The GDPR gives people the right not to be subject to solely automated decisions, including profiling, which have a legal or similarly significant effect on them. These provisions restrict when you can carry out this type of processing and give individuals specific rights in those cases.
DataGuidance by OneTrust and Latham & Watkins hosted a webinar on employee monitoring and data protection. During this webinar, our panel of expert speakers discussed a comparative German v. UK employee monitoring case study, and gave practical guidance on how to find the right balance between effective employee monitoring and the strict legal requirements for […]
This guidance will help you to understand the importance of encryption as an appropriate technical measure to protect the personal data you hold. Whether you are a controller or a processor, encryption is a technique that you can use to protect personal data. The guidance outlines the concept of encryption in the context of the […]
A key principle of the GDPR is that you process personal data securely by means of ‘appropriate technical and organisational measures’ – this is the ‘security principle’. Doing this requires you to consider things like risk analysis, organisational policies, and physical and technical measures. You also have to take into account additional requirements about the security of […]
This guide is designed to give booksellers an overview of the requirements of the GDPR and to give some practical tips on how to meet these requirements. Some of the requirements are very similar to those of the Data Protection Act 1998, some are more thorough enhancements and some are completely new.
This code is intended to help employers comply with the Data Protection Act and to encourage them to adopt good practice. The code aims to strike a balance between the legitimate expectations of workers that personal information about them will be handled properly and the legitimate interests of employers in deciding how best, within the law, […]