Lawfully Good News

Blink & You'll Miss It - Californian Privacy Rights Update

We've been keeping an eye on CPRA enforcement since its 2023 introduction. A recent overturn in Court has got us thinking about its impact for other businesses and what UK companies need to consider.

Navigating the EU Data Act: A Practical Guide for Data Holders

The recent implementation of the EU Data Act (EDA) is a landmark development in data protection and privacy regulations. As this legislative framework comes into force, it brings about significant changes with far-reaching implications for those handling data. In this article we explore the key highlights and scope of the Act.

January 2024 Legal Roundup!

The legal world has kept us on our toes this January! Knowledge is power so we've prepared a short article to give you the down low on all legal updates.

Do Businesses Still Care About Data Protection?

As we approach the six-year anniversary of the implementation of the General Data Protection Regulation (GDPR), it is natural to question whether businesses are still prioritising their data protection compliance.

A Bridge too Far? A New UK-US Data Bridge

We explore the UK's extension to the existing EU-US Data Privacy Framework (Data Bridge) to allow for the sharing of personal data from the UK to US organisations which have signed up to the Data Bridge.

Employee Privacy Notices – Personal vs Personnel Data

Writing an employee privacy notice but wondering what the difference is between personal and personnel data? Don't worry, our Employment team are here to help!

Meta Owes Ireland €390 Million: The Impact on UK Advertisers

Breaking news this week, as Meta incurs a €390 Million fine for breach of EU data protection rules. We explain how the case could impact UK advertisers.

The Basics of Cookies: DIY Data Protection Guide

Cookies serve a range of purposes, but if handled poorly, they can get you in hot water. We explore the basics of cookies, and what to look out for.

What Documents do you Need on Your Website?

As a business with a website, there are a number of key documents you'll need to host on your site. From privacy policies to terms of use, we break it down.

The Legal Guide to Email Marketing and Consent

Email is a remarkably useful tool for marketing, and yet - it has it's rules. We discuss PECR, GDPR, and the risks of email marketing.

EasyLife Faces Double-Whammy Data Protection Fines

EasyLife has made the headlines today, with two fines from the ICO for £1.35 million and £130K respectively. But how did this happen?

The GDPR: Your Guide to Compliance

The GDPR sets out to protect the rights of individuals, but non-compliance comes at a great cost. We cover the basics with our GDPR guide.

Digital Information Bill Finally Lands: Data Protection Update

The digital information bill has finally landed, but what are its implications for the data protection world?

Sending People's Information Abroad: The BREXIT Edition

In the business of sending people's information abroad? You'll need to adhere to the international data transfers agreement...

Tackling a DSAR: A Step by Step Infographic Guide

Data Subject Access Requests (or DSARs) are when an individual that you process data about contacts your business requesting...

Why do International Data Transfers Matter?

When it comes to moving personal data between countries, there's a lot to consider. We tackle international data transfers and how to handle them.

Data Protection Day: What is it? And Why Does it Matter?

Doesn’t it feel like the best days of the year all come at once? Christmas, New Year, Data Protection Day…

CNIL Fines Google and Facebook for “Cookie Consent” Banners

The EU data protection regulators, in this case, the French supervisory authority CNIL, have locked horns with Google and Facebook for cookie consent issues.

Grindr Sells Personal Data to Advertisers Without Consent

We discuss Grindr's recent run-in with the law, for selling personal data without consent. Our data protection experts discuss the issues facing the app.

Lloyd v Google: Verdict Arrives for History-Making Court Case

International tech giant Google came under fire this week, at the hands of the former director of Which. We explain the details of this history-making case.

Case Study: Supporting Farewill in their Data Sharing Approach

Farewill provides end of life services, such as will writing and probate support. We take a look at how we helped Farewell with their data sharing approach.

Could Your Smart Doorbell be Invading your Neighbours Privacy?

As smart doorbells grow in popularity, new concerns have arisen surrounding privacy. And according to a judgement, changes may be coming.

How the New Data Sharing Code of Practice Affects You

On 05 October 2021 the UK Information Commissioner (ICO) confirmed that the new Data Sharing Code of Practice has come into force. But what does this mean?

Google Undergoes a Data Protection Change

If you use Google to support your business (who doesn’t?!) you’ve probably received a notification from them...

Email Marketing Gone Rotten: PECR and Sainsbury's Cat-Food Fuss

Sainsbury's has come under fire this week, having recently breached the rules of PECR. Our data protection team explains what it means for the supermarket.

EU SCCs: A Flowchart to Fulfil Your Data Protection Desires

Previously we did a deep dive on the new set of standard contractual clauses set out by the EU. There, we explained...

Data Protection Update: EU SCCs

The data protection world is very excited – the EU has just published a set of new standard contractual clauses (SCCs)...

Data Protection Officers and Representatives: Explained

The data protection world has a series of unique roles, from data protection officers to representatives. We break down what they mean in simple terms.

5 Key Data Protection Issues for HealthTech

HealthTechs face a unique set of challenges when it comes to data protection. We outline the top 5 data protection issues facing HealthTechs today.

The ICO Springs Into Life: Penalty Notices and British Airways

Autumn 2020 has been a busy period on the enforcement front for the ICO. We discuss the data protection penalty notices now facing British Airways.

How TikTok is Evolving in the Context of Privacy

TikTok has dominated headlines, raising privacy concerns in the process. We explain how tiktok is evolving to meet international privacy obligations.

What Happens To Personal Data After Someone Dies?

What happens to personal data after someone dies? We tackle one of the most interesting data protection issues to face the modern digital world.

Susan Roberts on Life as a Data Protection Officer

Max Schrems sits down next to me as the Q&A at the Data Protection conference starts. I have positioned myself in the far corner of the...

The Future of International Personal Data Transfers

There has been much anticipation in the privacy world for the “Schrems II” judgement. We discuss the future of international personal data transfers.

Five Reasons to Cheer at the Death of Third-Party Cookies

Third-party cookies are almost as old as the web itself. And yet, they're facing their demise. We explain the pros of the death of third-party cookies.

European Court Confirms That Consent for Cookies Means Consent

On 1 October 2019, Europe’s highest court handed down its judgment on a series of questions referred to...

DSAR-RRRGH! Dealing with Data Subject Access Requests (DSARs)

Have you been hit with a DSAR? We explain how to deal with a data subject access request and the rights that come with them.

Should you use biometrics in your organisation?

There’s much in the press at the moment about the use of facial recognition technology by the police and other law enforcement...

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.