Data protection & GDPR

It is nearly seven years since the General Data Protection Regulation (GDPR) came into force. However, it is as important as ever that data protection compliance doesn’t fall off the […]

On 24 May, the ICO published its updated guidance for businesses and employers on responding to data subject access requests (commonly referred to as ‘SARs’ or ‘DSARs’). Based on the […]

Less paperwork for organisations, fewer data collection pop-ups for the wider public, and more than £4 billion saved over next 10 years – these are just a few outcomes that […]

New standard clauses mean organisations will need to incorporate either the International Data Transfer Agreement or the UK Addendum in all contracts concluded on or after 22 September 2022. This […]

This September brings change to the use of standard contractual clauses (SCCs) governing data transfers from the EU and EEA. In June this year, the European Commission published two sets […]

On Christmas Eve, the nation was informed that the UK and EU had struck a Brexit deal. The transition period is now over, and a clearer picture of the future […]

We often hear of businesses lamenting the cost of GDPR compliance, but as the bedding-in period passes and national supervisory authorities such as the UK’s Information Commissioner’s Office (ICO) tighten […]

The ICO (Information Commissioner’s Office) has released its annual report, which has revealed an “unprecedented” year. It received 41,661 data protection complaints in 2018/19, up from 21,019 in 2017/18. Big […]

After Brexit, a UK company may find itself subject to both the GDPR and the parallel Applied GDPR regime. Consequently, a data breach might well fall within the competence of […]