Category: Compliance

GDPR: Even the Government’s have to comply. Weekly Digest 42

When looking over what happened this week, there were a couple of things I could talk about: EDPB’s guidelines on relevant and reasoned objection under the GDPR, or Ryanair being accused in a US court of hiding behind the GDPR or perhaps musing on the Schrems II ruling and its impact on international data transfers … Continued

Read More

5 types of businesses which are data processors and data controllers

Reflecting back on my post from Friday on joint controllers, I thought it might be useful to reflect on a couple of instances where your data processors might also be controllers. These are situations where you would probably just think about getting Data Processing Agreement in place, but you should really think about whether you … Continued

Read More

European Court invalidates Privacy Shield. What you should do now?

On Thursday, 16 July, the European Court of Justice issued a judgement which invalidates the use of the US Privacy Shield as a lawful basis for exporting personal data from the EU to the US. Guidance from supervisory authorities suggests that, if you are currently using Privacy Shield, to please continue to do so until new … Continued

Read More

Spreadsheets and the risk to GDPR compliance.

The head of the organisation is responsible for demonstrating compliance. While some sole proprietors may find little risk in the use of spreadsheets, they are certainly in the minority. Using spreadsheets for compliance may increase the risk of non-compliance in your organisation. Many accountants will tell you about the security nightmare that is spreadsheet-accounting. And … Continued

Read More