The Future of Privacy Forum has conducted a new analysis that resulted in this Report presenting an overview of the regulatory strategies of DPAs for 2021-2022.
SAR
This GDPR Data Protection Impact Assessments (DPIA) for Digital Advertising under GDPR Guide provides background and describes the DPIA process in the context of processing data for digital advertising generally and for real-time bidding (RTB), in order to help companies understand their obligations and how to comply with them in practice. It explains how to […]
Ireland’s data protection authority – the Data Protection Commission (DPC) – has published frequently asked questions (‘FAQs’) on data subject access requests (SARs). The FAQs highlight the circumstances in which an individual is entitled to make a SAR, the information an individual is entitled to when making a SAR, and the method an individual should […]
Guernsey’s Office of the Data Protection Authority (‘ODPA’) published guidance on the right to data portability. In particular, the Guidance provides information on data portability requests including, relevant fees, the response timeframe and format of the request. In addition, the Guidance differentiates between data portability requests and subject access requests, and includes a case study […]
Ireland’s Data Protection Commission has published a note to clarify aspects of the right to rectification of personal data.
In this guide, Privacy Perfect provides a seven step scheme to help you become GDPR compliant. We won’t claim it’s easy, but it’s doable. To provide you with more insight, they have drafted an infographic reflecting the internal and external stakeholders and sources needed for inventory purposes.
The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data.
This code is intended to help employers comply with the Data Protection Act and to encourage them to adopt good practice. The code aims to strike a balance between the legitimate expectations of workers that personal information about them will be handled properly and the legitimate interests of employers in deciding how best, within the law, […]
Organisations are increasingly looking to record staff telephone calls, whether in response to specific regulatory requirements or for their own particular business needs. This eBook explores the implications of the GDPR for this type of call recording.
This code of practice explains the rights of individuals to access their personal data. It also clarifies what you must do in this regard to comply with your duties as a data controller. These rights and duties are set out in sections 7–9A of the Data Protection Act 1998 (DPA) and are often referred to […]