The key to being successful at data privacy is awareness: of what you’ve got and what you do with it.
Much has been made of GPDR Article 30, which talks to the requirement to maintain a Written Record of Processing. This sounds grandiose, but in fact it can be simply described as “writing down what you do”.
The first thing to say is that for most* organisations under 250 people, it isn’t mandatory. However, life is made ... Continue Reading →
This week a colleague and I went to the “2018 e-Commerce Expo”: https://www.ecommerceexpo.co.uk/
Our aim was to gauge the market for GDPR services in the SME e-Commerce sector: how did people feel about it, what was the privacy support like from their 3rd- party service providers?
In short, was there a need for JEM and our services?
On that front we came away feeling quite buoyed, albeit with the occasional sigh of disappintment. The Platform providers generally ‘got it’ when it came ... Continue Reading →
A lot of comment on social media is about the impact (or lack thereof) of GDPR on Direct Marketing: “Another company still sending me emails, despite me saying no!” sums up a whole slew of Tweets.
I’ll cover some specifics on the opt-in/out controversy and the PECR later (hint – it’s not as straightforward as people want to believe). But it got me to thinking – are we “data subjects” focusing on the wrong thing?
The GDPR is first and foremost about ... Continue Reading →