Guidance on the use of Legitimate Interests under the EU General Data Protection Regulation
Tag: data subject rights
On October 22, 2018, the Future of Privacy Forum (FPF), the European Federation of Pharmaceutical Industries and Associations (EFPIA), and the Centre for Information Policy Leadership (CIPL) hosted a workshop in Brussels, “Can GDPR Work for Health Scientific Research?,” to discuss the processing of personal data for health scientific research purposes under the European Union’s […]
In connection with the EU General Data Protection Regulation (GDPR), many companies are wondering how to implement a “data deletion policy”. This article describes the essential steps that companies need to undertake when preparing a GDPR-compliant data deletion policy and the associated documentation.
In this guide, Privacy Perfect provides a seven step scheme to help you become GDPR compliant. We won’t claim it’s easy, but it’s doable. To provide you with more insight, they have drafted an infographic reflecting the internal and external stakeholders and sources needed for inventory purposes.
The handbook provides an overview of the EU’s and the CoE’s applicable legal frameworks. It also explains key case law, summarising major rulings of both the Court of Justice of the European Union and the European Court of Human Rights. In addition, it presents hypothetical scenarios that serve as practical illustrations of the diverse issues […]
The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data.
This code is intended to help employers comply with the Data Protection Act and to encourage them to adopt good practice. The code aims to strike a balance between the legitimate expectations of workers that personal information about them will be handled properly and the legitimate interests of employers in deciding how best, within the law, […]
Organisations are increasingly looking to record staff telephone calls, whether in response to specific regulatory requirements or for their own particular business needs. This eBook explores the implications of the GDPR for this type of call recording.
This code explains how the Data Protection Act 1998 (the DPA) applies to the collection and use of personal data online. It also provides good practice advice for organisations that do business online and are therefore subject to the DPA. The code covers the collection and use of personal data online, whether it is collected […]
This code of practice explains the rights of individuals to access their personal data. It also clarifies what you must do in this regard to comply with your duties as a data controller. These rights and duties are set out in sections 7–9A of the Data Protection Act 1998 (DPA) and are often referred to […]