As with any form of compliance, businesses must overcome several hurdles on their path to becoming compliant with the GDPR. Through the help of our data protection consultancy, we are able to provide businesses with the insight they need to know whether they’re on the right track. Along with simplifying compliance, our GDPR consultants are…
-
-
Almost every business relies on a network of suppliers to develop, deliver and maintain its products and/or services. Working with third-party processors, such as a payment processor or CRM provider, will help streamline workflows and allow you to serve customers with ease. However, as this supply chain grows, more people outside of your organisation will…
-
The Data (Use and Access) Act 2025 The Data (Use and Access) Bill has now reached Royal Assent and will soon be officially enacted as The Data (Use and Access) Act 2025. This new legislation marks a significant milestone in the UK’s data protection law, modernising how data is accessed, used and governed in a…
-
You should complete a GDPR audit every year, but for some businesses, this may be more regular. Conducting regular audits will help prove your compliance, which is crucial should you be subject to an inspection by supervisory authorities. In this blog, we outline four scenarios when you should complete a GDPR audit outside of your…
-
The DUA Bill: What It Means for UK Businesses The Data (Use and Access) Bill (DUA Bill) is the UK government’s latest step in reforming data protection law. Replacing the shelved DPDI Bill, the DUA Bill is expected to become law in 2025 and will bring targeted updates to the UK GDPR and PECR, without…
-
Join Our Team as a Business Development Executive Location: Leeds (Hybrid – 4 days in office) Department: Sales & Marketing Contract Type: Full-Time, Permanent Salary: £28,000–£35,000 + Uncapped Commission (DOE) Start Date: Immediate Are You Ready to Grow With a Business That’s Going Places? We’re hiring a Business Development Executive at a pivotal moment for…
-
Subject Access Requests and Internal Conflicts of Interest: Navigating the Grey Areas When it comes to Subject Access Requests (SARs), few are more complex, or more sensitive, than those submitted by employees and ex-employees. Unlike customer SARs, which are often straightforward, staff-related requests are frequently wrapped up in wider disputes, grievances, or pending legal claims….
-
More Delays, More Questions – What’s Really Happening with the UK Data Bill? In a significant turn of events for the UK’s data governance landscape, the House of Lords has delivered a powerful rebuke to the government’s ongoing attempts to relax rules for artificial intelligence companies. Peers backed an amendment to the Data Use and…
-
When Your “John Hancock” Becomes Sensitive Data: Exploring Signatures as Biometrics Ever looked at your signature and thought, “It’s just a fancy way I write my name”? Think again. In our increasingly digital world, that casual scribble at the bottom of forms is gaining new significance, particularly in places like Jamaica, where the Jamaican Data…
-
Organisations have varying degrees of responsibility when it comes to processing personal data. Depending on your involvement, you may be either a data controller, processor, joint controller or sub-processor. So, which category does your business fall into? In this article, we’ll cover the responsibilities of a data controller and processor, and determine which role applies…
Join our community
Our mission is to make data protection easy: easy to understand and easy to do. We do that through the mantra of benchmark, improve, maintain.