SlideShare a Scribd company logo

Is your business GDPR ready?

G
Gareth Miller

An overview of the key facts about the GDPR and what businesses need to do before the legislation goes live in May 2018. Originally delivered at an event in September 2017 by Carswell Gould (a marketing communications agency) and Moore Blatch (a law firm) and in collaboration with Sofigate (an IT consultancy).

Business
1 of 15
Download to read offline
Is your business GDPR ready? BROUGHT TO YOU BY 27/09 Richmond 28/09 Southampton
Is your business GDPR ready? Welcome Moore Blatch, Carswell Gould and Sofigate recently joined forces for two GDPR breakfast briefings, in Richmond and Southampton. The three firms have combined their know-how on the subject to deliver a unique insight into the legal, communication, IT challenges and opportunities presented by the GDPR. Our aim is to help you get GDPR ready!
Is your business GDPR ready? We’re different because we believe the most important person in a legal team isn’t the lawyer, it’s you. So we give you more than other law firms. More expertise. More depth. More clarity. Whatever you face in life or in business, we won’t be just your lawyer, we’ll be your trusted friend and confidant as well. Our job is to listen and understand, and then use our expertise to find the best solution for you. You’ll find we are fast and efficient, with a team based approach and a relentless focus on quality. You’ll also find our prices are competitive, giving you excellent value for money. We’re the south’s best connected creative communications agency. We start with the customer and focus on delivering measurable impact to exceed expectations. Our work spans a wide range of industries including professional services, education, culture and heritage, land and property, start-ups and marine. Our single minded aim is to help our clients’ businesses grow. Each of our core services of content, web development and creative design have all recently been recognised by leading industry bodies including three Hermes Creative Awards, twelve CIPR PRide Awards and we’ve been a finalist at the Wirehive 100 Awards on multiple occasions, so you know you are in good hands. We work hand in hand with global clients to deliver transformational digital changes, shaping landscapes internally and externally by accelerating growth, reducing cost and cutting time to market. Our primary focus is on enabling through technology, allowing our clients to leverage existing digital competencies, exploring new technologies and transforming existing technologies, empowering them to seize opportunities both old and new. Our ways of working deliver tangible results that build on the business capabilities provided by technology, fostering sustainable and lasting positive change. www.carswellgould.co.uk www.mooreblatch.com www.sofigate.com
Presenters Is your business GDPR ready? Ed Gould Creative Director Dorothy Agnew Partner Nick Russell Director Gareth Miller Managing Director John Warchus Partner Peter Truman Director
What is the GDPR? ● General Data Protection Regulation ● Replaces the UK Data Protection Act 1998 (DPA) ● Live from 25 May 2018 ● Will affect every organisation that collects or handles data relating to EU residents. ● Monitored by national supervisory authorities Is your business GDPR ready?
It’s all about personal data The use of data will be subject to the GDPR where it involves processing personal data There are two types of processors of personal data: 1. Controllers - determine purpose and means of processing personal data 2. Processors - process personal data on behalf of the controller Is your business GDPR ready?
Six principles of data processing Personal data must be processed in accordance with the following six principles: 1. Processed fairly and lawfully and in a transparent manner 2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes 3. Adequate, relevant, limited to what is necessary 4. Accurate and, where necessary, kept up to date 5. Kept in a form which permits identification of data subjects for no longer than necessary 6. Processed in a manner that ensures appropriate security of the personal data Is your business GDPR ready?
Six conditions of processing Processing is only lawful if at least one of these six conditions apply: 1. You have the data subject’s consent 2. Processing is necessary for the performance of a contract 3. Processing is necessary for compliance with a legal obligation of controller 4. Processing is necessary to protect the data subject’s vital interests 5. Processing is necessary to perform a task carried out in the public interest or the exercise of official authority 6. Processing is necessary for the purposes of the legitimate interest of the controller or third party, except where overridden by interests or fundamental rights/freedoms of data subject Is your business GDPR ready?
New obligations on controllers ● To demonstrate compliance with the data protection principles ● To carry out impact assessments ● Appoint a data protection officer (DPO) ● Data protection by design and default ● Notification of breaches ● Keep a record of processing activities Is your business GDPR ready?
New rights for data subjects ● Broader rights of subject access ● Right to be forgotten (erasure) ● Right to object to profiling for direct marketing purposes ● Data portability Is your business GDPR ready?
Increased fines for non-compliance Controllers ● Fines up to (greater of) 4% of annual worldwide turnover of the preceding financial year or 20 million euros Processors ● Fines up to (greater of) 2% of annual worldwide turnover of the preceding financial year or 10 million euros Is your business GDPR ready?
Is your business GDPR ready? The GDPR and direct marketing Put someone in charge of GDPR in your business to: ● Update processes and communication for the collection, cleansing and storage of personal data ● Create/update your internal data policy ● Update ○ current terms and conditions ○ data protection policy ○ sign-up forms ○ privacy notices ● Invite and encourage your active customers and subscribers ● Enshrine solid and consistent deletion processes
1. Live from 25 May 2018 2. Consent should be – freely given, specific, informed and unambiguous 3. Data portability 4. Right to erasure/Right to be forgotten 5. You may be required to appoint a data protection officer (DPO) 6. Fines of up to £20 million, or 4% of turnover Is your business GDPR ready? Summary - Six key ‘takeaways’ about the GDPR
1. Promote awareness of GDPR with your team 2. Audit the data you hold and how it is collected 3. Check the privacy policies and procedures you have in place 4. Be prepared to provide information to individuals and allow for exercise of their other rights 5. Review processing of data based on consent and collect and store the evidence 6. Consider special procedures for dealing with children's data 7. Review and if necessary update security for data and prepare for possible data breaches 8. Implement “Data Protection by Design and Default” 9. Review appointment of a Data Protection Officer 10. Don’t ignore it! Is your business GDPR ready? 10 steps to get in shape for GDPR
Thank You BROUGHT TO YOU BY

Recommended

2018 Client Briefing GDPR
2018 Client Briefing GDPR2018 Client Briefing GDPR
2018 Client Briefing GDPRCarsted Rosenberg Advokatfirma
 
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17Alessandra Gambrill - Guion
 
FinTech Belgium GDPR MeetUp - PwC - 14/09/17
FinTech Belgium GDPR MeetUp - PwC - 14/09/17FinTech Belgium GDPR MeetUp - PwC - 14/09/17
FinTech Belgium GDPR MeetUp - PwC - 14/09/17Alessandra Gambrill - Guion
 
FinTech Belgium GDPR MeetUp - Laga - 14/09/17
FinTech Belgium GDPR MeetUp - Laga - 14/09/17FinTech Belgium GDPR MeetUp - Laga - 14/09/17
FinTech Belgium GDPR MeetUp - Laga - 14/09/17Alessandra Gambrill - Guion
 
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteSilverTech
 
GDPR Readiness
GDPR ReadinessGDPR Readiness
GDPR ReadinessNGA Human Resources
 
GDPR Affects Email Worldwide
GDPR Affects Email WorldwideGDPR Affects Email Worldwide
GDPR Affects Email WorldwideSparkPost
 

Recommended

2018 Client Briefing GDPR
2018 Client Briefing GDPR2018 Client Briefing GDPR
2018 Client Briefing GDPRCarsted Rosenberg Advokatfirma
 
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17Alessandra Gambrill - Guion
 
FinTech Belgium GDPR MeetUp - PwC - 14/09/17
FinTech Belgium GDPR MeetUp - PwC - 14/09/17FinTech Belgium GDPR MeetUp - PwC - 14/09/17
FinTech Belgium GDPR MeetUp - PwC - 14/09/17Alessandra Gambrill - Guion
 
FinTech Belgium GDPR MeetUp - Laga - 14/09/17
FinTech Belgium GDPR MeetUp - Laga - 14/09/17FinTech Belgium GDPR MeetUp - Laga - 14/09/17
FinTech Belgium GDPR MeetUp - Laga - 14/09/17Alessandra Gambrill - Guion
 
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteSilverTech
 
GDPR Readiness
GDPR ReadinessGDPR Readiness
GDPR ReadinessNGA Human Resources
 
GDPR Affects Email Worldwide
GDPR Affects Email WorldwideGDPR Affects Email Worldwide
GDPR Affects Email WorldwideSparkPost
 
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...DATUM LLC
 
Competitive Intelligence Services
Competitive Intelligence ServicesCompetitive Intelligence Services
Competitive Intelligence ServicesMuruga J
 
The GDPR for B2B Marketers
The GDPR for B2B MarketersThe GDPR for B2B Marketers
The GDPR for B2B MarketersDemandbase
 
General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018Fraser Hay
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR The Pathway Group
 
The Basics of GDPR
The Basics of GDPR The Basics of GDPR
The Basics of GDPR Bhupesh Chaurasia
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in MaltaBridgeWest.eu
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQsTech Data
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsElliot Reeman
 
How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019TechSoup Canada
 
GDPR: the Steps Event Planners Need to Follow
GDPR: the Steps Event Planners Need to FollowGDPR: the Steps Event Planners Need to Follow
GDPR: the Steps Event Planners Need to Followetouches
 
GDPR Compliance
GDPR ComplianceGDPR Compliance
GDPR ComplianceMiguel Mello
 
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Delphix
 
Why is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksWhy is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksVISTA InfoSec
 
GDPR Explained - A Quick Guide for US Businesses
GDPR Explained - A Quick Guide for US BusinessesGDPR Explained - A Quick Guide for US Businesses
GDPR Explained - A Quick Guide for US BusinessesJessica Clark
 
CIO Summit talk: EU GDPR
CIO Summit talk: EU GDPRCIO Summit talk: EU GDPR
CIO Summit talk: EU GDPRJohn Culkin
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationPete S
 
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430Jean-François LOMBARDO
 
What to include in a staff handbook
What to include in a staff handbook What to include in a staff handbook
What to include in a staff handbook AmberBoniface
 
GDPR & Demand Generation: What Your Team Needs To Know
GDPR & Demand Generation: What Your Team Needs To KnowGDPR & Demand Generation: What Your Team Needs To Know
GDPR & Demand Generation: What Your Team Needs To KnowHannah Flynn
 
MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017Match-Maker Ventures
 

More Related Content

What's hot

Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...DATUM LLC
 
Competitive Intelligence Services
Competitive Intelligence ServicesCompetitive Intelligence Services
Competitive Intelligence ServicesMuruga J
 
The GDPR for B2B Marketers
The GDPR for B2B MarketersThe GDPR for B2B Marketers
The GDPR for B2B MarketersDemandbase
 
General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018Fraser Hay
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in MaltaBridgeWest.eu
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQsTech Data
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsElliot Reeman
 
How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019TechSoup Canada
 
GDPR: the Steps Event Planners Need to Follow
GDPR: the Steps Event Planners Need to FollowGDPR: the Steps Event Planners Need to Follow
GDPR: the Steps Event Planners Need to Followetouches
 
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Delphix
 
Why is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksWhy is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksVISTA InfoSec
 
GDPR Explained - A Quick Guide for US Businesses
GDPR Explained - A Quick Guide for US BusinessesGDPR Explained - A Quick Guide for US Businesses
GDPR Explained - A Quick Guide for US BusinessesJessica Clark
 
CIO Summit talk: EU GDPR
CIO Summit talk: EU GDPRCIO Summit talk: EU GDPR
CIO Summit talk: EU GDPRJohn Culkin
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationPete S
 
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430Jean-François LOMBARDO
 
What to include in a staff handbook
What to include in a staff handbook What to include in a staff handbook
What to include in a staff handbook AmberBoniface
 

What's hot (20)

Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
 
Competitive Intelligence Services
Competitive Intelligence ServicesCompetitive Intelligence Services
Competitive Intelligence Services
 
The GDPR for B2B Marketers
The GDPR for B2B MarketersThe GDPR for B2B Marketers
The GDPR for B2B Marketers
 
General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
The Basics of GDPR
The Basics of GDPR The Basics of GDPR
The Basics of GDPR
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in Malta
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR Regulations
 
How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019How to be CASL & GDPR Compliant for the New Year 2019
How to be CASL & GDPR Compliant for the New Year 2019
 
GDPR: the Steps Event Planners Need to Follow
GDPR: the Steps Event Planners Need to FollowGDPR: the Steps Event Planners Need to Follow
GDPR: the Steps Event Planners Need to Follow
 
GDPR Compliance
GDPR ComplianceGDPR Compliance
GDPR Compliance
 
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
 
Why is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksWhy is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with links
 
GDPR Explained - A Quick Guide for US Businesses
GDPR Explained - A Quick Guide for US BusinessesGDPR Explained - A Quick Guide for US Businesses
GDPR Explained - A Quick Guide for US Businesses
 
CIO Summit talk: EU GDPR
CIO Summit talk: EU GDPRCIO Summit talk: EU GDPR
CIO Summit talk: EU GDPR
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
Eic munich-2019-ripple effect of gdpr in na- cx pa-rev20190430
 
What to include in a staff handbook
What to include in a staff handbook What to include in a staff handbook
What to include in a staff handbook
 

Similar to Is your business GDPR ready?

GDPR & Demand Generation: What Your Team Needs To Know
GDPR & Demand Generation: What Your Team Needs To KnowGDPR & Demand Generation: What Your Team Needs To Know
GDPR & Demand Generation: What Your Team Needs To KnowHannah Flynn
 
MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017Match-Maker Ventures
 
CWIN17 telford gdpr – threat, overhead or opportunity - doug davidson
CWIN17 telford gdpr – threat, overhead or opportunity - doug davidsonCWIN17 telford gdpr – threat, overhead or opportunity - doug davidson
CWIN17 telford gdpr – threat, overhead or opportunity - doug davidsonCapgemini
 
A Brief Overview on GDPR
A Brief Overview on GDPRA Brief Overview on GDPR
A Brief Overview on GDPRNeha Patel
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Complianceaccenture
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperServersys
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
 
Preparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must KnowPreparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must KnowIntegrate
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkPECB
 
GDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadGDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadVisitor Analytics
 
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-smIBM Sverige
 
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersGDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersSpain-Holiday.com
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
 
Six Key Components to Achieving GDPR Security Requirements
Six Key Components to Achieving GDPR Security RequirementsSix Key Components to Achieving GDPR Security Requirements
Six Key Components to Achieving GDPR Security RequirementsJeff Katanick
 

Similar to Is your business GDPR ready? (20)

GDPR & Demand Generation: What Your Team Needs To Know
GDPR & Demand Generation: What Your Team Needs To KnowGDPR & Demand Generation: What Your Team Needs To Know
GDPR & Demand Generation: What Your Team Needs To Know
 
MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017
 
CWIN17 telford gdpr – threat, overhead or opportunity - doug davidson
CWIN17 telford gdpr – threat, overhead or opportunity - doug davidsonCWIN17 telford gdpr – threat, overhead or opportunity - doug davidson
CWIN17 telford gdpr – threat, overhead or opportunity - doug davidson
 
A Brief Overview on GDPR
A Brief Overview on GDPRA Brief Overview on GDPR
A Brief Overview on GDPR
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
 
GDPR - what you need to know
GDPR - what you need to know GDPR - what you need to know
GDPR - what you need to know
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist Whitepaper
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) Changes
 
Preparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must KnowPreparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must Know
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC Framework
 
GDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadGDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free Download
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
 
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
 
20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here
 
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersGDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
 
GDPR: Time to Act
GDPR: Time to ActGDPR: Time to Act
GDPR: Time to Act
 
Six Key Components to Achieving GDPR Security Requirements
Six Key Components to Achieving GDPR Security RequirementsSix Key Components to Achieving GDPR Security Requirements
Six Key Components to Achieving GDPR Security Requirements
 

Recently uploaded

Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncrdollysharma2066
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024Matteo Carbone
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 

Recently uploaded (20)

Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchir
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 

Is your business GDPR ready?

  • 1. Is your business GDPR ready? BROUGHT TO YOU BY 27/09 Richmond 28/09 Southampton
  • 2. Is your business GDPR ready? Welcome Moore Blatch, Carswell Gould and Sofigate recently joined forces for two GDPR breakfast briefings, in Richmond and Southampton. The three firms have combined their know-how on the subject to deliver a unique insight into the legal, communication, IT challenges and opportunities presented by the GDPR. Our aim is to help you get GDPR ready!
  • 3. Is your business GDPR ready? We’re different because we believe the most important person in a legal team isn’t the lawyer, it’s you. So we give you more than other law firms. More expertise. More depth. More clarity. Whatever you face in life or in business, we won’t be just your lawyer, we’ll be your trusted friend and confidant as well. Our job is to listen and understand, and then use our expertise to find the best solution for you. You’ll find we are fast and efficient, with a team based approach and a relentless focus on quality. You’ll also find our prices are competitive, giving you excellent value for money. We’re the south’s best connected creative communications agency. We start with the customer and focus on delivering measurable impact to exceed expectations. Our work spans a wide range of industries including professional services, education, culture and heritage, land and property, start-ups and marine. Our single minded aim is to help our clients’ businesses grow. Each of our core services of content, web development and creative design have all recently been recognised by leading industry bodies including three Hermes Creative Awards, twelve CIPR PRide Awards and we’ve been a finalist at the Wirehive 100 Awards on multiple occasions, so you know you are in good hands. We work hand in hand with global clients to deliver transformational digital changes, shaping landscapes internally and externally by accelerating growth, reducing cost and cutting time to market. Our primary focus is on enabling through technology, allowing our clients to leverage existing digital competencies, exploring new technologies and transforming existing technologies, empowering them to seize opportunities both old and new. Our ways of working deliver tangible results that build on the business capabilities provided by technology, fostering sustainable and lasting positive change. www.carswellgould.co.uk www.mooreblatch.com www.sofigate.com
  • 4. Presenters Is your business GDPR ready? Ed Gould Creative Director Dorothy Agnew Partner Nick Russell Director Gareth Miller Managing Director John Warchus Partner Peter Truman Director
  • 5. What is the GDPR? ● General Data Protection Regulation ● Replaces the UK Data Protection Act 1998 (DPA) ● Live from 25 May 2018 ● Will affect every organisation that collects or handles data relating to EU residents. ● Monitored by national supervisory authorities Is your business GDPR ready?
  • 6. It’s all about personal data The use of data will be subject to the GDPR where it involves processing personal data There are two types of processors of personal data: 1. Controllers - determine purpose and means of processing personal data 2. Processors - process personal data on behalf of the controller Is your business GDPR ready?
  • 7. Six principles of data processing Personal data must be processed in accordance with the following six principles: 1. Processed fairly and lawfully and in a transparent manner 2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes 3. Adequate, relevant, limited to what is necessary 4. Accurate and, where necessary, kept up to date 5. Kept in a form which permits identification of data subjects for no longer than necessary 6. Processed in a manner that ensures appropriate security of the personal data Is your business GDPR ready?
  • 8. Six conditions of processing Processing is only lawful if at least one of these six conditions apply: 1. You have the data subject’s consent 2. Processing is necessary for the performance of a contract 3. Processing is necessary for compliance with a legal obligation of controller 4. Processing is necessary to protect the data subject’s vital interests 5. Processing is necessary to perform a task carried out in the public interest or the exercise of official authority 6. Processing is necessary for the purposes of the legitimate interest of the controller or third party, except where overridden by interests or fundamental rights/freedoms of data subject Is your business GDPR ready?
  • 9. New obligations on controllers ● To demonstrate compliance with the data protection principles ● To carry out impact assessments ● Appoint a data protection officer (DPO) ● Data protection by design and default ● Notification of breaches ● Keep a record of processing activities Is your business GDPR ready?
  • 10. New rights for data subjects ● Broader rights of subject access ● Right to be forgotten (erasure) ● Right to object to profiling for direct marketing purposes ● Data portability Is your business GDPR ready?
  • 11. Increased fines for non-compliance Controllers ● Fines up to (greater of) 4% of annual worldwide turnover of the preceding financial year or 20 million euros Processors ● Fines up to (greater of) 2% of annual worldwide turnover of the preceding financial year or 10 million euros Is your business GDPR ready?
  • 12. Is your business GDPR ready? The GDPR and direct marketing Put someone in charge of GDPR in your business to: ● Update processes and communication for the collection, cleansing and storage of personal data ● Create/update your internal data policy ● Update ○ current terms and conditions ○ data protection policy ○ sign-up forms ○ privacy notices ● Invite and encourage your active customers and subscribers ● Enshrine solid and consistent deletion processes
  • 13. 1. Live from 25 May 2018 2. Consent should be – freely given, specific, informed and unambiguous 3. Data portability 4. Right to erasure/Right to be forgotten 5. You may be required to appoint a data protection officer (DPO) 6. Fines of up to £20 million, or 4% of turnover Is your business GDPR ready? Summary - Six key ‘takeaways’ about the GDPR
  • 14. 1. Promote awareness of GDPR with your team 2. Audit the data you hold and how it is collected 3. Check the privacy policies and procedures you have in place 4. Be prepared to provide information to individuals and allow for exercise of their other rights 5. Review processing of data based on consent and collect and store the evidence 6. Consider special procedures for dealing with children's data 7. Review and if necessary update security for data and prepare for possible data breaches 8. Implement “Data Protection by Design and Default” 9. Review appointment of a Data Protection Officer 10. Don’t ignore it! Is your business GDPR ready? 10 steps to get in shape for GDPR