Legal Services
Data protection can be complicated.
It is sensible to choose a specialist to advise you.
We offer advice in relation to your legal obligations under data protection legislation such as:
The Principles
What the law says you must do when processing personal data
Lawful processing
How to lawfully collect, use, share and retain/ destroy ordinary and ‘special category’ personal data.
Privacy notices
What and how to tell individuals under the GDPR e.g. purpose of processing, legal basis, who you share with etc.
Individual rights
What the rights of individuals are e.g. subject access (SAR’s) and exemptions, erasure, objection and when and how to respond
Marketing
How to market to individuals lawfully under the GDPR and the privacy (‘PECR’) regulations
Cookies and other tracking technologies
What is required in a Notice and the need for consent
CCTV / facial recognition
Legal ground to use, procedures and Data Protection Impact Assessments
Data Sharing
How to lawfully share personal data
BREXIT
Appointing a UK and/ or EU representative and your obligations
Contracts
Due diligence in respect of suppliers who process data for you e.g. I.T support, payroll or cloud services. Ensuring the necessary GDPR compliant contracts are in place
Record of Processing Activities
What records you need to keep and what should be recorded
Documentation
Policy and procedure drafting
Security
What the law requires you to do
Data breaches
Assessing risk of harm to individuals after a personal data breach and liaison with the ICO and affected individuals on your behalf. Advice on your liability.
Data Protection Impact Assessments
Assessing privacy risks and putting in place measures to do away/ reduce risk
Overseas transfers
Advice as to how to lawfully export personal data out of and into the UK
DPA/OK can help with the above and more.
For more information on any of the above, please contact us.