Data protection can be complicated. It is sensible to choose a specialist to advise you. We offer advice and legal services in relation to your legal obligations under data protection legislation such as:
What the law says you must do when processing personal data
How to lawfully collect, use, share and retain/ destroy ordinary and ‘special category’ personal data.
What and how to tell individuals under the GDPR e.g. purpose of processing, legal basis, who you share with etc.
What the rights of individuals are e.g. subject access (SAR’s) and exemptions, erasure, objection and when and how to respond
How to market to individuals lawfully under the GDPR and the privacy (‘PECR’) regulations
Cookies and other tracking technologies
What is required in a Notice and the need for consent
CCTV / facial recognition
Legal ground to use, procedures and Data Protection Impact Assessments
How to lawfully share personal data
Appointing a UK and/ or EU representative and your obligations
Due diligence in respect of suppliers who process data for you e.g. I.T support, payroll or cloud services. Ensuring the necessary GDPR compliant contracts are in place
Record of Processing Activities
What records you need to keep and what should be recorded
Policy and procedure drafting
What the law requires you to do
Assessing risk of harm to individuals after a personal data breach and liaison with the ICO and affected individuals on your behalf. Advice on your liability.
Data Protection Impact Assessments
Assessing privacy risks and putting in place measures to do away/ reduce risk
Advice as to how to lawfully export personal data out of and into the UK
DPA/OK can help with the above and more.
For more information on any of the above, please contact us.