Article categories

Canal+ fined €600k for GDPR breaches including failure to report data breach

green potted plant on brown wooden table

French broadcasting company Groupe Canal+ was recently fined €600,000 by the French data protection authority (CNIL) for multiple violations of the EU’s General Data Protection Regulation (GDPR). The CNIL’s investigation uncovered several areas where Canal+ was non-compliant: The data breach in question exposed the contact details of around 10,000 Canal+ subscribers over a period of … Read more

GDPR legitimate interests assessment guide & worked example

Lazy with her hands out balancing the risks of applying legitimate interests to data processing

It’s one of the most flexible lawful bases under GDPR but applying it comes with some caveats. To apply legitimate interests you need to be sure that your processing activity fulfils your purposes, is necessary and doesn’t override the interests or fundamental rights and freedoms of the data subject. In other words, your use of … Read more

What is considered “disproportionate effort” under GDPR?

Hand over envelopes

Under Article 13 of GDPR you must give data subjects information about your data processing practices, this is commonly known as the “Right to be informed”. This information includes but is not limited to what types of data you process about them, under what legal basis you process the data and where the processing takes … Read more

Do I need ongoing GDPR training?

In today’s world, we all end up processing personal data in some capacity even if we are not in a client or customer facing role. GDPR training has become essential for the whole team. Without good training, staff will lack the awareness required to complete their day to day tasks in a GDPR compliant manner. … Read more

How to make any form GDPR compliant

Person completing online forms from laptop

Whether you’re using a simple contact us form on your website, trying to drive newsletter sign-ups or even manage job applications through online forms. Most of us are using online forms somewhere on our websites. Forms are a practical way to gather data but can also be a GDPR compliance risk if not set up … Read more

Does GDPR apply to b2b data?

Does GDPR apply to b2b data image of question mark and data over city landscape

If you processing personal data for “b2b” or business to business purposes, does GDPR apply? There is often some confusion over this issue but in most cases yes, the GDPR still applies. So in this article we’ll look at some examples of b2b processing and explore what you may need to consider in order to … Read more

GDPR Training Requirements: Who needs to do GDPR training?

Man completing online training

GDPR might not be everyone’s favourite topic but it is important. With financial penalties for non-compliance soaring over the last few years, there’s never been a more appropriate time to review your current training programme or to put one in place. When deciding on what steps to take you may be wondering who exactly needs … Read more

Can I get compensation for a GDPR Data Breach?

What is a data breach? A data breach occurs when an unauthorized person gains access to your personal information. This could be by hacking into a system that stores your personal information, for example hacking into a database or computer system. Or it could be by unlawful access – where a person uses their access … Read more

How the Data Protection and Digital Information Bill could change marketing in the UK

Westminster London with Data Reform Bill design overlays

Good news for marketers – unless you’re not following the law already 💸 The UK government recently published the outcome of their consultation on the Data Reform Bill (now known as the Data Protection and Digital Information Bill) – a collection of sweeping policy changes “designed to make the UK the best place for businesses … Read more