Examples, Marketing and Personal data - Information Management Today

What Is Data Minimisation? Definition & Examples

IT Governance

APRIL 18, 2023

Data minimisation requires organisations to process personal data only if it serves a specific purpose, and to retain it for only as long as it’s needed to meet that purpose. This is because the answer will depend on the specific circumstances for processing and using the personal data.

GDPR

GDPR Personal data Data breaches Marketing

New guidance on direct marketing

Data Protection Report

JANUARY 10, 2023

On 5 December 2022, the Information Commissioner’s office ( ICO ) published its new guidance on direct marketing (the Direct Marketing Guidance ). Back in 2020 the ICO published a Direct Marketing Code of Practice (the Code ) which is required under s. 122 of the Data Protection Act 2018. Classification of obligations.

Marketing

Marketing B2B Personal data Retail

Examples of data processing activities that require a DPIA

IT Governance

JUNE 19, 2019

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. Before we crack on with our examples, we should explain how you can identify high-risk data processing activities.

GDPR

GDPR Personal data Risk Data breaches

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

UK ICO Releases Draft Direct Marketing Code of Practice for Public Consultation

Data Matters

FEBRUARY 10, 2020

On 8 January 2020, the UK’s Information Commissioner’s Office ( ICO ) published a draft Direct Marketing Code of Practice ( Draft Code ) for public consultation. a message informing a user they are approaching their monthly data limit). Importantly, an organisation will not avoid the direct marketing rules by using a neutral tone.

Marketing

Marketing GDPR Personal data Communications

CHINA: Navigating China Episode 15: Comprehensive New E-Commerce Rules Introduced

DLA Piper Privacy Matters

MARCH 24, 2021

Issues to be addressed include: Data privacy: compliant privacy notices/consents must be given to/obtained from customers using or buying via e-commerce or livestreaming platforms, sites, apps and services on or before collection or use of personal data, including appropriate direct marketing opt-ins and unsubscribe functions.

Personal data

Personal data Data Privacy Marketing Compliance

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. Everything from email addresses to political opinions counts as personal data.

GDPR

GDPR Compliance Personal data Privacy

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

Data Matters

JUNE 1, 2022

The Digital Markets Act (DMA) will impose a stringent regulatory regime on large online platforms (so-called “gatekeepers”) and give the European Commission (Commission) new enforcement powers, including an ability to impose severe fines and remedies for noncompliance. process and use personal data. Designation Process.

Marketing

Marketing Computer and Electronics Communications GDPR

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR

GDPR Compliance Personal data Privacy

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

Hunton Privacy

APRIL 25, 2022

Interested parties are invited to provide contributory research to reference and use case examples from the practice that impact or manipulate consumer choice. The law contains express consumer rights, controller and processor obligations, enforcement provisions and interpretative guidance.

Privacy

Privacy Personal data Sales Compliance

EU Regulatory Data Protection: Many pieces to the regulatory framework puzzle

DLA Piper Privacy Matters

JANUARY 26, 2022

Data is at the heart of the EU’s digital and green transformation, which are the two priorities of the European Commission. With the General Data Protection Regulation (GDPR), adopted in 2016, the EU has created a solid framework for the protection of personal data in line with the EU Charter of Fundamental Rights.

Personal data

Personal data GDPR Computer and Electronics Artificial Intelligence

GDPR for small business: the ultimate guide

IT Governance

JULY 2, 2020

The Regulation came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal data. Second, if you process EU residents’ personal data, the GDPR still applies. What is personal data?

GDPR

GDPR Personal data Data breaches Compliance

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

DLA Piper Privacy Matters

SEPTEMBER 17, 2018

30 of 2018 on the Personal Data Protection Law (PDPL). It will provide individuals with rights in relation to how their personal data can be collected, processed and stored. The PDPL also imposes new obligations upon businesses to ensure that the personal data they collect is kept secure. REGULATION.

Personal data

Personal data GDPR Compliance Risk

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

An exemption to the requirement to provide further fair processing information where personal data was collected directly from data subjects initially and is repurposed for research purposes later has also been identified, where to do so would involve disproportionate effort. Restrictions on nuisance calls will be tightened.

GDPR

GDPR Government Personal data Risk

List of mandatory documents required by the GDPR

IT Governance

JULY 31, 2019

Personal Data Protection Policy (Article 24). A data protection policy is a statement that sets out how your organisation protects personal data. If you are unsure what your data protection policy should include, this template , created by our expert GDPR practitioners, can help you create one in minutes.

GDPR

GDPR Data breaches Personal data Compliance

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Introduction to Data Protection Laws. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

EUROPE: Data protection regulators publish myth-busting guidance on machine learning

DLA Piper Privacy Matters

OCTOBER 10, 2022

For example, the ML system could be used to determine likely trends of categories of persons to default on loan agreements through the processing of financial default information. During the development and training of their algorithms, ML systems begin to adapt and recognise patterns within its data.

Personal data

Personal data GDPR Privacy Marketing

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. In this regard we expect it will be welcomed by local, regional and international businesses, in particular those that rely heavily upon personal data and international personal data flows. Exceptions.

Personal data

Personal data Data breaches GDPR Compliance

How to write a GDPR-compliant data subject access request procedure – with template

IT Governance

NOVEMBER 8, 2018

The EU’s GDPR (General Data Protection Regulation) gives data subjects the right to access their personal data from data controllers that are processing it and “to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing”.

GDPR

GDPR Access Personal data Compliance

EDPB Opinion on UK Adequacy: Strong Alignment but Challenges Remain

DLA Piper Privacy Matters

APRIL 19, 2021

During its 48th plenary session, the European Data Protection Board ( EDPB ) has adopted two opinions on the European Commission’s draft U.K. The GDPR imposes restrictions on the transfer of personal data to a ‘third country’ unless that country benefits from (i) an adequacy decision; (ii) appropriate safeguards (e.g.

Personal data

Personal data GDPR Access Marketing

Thales CipherTrust Data Security Platform Validated For Microsoft Azure Stack Hub and HCI

Thales Cloud Protection & Licensing

DECEMBER 7, 2022

Azure Stack enables customers to extend Azure services and capabilities to their environment of choice - from the data center to edge locations and remote offices. A recent customer example includes a public sector organization in Asia that needed to secure sensitive data on premises but wanted the functionality of Microsoft Azure.

Security

Security Cloud Digital transformation Compliance

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. One key part of this record-keeping activity is to document the category of individuals (employees, customers, etc.) What do you need to do to comply with Article 30?

GDPR

GDPR Personal data Risk Cloud

Popular Android apps with 142.5 million collective installs leak user data

Security Affairs

SEPTEMBER 30, 2021

In 2014, the platform was acquired by Google and had since become one of the most popular real-time data storage solutions on the market for Android apps. Using Firebase, developers can conveniently store authentication tokens, user credentials, personal data, and other types of app-related information in the cloud.

Access

Access Authentication Cloud Security

New Cybersecurity Directives (NIS2 and CER) Enter into Force

Hunton Privacy

JANUARY 18, 2023

For example, the concept of “essential entities” replaces “operators of essential services”; it is likely that most organizations classified as “operators of essential services” under the original NIS Directive will be classified as “essential entities” under the NIS2 Directive. Reinforced obligations.

Cybersecurity

Cybersecurity Healthcare Encryption Risk

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

Additional restrictions apply to processing special category and children’s data. Profiling is most often used for marketing purposes, but it is also used in other areas, such as healthcare, financial services and education, where large volumes of data need to be analysed in order to make quicker and more consistent decisions.

GDPR

GDPR Personal data Financial Services Compliance

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The GDPR applies to entities that are established in the EU, as well as entities not established in the EU that process the personal data of persons located in the EU in the context of either (i) offering goods or services to persons in the EU, or (ii) monitoring the behavior of persons in the EU.

GDPR

GDPR Privacy Personal data Sales

7 key stages of the data protection impact assessment (DPIA)

IT Governance

SEPTEMBER 4, 2019

2 ) Large-scale use of sensitive data : “(b) processing on a large scale of special categories of data referred to in Article 9(1), or of personal data relating to criminal convictions and offences referred to in Article 10”. The nature of the processing is what you plan to do with the personal data.

Personal data

Personal data GDPR Risk Access

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. DPAs have also published guidance around specific local law requirements.

Privacy

Privacy GDPR Data breaches Risk

Dark Side of the Moon: Extraterritorial Applicability of the UK Data Protection Act 2018 After Brexit

HL Chronicle of Data Protection

MARCH 4, 2019

The UK government has published its catchily-titled draft Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (DP Exit Regs), which amend the territorial applicability provisions of the UK’s Data Protection Act 2018 (DPA 2018) to ensure the law applies appropriately after the exit day.

GDPR

GDPR Personal data Privacy Communications

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

For example, a data controller collects data without proper legal basis and when it is later hacked, it fails to notify the supervisory authority. sending marketing emails in waves). 1) Category of infringement under Article 83(4) – (6) GDPR. Categories of personal data affected (e.g.

GDPR

GDPR Compliance Personal data IT

ICO update report into adtech and real time bidding

DLA Piper Privacy Matters

JULY 3, 2019

To facilitate this, publishers typically share with ad exchanges data such as user IP addresses, location data, device types, and can also include special category data of website users. RTB – what is it? And this all happens in milliseconds. This should be rectified. 2) Transparency.

GDPR

GDPR Data collection Personal data Marketing

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

On November 14, 2013, the Minister of the Malaysian Communications and Multimedia Commission (the “Minister”) announced that Malaysia’s Personal Data Protection Act 2010 (the “Act”) would be going into effect as of November 15, marking the end of years of postponements. The law imposes a number of generally applicable principles.

Personal data

Personal data Marketing Communications Insurance

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

According to the National Association of Insurance Commissioners (NAIC) report from October of 2021, the cybersecurity insurance market, including both U.S. This is driven by the proliferation of cyber claims across the entire market, particularly ransomware related. AXA XL accounts for about 10% of the current cyber insurance market.

Insurance

Insurance Ransomware Cybersecurity Marketing

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

GDPR: What’s the difference between personal data and sensitive data? There are also times when you must also complete a specific type of risk assessment, called a DPIA (data protection impact assessment) , to review the way you process personal data. See also: List of free GDPR resources and templates.

GDPR

GDPR Risk Compliance Personal data

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

The EU General Data Protection Regulation is a game changer , particularly enforcement of obligations to safeguard privacy rights. About the author: Andrew Pery is a marketing executive with over 25 years of experience in the high technology sector focusing on content management and business process automation. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The GDPR applies to entities that are established in the EU, as well as entities not established in the EU that process the personal data of persons located in the EU in the context of either (i) offering goods or services to persons in the EU, or (ii) monitoring the behavior of persons in the EU.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The GDPR applies to entities that are established in the EU, as well as entities not established in the EU that process the personal data of persons located in the EU in the context of either (i) offering goods or services to persons in the EU, or (ii) monitoring the behavior of persons in the EU.

GDPR

GDPR Privacy Personal data Sales

Trick or Treat: The Choice is Yours with Multifactor Authentication

Thales Cloud Protection & Licensing

OCTOBER 28, 2021

Multifactor authentication requires users to take an extra step to verify who they are by providing two or more distinct categories of evidence. Here are three terrifying examples. In 2018, the Timehop app suffered a serious breach that resulted in data belonging to 21 million users being compromised. Data security.

Authentication

Authentication Passwords Cloud Data breaches

Spanish DPA on Use of Cookies: Continued Browsing is Consent

HL Chronicle of Data Protection

NOVEMBER 19, 2019

On November 8, the Spanish data protection authority (AEPD) published new Guidelines on the Use of Cookies (Guidelines) (Spanish only). The Guidelines have been prepared in collaboration with different organisations in the marketing and online advertising industries ( e.g. , Adigital , Iab Spain , etc.), Categories of cookies.

Compliance

Compliance Personal data GDPR Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. DPAs have also published guidance around specific local law requirements.

Privacy

Privacy GDPR Data breaches Risk

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

The CCPA officially went into effect on January 1, 2020, impacting over 40 million California residents and thousands of businesses who use personal information (PI) around the globe. Consumers can ask businesses what categories of their PI is being collected. Businesses must provide clear notice about categories of PI it collects.

Data Privacy

Data Privacy Privacy Government Compliance

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The European Commission Fact Sheet and Q&A includes statistics that nine out of ten Europeans have expressed concern about mobile apps collecting their data without their consent, and seven out of ten worry about the potential use that companies may make of the information disclosed. Challenge #1.

GDPR

GDPR Personal data Compliance Data breaches

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

for example, has recently seen a spate of attacks on power substations; capabilities unleashed by the war in Ukraine create the potential for much worse. DigiCert predicts that 2023 will be “the Year of the SBOM,” as the software bill of materials framework moves from a federal requirement to the commercial market.

Security

Security Ransomware Cybersecurity Privacy

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

ITALY: Data Protection law integrating the GDPR in place

DLA Piper Privacy Matters

SEPTEMBER 10, 2018

The regime for special categories of personal data still needs to be completed. The Italian Data Protection Authority is requested to issue a list of additional requirements to be observed in the processing of genetic, biometric and health related data. Is direct marketing subject to consent?

GDPR

GDPR Privacy Compliance Marketing

What Is Data Minimisation? Definition & Examples

New guidance on direct marketing

Webinars

Trending Sources

Examples of data processing activities that require a DPIA

Webinars

UK ICO Releases Draft Direct Marketing Code of Practice for Public Consultation

CHINA: Navigating China Episode 15: Comprehensive New E-Commerce Rules Introduced

GDPR compliance checklist

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

How to implement the General Data Protection Regulation (GDPR)

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

EU Regulatory Data Protection: Many pieces to the regulatory framework puzzle

GDPR for small business: the ultimate guide

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

List of mandatory documents required by the GDPR

The Impact of Data Protection Laws on Your Records Retention Schedule

EUROPE: Data protection regulators publish myth-busting guidance on machine learning

UAE: Federal level data protection law enacted

How to write a GDPR-compliant data subject access request procedure – with template

EDPB Opinion on UK Adequacy: Strong Alignment but Challenges Remain

Thales CipherTrust Data Security Platform Validated For Microsoft Azure Stack Hub and HCI

How to comply with Article 30 of the GDPR

Popular Android apps with 142.5 million collective installs leak user data

New Cybersecurity Directives (NIS2 and CER) Enter into Force

GDPR automated decision-making and profiling: what are the requirements?

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

7 key stages of the data protection impact assessment (DPIA)

The Privacy Officers’ New Year’s Resolutions

Dark Side of the Moon: Extraterritorial Applicability of the UK Data Protection Act 2018 After Brexit

EDPB publishes guidance on calculating GDPR fines

ICO update report into adtech and real time bidding

Malaysian Data Protection Law Takes Effect

Top 8 Cyber Insurance Companies for 2022

Why risk assessments are essential for GDPR compliance

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Trick or Treat: The Choice is Yours with Multifactor Authentication

Spanish DPA on Use of Cookies: Continued Browsing is Consent

The Privacy Officers’ New Year’s Resolutions

5 learnings from the “Meeting the CCPA Challenge” webinar

GDPR is upon us: are you ready for what comes next?

Security Outlook 2023: Cyber Warfare Expands Threats

California Enacts Broad Privacy Laws Modeled on GDPR

ITALY: Data Protection law integrating the GDPR in place

Stay Connected