Trusted Partners on your Privacy Journey
Trusted Partners on your Privacy Journey
Fully outsourced Data Protection Officers and support teams. Based in London, Dublin and the Netherlands our Data Protection Officers are CIPP/E or BCS qualified Privacy Professionals with a proven track record in successfully supporting organisations worldwide.
Implementing data privacy legislation can sometimes be overwhelming. We have been delivering successful and award winning privacy transformation projects since 2000. Whether you need a gap analysis or detailed review, Data Privacy Assessments or privacy experts who can help.
Collaborating with digital ethics experts and UX designers we build privacy by design into your products and services.
Smart Privacy technology simplifies complying with the new GDPR record keeping requirements for Article 30 records of processing, Data Privacy Impact Assessments (DPIAs), individual rights requests and privacy notices.
The UK Government has now formally introduced the ‘GDPR replacement’ Data Protection and Digital Information Bill into Parliament after nearly a year of consultation and response. The Bill outlines key changes in the UK Data Protection Regime. In response to concerns over divergence from GDPR, the Department of Culture, Media and Sport has said that “organisations currently compliant with the GDPR would not need to significantly change their approach”.
Read the full UK Data Protection and Digital Information Bill, here.
On 7 April 2022, the European Data Protection Board (EDPB) announced that it had adopted a statement on the announcement of an agreement in principle on the new Trans-Atlantic Data Privacy Framework. The EDPB welcomed the progress made by the European Commission and the United States on a data privacy framework for cross-border transfers. In particular, the EDPB praised the US Government’s efforts to develop ‘unprecedented’ safeguards for EEA data subjects whose data is transferred to the US. Further, the EDPB reminded businesses that the agreement does not yet constitute a legal framework that can be relied on to transfer personal data to the US and reiterated that businesses must continue to implement supplementary measures to facilitate transfers of data to the US.
You can read the statement here
One decision was adopted under the GDPR and the other for the Law Enforcement Directive (covering the Police and other law enforcement bodies).
Both adequacy arrangements include limiting the adequacy decision to 4 years. This is the first time, an adequacy decision about a third country has included a sunset clause to limit the duration of the adequacy finding. The adequacy arrangements have now entered into force which means that European companies can now send personal information from the EEA to the UK without using other transfer mechanisms such as standard contractual clauses for data transfers.
The decision documents and European Press Release can be found here.
The European Commissioner’s decision takes effect as of 27th June which means organisations wishing to use the clauses can do so, from this date onwards. Organisations wishing to use the old clauses for new data transfers, can do so until 27th September. Any new transfers from 27th September will require use of the new clauses. Organisations have until 22nd December 2022 to replace the old clauses. These new SCCs include the Article 28(2) – 28(4), GDPR requirements therefore if the data importer is a processor or sub-processor, there would be no need to enter into two separate agreements to cover Article 28 and Article 46, GDPR requirements.
We are currently hiring privacy analysts for our graduate recruitment programme
We use necessary cookies to make our site work. We would also like your permission to set optional analytics cookies to help us improve it. Clicking 'Accept' below will set cookies on your device to remember your preferences. Find out more in our Privacy Policy or scroll down to read more about the different types of cookies.
Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.
Where you select "Accept" we set Google Analytics cookies to help us to improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone. For more information on how these cookies work see https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en-US