Free Trial

    THE PRIVACYPERFECT BLOG

    How to gain C-level support for your compliance efforts

    Apr 2, 2020 9:00:00 AM / by PrivacyPerfect posted in DPO, Data Protection Officer, GDPR Controller, Reputation under GDPR, GDPR Reputation, gdpr2020, data minimisation

    The role of the Data Protection Officer (DPO), is one that’s often met with mounting pressure and increasing challenges due to the complexity of regulations, a huge amount of workload, and dependency of support of other departments. The GDPR also emphasises on the importance of the role the DPO has in major business decisions, since these need to be aligned with the regulation and  organisation’s data protection strategy, in order to maintain compliance. With so much going on, getting the right tools, resources, and support from top-levels is absolutely essential for this role. At the same time, DPOs are often faced with reluctance, and are sometimes struggling to gain additional support from C-level management. In this blog post, we provide tangible advice on getting this support.

    Read More

    All you need to know about Data Processing Agreements

    Mar 19, 2020 4:04:37 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, DPO, Data Protection Officer, GDPR Controller, GDPR Processor, GDPR Reputation, gdpr, DPA, gdpr2020

    One way or another, almost all organisations rely on third parties for processing personal data in today’s digital world, creating a direct need for data processing agreements (DPA). Even the tools that are considered to be the basic necessities in business, such as email clients, CMS systems, data storage servers, or website analytics, all process personal data on behalf of organisations. With the introduction of the GDPR, there are strict requirements and guidelines on how this can be done in a compliant manner, through signed DPAs between the organisation (the data controller) and any party that acts as a data processor on their behalf. But what are Data Processing Agreements (DPAs), are they really necessary for you, what do they look like, and who needs to be involved from within your organisation? 

    Read More

    How to overcome the challenges of responding to DSARs

    Mar 5, 2020 3:43:52 PM / by PrivacyPerfect posted in DPO, Data Protection Officer, GDPR Reputation, gdpr, Netherlands, gdpr2020, DSAR

    Since the enforcement of the GDPR back in May 2018, organisations that process personal data within the EU & EEA are obligated to respond to a Data Subject Access Request (DSAR). DSARs are not new, however, the GDPR enforced a new set of new rules for the process. For instance, organisations today are required to respond within 30 days upon receiving a request. The tight time-frame and the process itself often poses challenges for organisations when responding to DSARs.

    Read More

    What are Some Key Differences Between Consent & Legitimate Interest?

    Jan 9, 2020 2:11:47 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Processing, Data Protection Officer, GDPR Controller, GDPR Processor, Data Controlling, GDPR Reputation, Data Consent, Consent, Marketing under GDPR, GDPR for Marketers, gdpr, DPIA

    Legitimate interest and consent are two of the six lawful bases that data processors can choose from when gathering and processing data subject personal data. Both of the mentioned lawful bases are the most commonly used reasoning among organisations for their data gathering. But what are some of the key differences between the two? 

    differences_consent_legitimate_interest_lawful_basis

    Read More

    Companies and the Race for Compliance

    Dec 11, 2019 1:51:05 PM / by PrivacyPerfect posted in EU, GDPR Compliance, US, GDPR for SMEs, Small business GDPR, Medium business GDPR, DPO, Data Protection Officer, International GDPR, Reputation under GDPR, GDPR Reputation, GDPR For Tech Companies, gdpr 2019, Europe

    As we slowly enter 2020, during the year of 2019, numerous studies have been conducted with the objective to see just how far companies fare in regards to their GDPR compliance efforts. As fines and penalties are still being issued from various data protection regulators in their respectful countries, it may be suggested that companies, ranging from multinational corporations to SMEs, are still struggling to be fully compliant with the GDPR. In this blogpost, we take a look at several key studies done by various types of organisations, the numbers in their findings, and how it all shapes the race for compliance.

    Read More

    A Cautionary Tale: The Brief Look Into the Future of Personalisation

    Oct 24, 2019 5:26:39 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Data Processing, Data Security, DPO, Data Protection Officer, GDPR Reputation, GDPR For Tech Companies, Data Consent, Consent, Cookies, Marketing under GDPR, gdpr, gdpr 2019

    It’s a rainy Thursday morning and I’ve just got into my driverless cab. I’d usually miss it, but because the cab now knows the average time I take to get ready, there is no actual way I could miss one. It knows where I need to go, what time I need to be there and also the preferred route I want, all through a 0.2 second scan of my thumb’s fingerprint. During my ride, I listen to the playlist made for me specially for this Thursday. It was made instantly as I typed in the first two words that came to my mind this morning. It can be any literally any word, isn’t that fun? It knows what music I want to listen to, the length of the songs I like, the mix of genres I prefer, and it also predicts the exact moments I would get bored of the song and automatically removes it from the playlist - only to replace it with an absolute banger of a song I was thinking about giving a listen to. 

    Read More

    Discounts & Data: GDPR for Retailers

    Oct 17, 2019 6:07:01 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, GDPR Software, DPO, Data Protection Officer, Personal Data, International GDPR, Data Controlling, GDPR Reputation, Data Consent, Cookie, Consent, Marketing, Marketing under GDPR, GDPR Summary, DPIA, gdpr 2019, Europe, DPA, Netherlands

    What does the GDPR really mean for you as a retailer? Well, as is often the case with a subject like privacy: it depends. After you’ve determined that the GDPR is applicable because personal (identifying) data is involved, let’s take a look at today’s retail business operations and what it entails. We will go through specific aspects of direct marketing, e-commerce habits, and even efforts made for compliance offline, to get a better understanding of what the GDPR means for retail.

    Read More

    Breach don’t kill my vibe: ways to mitigate a data breach

    Oct 3, 2019 3:48:17 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Security, Data Protection Officer, Reputation under GDPR, GDPR Reputation, GDPR For Tech Companies, Data Consent, GDPR Compliance Program, Consent, gdpr, DPIA, gdpr 2019, Europe, DPA, Netherlands, Britain

    Data breach. Two words you just don’t want to hear after a long week. It’s finally the Friday afternoon you’d been waiting for. Weekend plans with the family, the clock has just hit 16:00, and the weather isn’t as bad as predicted. Yet, here you are, after conducting a DPIA, finding yourself in a situation where you have a mere 72 hours to handle a whole breach. In this blog post, we will discuss your options, and provide you with support to handle this procedure seamlessly.

    Read More

    Ad Tech and Privacy Law Compliance: A Complicated Relationship

    Sep 27, 2019 9:04:40 AM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, GDPR for SMEs, Small business GDPR, Medium business GDPR, Data Protection Officer, GDPR Reputation, GDPR For Tech Companies, Data Consent, Cookie, Consent, Cookies, Marketing, Marketing under GDPR, GDPR for Marketers, gdpr, gdpr 2019, Europe, DPA, Britain

    Back in June, the UK’s Data Protection Authority (ICO) released statements on their stance in regards to ad tech, saying: “If you operate in the adtech space, it’s time to look at what you’re doing now, and to assess how you use personal data” (Simon McDougall, Executive Director for Technology and Innovation at ICO). The ICO also released a report that looked into how the ad tech sector should comply with the GDPR. Below are the most important aspects to take into account if you work in or with the ad tech sector: 

    Read More

    How to overcome the challenges of conducting a DPIA

    Sep 19, 2019 10:39:46 AM / by PrivacyPerfect posted in EU, GDPR Compliance, Compliance, Data Processing, Data Security, DPO, Data Protection Officer, Personal Data, Data Controlling, GDPR Reputation, Data Consent, Data Assessment, gdpr, DPIA, gdpr 2019, Europe, DPA

    Conducting a DPIA is often seen as a rather challenging task. But, there are ways still to make it a little easier.  We have highlighted the steps to get through conducting a DPIA in the least painless way possible. We’ve put down aspects from pre-assessment elements, through overcoming the struggles of getting support and involving key players, to how you can cut through the edges and simplify processes.         

    Read More

      Lists by Topic

      see all
      harmas_Rajztábla 1-1
      Keep informed!
      Sign up to the Weekly GDPR Digest now.