Not having the right terms in your contracts can get you in trouble, so it's important to get them right. You need to protect yourself in the event something goes wrong, because it can be expensive. No one wants that.
We know it's tempting to copy someone else's, but being transparent about your use of personal data really is a golden rule not to be broken, and your use of personal data is unique to you, and only you.
We know these are a headache, but we can make them less painful by helping you understand what you need (and don't need) to disclose.
When you, as a data controller, need to transfer personal information to a jurisdiction outside of the UK and EU, this engages Article 44 of the GDPR – you have to meet certain criteria in order to ensure that the data is sent safely and securely. For most cases, you can rely on an adequacy decision – more on that below – but sometimes this won’t be an available get-out, and you’ll need to consider the SCCs or IDTA. So many acronyms, so little time…
Maybe you haven't revisited your policies since GDPR came into force in 2018. You aren't alone, but it's probably time for a refresh!
Sometimes you just need to bite the bullet and brace yourself for the good, the bad and the ugly, all in the name of mitigating risk. We can help you assess and implement new processes and documentation
If you're designing a new product, or updating an existing one, you need to embed good privacy principles into the product when you design and build it. We can help you do this.
Creating a safe space to ask questions and learn is crucial to encouraging and fostering understanding of complex data protection concepts in your business. Data touches all departments, from IT to HR to Marketing, and it’s important to make sure that you’re walking the walk and talking the talk.
It can feel like David against Goliath if you need to challenge or negotiate with your employer. Fortunately, our employment specialists are here to fight your corner.