GDPR Retail Case Study

Posted on

Retailer Background This case study is based on a recent audit carried out on a high street retailer client. The retail industry typically works on high volume sales. For the high street, this also means high staff turnover, shops, warehouses, distribution, and consumer regulation. Sales and marketing is important to them and helps to entice […]

Data Loss Prevention

Posted on

Article 32 – Security of processing states “Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical […]

The Articles: No. 7 – Conditions for consent

Posted on

Can I demonstrate freely given, specific, informed and unambiguous consent? In our fourth “The Articles” Series post we look at Article 7 – Conditions for consent. This follows on from our previous post on Lawfulness of Processing that concluded “consent should be the basis for processing PII for behavioural advertising”.

The Articles: No. 42 Certification

Posted on

GDPR Certification, what is it and do I need it? The GDPR (General Data Protection Regulation) is already UK law. As with any law, abiding by it is not a choice it is mandatory. If, as a business you fall within scope of the GDPR due to the data you process then you must comply.

The Articles: No. 32 – Security of processing

Posted on

GDPR is not just about security, is it…? In a series of posts over the coming weeks GDPR Auditing will take a look at some of the more significant articles of the GDPR. In this post, the first from our “The Articles” series, we look at Article 32 – Security of Processing, that on the […]

Are your data processors GDPR compliant?

Posted on

Your compliancy depends on your data processors, and their processors… GDPR Auditing is a an established company providing auditing, training and consultancy services focused on the EU General Data Protection Regulation. Its not just your business that needs to be GDPR compliant, your service providers if processing personal Identifiable Information (PII) for your business also […]

ICO Launches GDPR Checklist for Direct Marketing

Posted on

Direct marketing is one of the areas GDPR is looking to exert some control over, so it’s good to see this checklist coming out. I wonder how many companies could tick all or indeed any of the boxes? ICO Direct Marketing article. © GDPR Auditing 2017 The information provided in this post is for general information […]