most common data breach we come across at the The Privacy Compliance Hub (although we’ve never seen anyone lose their job over it).
Numpty Nigel misses a Subject Access Request
Deadlines are boring aren’t they? They are meant to hurry us up. To make us do what the man wants us to do. Nobody wants to be a slave to the man. We are individuals. We should take our time. After all, deadlines are a target that can always be pushed out. Can’t they?…….. Well, not this one! It is the number one privacy fail resulting in complaints to privacy regulators.
How to create an Article 30 Record
Records can be interesting if you are a Strava athlete. Or a collector of vinyl. But Article 30 Records are not interesting. Even if we call them by their other name – ‘Records of Processing Activities’ – they still don’t sound interesting. And they are not. What they are is an essential (and often legally required) building block of any data protection compliance programme.
How to map your data flows
“Data flows”. Sounds like a job for someone in IT right? Wrong! Creating accurate maps of your data flows is an essential building block of any data protection compliance programme. Don’t get this bit wrong. If you do, everything else will be wrong as well. Time spent on getting this right will save you time over and over again as you build out your programme. Let us give you some pointers.