Audit

Four key points to include in contracts between Data Controllers and Data Processors

Posted on

The General Data Protection Regulation (2016/679), imposes clear requirements controlling the appointment of data processors by data controllers.  One of these is a requirement prescribing various matters which must be stipulated in a written contract (Article 28). As and from 25 May 2018 all agreements between Data Controllers and Data Processors need to meet these new GDPR requirements. This is a major change for many organisations, […]

Documentation

What do you need in a GDPR privacy statement?

Posted on

Since the coming into force of the EU’s GDPR you will have noticed many GDPR privacy statements.  This is driven by the GDPR’s focus on transparency which is intrinsically linked to fairness and the principle of accountability. This is enumerated clearly in Article 5.2 where the onus is placed on the controller to demonstrate that personal data is […]

Compliance

Consent: one of six lawful bases to process personal data, in GDPR

Posted on

Article 6 of Regulation 2016/679, the General Data Protection Regulation (hereafter: GDPR). sets the conditions for a lawful personal data processing and describes the six and only six, lawful bases for personal data processing, only one of which is consent. It is important to note that one of these six bases must be established prior to processing for each specific purpose. Generally, consent can only […]

Audit

GDPR and Charities in Ireland

Posted on

Ireland is fortunate in having a thriving voluntary sector. A sector which between employment, sport, caring and entertainment touches the lives of almost every citizen on the island of Ireland. Possibly retaining personal data on every citizen on the Island of Ireland. Every city, town and parish in the country has sports clubs and schools […]

Compliance

Google Analytics and GDPR

Posted on

Most Irish businesses use Google Analytics as their main web analytics tool and for many it’s the only tool they use to tell how their website is working. Firstly its free for most users and it’s relatively straightforward to use You (or your developer) install Javascript code on web pages to track (monitor) website users […]

EU GDPR

Guest Blog by TenFold – Understanding the GDPR: General Data Protection Regulation

Posted on

The GDPR–or General Data Protection Regulation–is a regulation passed by the European Union on April 27, 2016, with an effective start date of May 25, 2018. Officially classified as regulation 2016/679, the GDPR expands upon and replaces the Data Protection Directive 95/46/EC of 1995. It serves as the EU’s effort to synchronize and harmonize laws on citizen and resident […]

Compliance

GDPR and its implications outside of the EU

Posted on

The General Data Protection Regulation (GDPR) is the latest data protection legislation applicable European Union (EU) member states.  The intent of the GDPR is to replace the European data protection framework as set out in the European Data Protection Directive (95/46/EC) (Directive) and be implemented into the national data protection laws of the EU member […]

Compliance

GDPR for IT equipment suppliers

Posted on

The data controllers carries primary responsibility, along with any data processors to protect the data subjects under GDPR.  Businesses who sells IT equipment even if that equipment processes personally identifiable data have far less stringent obligations.  However to remain competitive offering GDPR compliant features makes good business sense. This normally involves development in two areas […]