Got Views on How the ICO Handles Complaints? Now Is the Time to Share
The ICO is changing how it handles data protection complaints. With the consultation closing 31 October 2025, now is your…
Articles
Practical guidance on UK GDPR, data protection, and privacy compliance. From ICO enforcement updates to implementation guides, we help you stay informed and compliant.
Are EU-UK Cross-Border Data Transfers at Risk of Change?
EU-UK data adequacy decisions are up for renewal in 2025. With the December 27 deadline approaching, understand what's changing and…
GDPR Recognised Legitimate Interests: Understanding the New ‘Recognised’ Category
The UK's Data (Use and Access) Act 2025 introduces recognised legitimate interests, a new lawful basis giving organisations pre-approved grounds…
£300,000 ICO Penalty for Illegal Automated Marketing Calls: Home Improvement Marketing Ltd Case Analysis
The ICO fined Home Improvement Marketing Ltd £300,000 for making 2.4 million illegal automated marketing calls. Analysis of the penalty…
Bristol City Council ICO Enforcement Case: Falling Behind On Subject Access Request Compliance
Bristol City Council faces ICO enforcement action for 231 overdue Subject Access Requests dating back over three years. Learn the…
How to request your personal data under GDPR in the UK?
A comprehensive guide to making Subject Access Requests in the UK. Learn how to request your personal data from organisations,…
What the ICO Says About Data Protection Refresher Training
ICO requires data protection refresher training at "appropriate intervals." Learn frequency recommendations, what to include, and how to document compliance…
Does my business need to prepare for changes to Data Protection in the UK via the Data (Use and Access) Act 2025?
The Data Use and Access Act 2025 amends UK GDPR with changes rolling out through June 2026. Learn what's changed,…
Do I need to train my team about data protection – what does the ICO say in 2025?
If you handle personal data in your organisation, you’ve probably asked yourself: am I legally required to train my staff…
ICO fines Care Home Director for Deleting Data: The Warning Every Manager Should Read
On 3 September 2025, Jason Blake, 56, director of Bridlington Lodge Care Home in Yorkshire, was ordered to pay £1,100…
The UK Data (Use and Access) Act 2025: What You Actually Need to Know
The UK has new data protection laws. Again. But before you start panicking about another massive compliance overhaul, take a…
Understanding GDPR Data Subject Access Requests: A Practical Guide for Organisations
One important mechanism that empowers individuals (data subjects) under GDPR is the Data Subject Access Request (DSAR).
Does WordPress Use Cookies? A Complete Guide to Cookie Compliance
In light of data protection laws like GDPR and the ePrivacy Regulations (PECR) you may be concerned about whether your…
UK Home Office Receives Enforcement Notice Over Migrant GPS Tagging Data Risks
This action follows discussions with the ICO regarding a controversial pilot program that tracked the GPS locations of up to…
Exciting updates to our free GDPR training course: streamlined access and enhanced user experience
At Measured Collective, we are always striving to provide the best possible learning experience for our community of over 5,000…
Canal+ fined €600k for GDPR breaches including failure to report data breach
French broadcasting company Groupe Canal+ was recently fined €600,000 by the French data protection authority (CNIL) for multiple violations of the EU’s…
GDPR Legitimate Interests Assessment: The Complete Guide
It's one of the most flexible lawful bases under GDPR but applying it comes with some caveats.
What is considered “disproportionate effort” under GDPR?
Under Article 13 of GDPR you must give data subjects information about your data processing practices, this is commonly known…
Do I need ongoing GDPR training?
Without good training, staff will lack the awareness required to complete their day to day tasks in a GDPR compliant…
How to make any form GDPR compliant
Forms are a practical way to gather data but can also be a GDPR compliance risk if not set up…