The good news is that you almost certainly do not. There is no requirement for a Data Protection Officer (DPO) just for email marketing lists and various HR functions unless you are a public authority, track online behaviour or process special categories. If in doubt go to: So that’s it, you might think; no wasted … READ MORE »
Data protection at the end of the transition period for SMEs Guidance and resources to help businesses and organisations better prepare for data protection compliance if we leave without an adequacy decision. The UK left the EU on 31 January 2020. There is now a transition period until 31 December 2020 while the UK … READ MORE »
The General Data Protection Regulations (GDPR) has a lot to say about what you should do if you think you have been subject of a personal data breach. You might think that all you have to worry about is the addresses in your email marketing lists, but it goes much further than that. The first … READ MORE »
I was wrong. I thought that the vote on the amendment to the proposed Data Protection Regulations put forward by the European Parliament's Civil Liberties Justice and Home Affairs Committee (LIBE), fronted by MEP J. Albrecht, would be close. However, the MEPs voted 621 to 10 in favour. The amendment has been heavily criticised, not … READ MORE »
A little more than two years ago we were concerned about the implications of the GDPR which, after a gestation period of some five years, had finally been implemented. The predictions were varied. Some suggested it would be just the thing to reassure customers and encourage them to join email marketing lists, while others suggested … READ MORE »
It is with a degree of embarrassment I admit to publishing, about a year ago, a calendar on the countdown to Brexit. The idea was to point out what small and medium sized email marketing companies needed to do to ensure a smooth transition. My only defence is that I was not the only person … READ MORE »
Data protection regulations can be seen as the bane of anyone who collects or maintains personal data. We, with our dependence on email marketing lists, have to make a considerable investment with regards to research and training staff, so being told by the ICO that we might need to make a Data Protection Impact Assessment … READ MORE »
The GDPR created a new position; the Data Protection Officer. Whilst the vast majority of email marketing companies are not required to have one, it is a requirement for local authorities and those processing specified types of data, see here, you might think that the position would be useful, especially during the transition period. The … READ MORE »
We’ve covered what constitutes a data breach and how to plan for one in previous articles. If one occurs there probably is a requirement to notify the ICO. In judging whether a specific breach needs to be reported it is not simply gauging the risk to your email marketing list. You have to establish the … READ MORE »
With the increase in demand for working from home comes headaches for the data protection officer. A recent case highlights the need for comprehensive policies to be in place for home working, and not just covering the worker themselves but their immediate supervisor. In the case mentioned, the inquiry into the matter found the company, … READ MORE »