Resources
20 years of legal experience wrapped up in helpful, easy to digest updates
Our videos and podcasts
Dymystifying GDPR Podcast – Episode 3
True or false? We have the right to keep old employee data and deny a request to be forgotten. We take a closer look at the processing of personal data within organisations with both employees and the customer in mind – including retention policies, the right to be...
Dymystifying GDPR Podcast – Episode 2
True or false - if someone gives me their business card, can I email them? https://vimeo.com/406772558
Introduction to GDPR
https://vimeo.com/404513621 GET YOUR FREE GDPR CHECKLIST AND TEMPLATE!
Dymystifying GDPR Podcast – Episode 1
In this podcast we look at what is defined as personal data, the obligations on data processors and data controllers under the GDPR, and whether or not there’s a particular size of company that are required to have a dedicated Data Protection Officer (DPO)....
Our blogs
If you’re profiling customers do you always require consent?
Clients who carry out profiling on the database of customer data, are asking the question – do we need to get consent for profiling? Read on, to find out… The first question to ask: What is “profiling” under GDPR? Here is the GDPR definition of profiling: “any form of...
![What’s in a [Domain] name?](https://www.digitalbusinesslawyers.com/wp-content/uploads/2020/04/domain-names-1772242_1280-400x250.jpg)
What’s in a [Domain] name?
Imagine being on a speed date (remember those).... you might want to wear a badge, so that folk remember your name... Like that, your business will need an internet domain name (or perhaps several) that will direct users to the site. You can register a new domain...
Protect your online self
I've been thinking recently about looking after myself, and my assets... and how to make my online business work. Understanding what the value is in your business will stand you in great stead. One valuable part of your business is the intellectual property rights in...
Developing a website
Unless you have the necessary expertise in-house, you're probably going to need to find someone to: Design and develop the site - you'll need a website design and development agreement.Host the site - this will be done by an internet service provider (ISP). Here you...
You focus on growth, we’ll take care of the legal complexities!
Most things in life are a journey and it's often our passion that leads us on our journey. Which is where I find myself, writing for you on my website digitalbusinesslawyers.com! You may be starting an online business or be well on your way to making profits and have...
What’s missing?
I saw a poster for a missing cat near to where I live earlier today, as I was out running.... the poor owners must be worried about him. It made me think about what might be missing from life... or, importantly, from your business. Starting an online business is fun,...
Innovation and consumer trust – the Regulator’s view
If you're looking to use personal data in your digital business in the future - wouldn't it be useful to know what the regulator thinks? Wouldn't it be useful to know about Elizabeth Denham – the Information Commissioner, who regulates the use of personal data in the...
Penalties for sending marketing – how much will we get?
In a recent case, the court set out some guidance for how much fine you might get if you’re sending marketing communications without getting the right consent (and this is even before GDPR comes into force next May)… In this case, LAD Media sent almost 400,000 text...
When can you release photos of faces?
When can you take and publish pictures of people without their consent? A legitimate, and interesting question, which might depend whose picture you're taking. Releasing Jeremy Corbyn’s image on Virgin trains was not a breach, according to the ICO…(it was in Virgin's...
GDPR – some concerns – and insights…
I'm attending many seminars and webinars, and speaking at conferences on GDPR. The new General Data Protection Regulation, which comes into force in May 2018. Here are some of the concerns I'm hearing about: Legacy data - what do we do with our existing customer...
GDPR – the myths… according to the Information Commisisoner
So, you've heard plenty about the sanctions which will apply from next May 2018. Well, this week, the Information Commissioner in her blog, sets out to explore those myths. The truth is, all businesses need to understand more about the requirements of GDPR, and how to...
ICO sets out international vision and route to GDPR compliance
The ICO has released its international strategy, plotting its plans for Brexit and GDPR compliance. The ICO must iron out differences between UK and EU data visions The Information Commissioner's Office (ICO) has published its international strategy, setting out its...
Preparing for GDPR
So, you may have heard of the GDPR, which will be enforced from 25th May 2018, and you may know about the UK Regulator’s vision of increasing data trust and confidence across the UK public The ICO recently emphasised the importance of data protection in the digital...
GDPR still applies outside of Europe
For clients in the USA it can sometimes come as a surprise to European law also applies to them. Often the impact is minimal - contracts may be broadly the same, property law and employment law somewhat different - But with data protection its another matter -...
Malware – 10 (or more) steps to prevent it
In light of the recent cyber-attacks - a reminder from the NCSC website of some sensible steps to take. The original article was called "10 steps to prevent it... but if you count them carefully this article over-delivers! Malicious software, or malware is...
What’s the methodology for carrying out a DPIA?
This builds on each stage of the process and includes the following steps: Describing the information you are processing, and how the processing works, and the purposesYou must assess the ‘necessity’ for the processing and ‘proportionality’Next you will assess...
Data protection impact assessments – What you need to know… when do you need to do one?
DPIAs are Data Protection Impact Assessments – these assessments are required for all organisations doing high risk processing. DPIAs could also be seen as a tool for accountability and could be used in other situations as well: conducting a DPIA should help...