Search Results for: gdpr

Under the GDPR (General Data Protection Regulation), a lawful basis must be documented when organisations process personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are …

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the …

In 2020, organisations received €182 million (about £155 million) in fines for violating the GDPR (General Data Protection Regulation), according to an IT Governance report. Our GDPR Fines Quarterly Report revealed that more than two thirds of that total – …

The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. Organisations must let individuals know how they can exercise these rights, and meet requests promptly. Failure to do so is a violation of the GDPR …

  Under the General Data Protection Regulation (GDPR), organisations must create a data retention policy to help them manage the way they handle personal information. But for how long can personal data be kept? If you keep sensitive data for …

Experian has been selling millions of people’s personal information without their consent, the UK’s data protection watchdog has found. An ICO (Information Commissioner’s Office) investigation revealed that the credit reference agency has been selling personal data to political parties and …

In the second quarter of 2020, data protection bodies across Europe issued at least 46 administrative fines under the GDPR (General Data Protection Regulation), with the penalties totalling nearly €2.9 million (£2.6 million). This is a sharp decrease on Q1, …