Dixons Carphone Warehouse get maximum ICO fine and potential PCI Fines So DSG or colloquially Dixons Carphone Warehouse has managed to avoid a hefty fine from the Information Commissioner. Apparently, the assessment was against the old Data Protection Act 1998 rather than the more punitive GDPR. Much of the issue was related to PCI DSS […]
Something for Nothing It’s not often that you get something for nothing. Not from consultancies at least I hear you say. And you would be right, but consultants need to eat too. This something for nothing isn’t really ours to give away but it might just save you some money, or better a fine or […]
In this post we discuss whether the 13 months old GDPR regulation is proving more difficult to police that the old Data Protection ACT 1998. The DPA 1998 is now quite old and for the eagle eyed is also obsolete, but the fines and enforcement notices were steady. Roughly speaking, we would say that there were […]
Do you consider your business to be ethical, upstanding and law abiding? Do your policies talk about employee respect, standards and behaviour, social media rules, drugs and alcohol? Does your business abide by industry standard for health and safety, distance selling, kite marks, ISO standards, even PCI? Most businesses will recognise and uphold many of […]
Registering with the ICO Organisations across the business services, construction and finance sectors are among the first to be fined by the ICO for not paying their data protection fee. For anyone who has taken the ‘we’ll just wait and see what happens approach’, this action shows the ICO’s intent. Registration is a small step […]
They all form part of a very important question which is “Will Convention 108+ Help Britain with a GDPR Adequacy Ruling Post Brexit?” Why does this matter you may ask yourself? GDPR is a Regulation applicable to countries who are part of the EU/EEA and who have therefore signed up to GDPR by default for […]
Can I demonstrate freely given, specific, informed and unambiguous consent? In our fourth “The Articles” Series post we look at Article 7 – Conditions for consent. This follows on from our previous post on Lawfulness of Processing that concluded “consent should be the basis for processing PII for behavioural advertising”.
Direct marketing is one of the areas GDPR is looking to exert some control over, so it’s good to see this checklist coming out. I wonder how many companies could tick all or indeed any of the boxes? ICO Direct Marketing article. © GDPR Auditing 2017 The information provided in this post is for general information […]