Our GDPR Consultants can help you implement best practices for Data Protection Legislation. Read more about GDPR here.
Key Themes of GDPR
- Six Data Protection Principles
- Basis for Lawful Processing
- Data Subject Consent (where required)
- Handling Special Categories of data (including in relation to children)
- Rights of the Subject
- Controller and Processor Obligations
- Security including handling Data Breaches
- Data Protection Impact Assessments (DPIA)
- Data Protection Officers (DPO)
How we can help with GDPR
Data Protection GDPR Audit
Many of the GDPR principles will be familiar and our GDPR Consultants can provide a data protection audit to help you identify the types of PII you hold, and evaluate your compliance with current legislation, and future best practice.
Our GDPR Consultants will review your current policies and procedures, and highlight areas of improvement.
Data Protection GDPR Workshop
Workshop the requirements of GDPR with our consultants to better understand the European regulations and evaluate how you can implement best practices in your organisation.
Data Protection GDPR Consultants
Work with our GDPR Consultants to implement Policies, Procedures and Processes within your organisations, including drafting documentation.
Data Protection Impact Assessment
It’s advisable to start with an impact assessment, and our Consultants can help you prepare this in relation to the PII you store and process.
Your privacy statement should provide clear information on your data protection practices including how you manage requests to access data, data breaches and any third parties who process or handle PII. Our Consultants will work with you to produce a clear and accurate statement.
A key theme of Data Protection and particularly GDPR, will be accountability. Our GDPR Consultants will help you build Data Protection into the design of your business processes, ensuring accountability at every step.
Does BREXIT Impact GDPR?
The ICO guidance (as of June 2023) says:
Does the GDPR still apply?
The EU GDPR is an EU Regulation and it no longer applies to the UK. If you operate inside the UK, you need to comply with the Data Protection Act 2018 (DPA 2018).
The provisions of the EU GDPR have been incorporated directly into UK law as the UK GDPR. In practice, there is little change to the core data protection principles, rights and obligations. GDPR recitals add depth and help to explain the binding articles. Recitals continue to have the same status as before – they are not legally binding; they are useful for understanding the meaning of the articles.
Basis for Lawful Processing
Contrary to popular belief, Data Subject Consent is only one of the lawful basis for processing data.