Welcome guest, please log in here   |    T +44(0)115 7180333   |   E   info@halborns.com

Archive

Data protection

Data protection – pt.2 is your privacy notice up to date?

Posted on: October 13th, 2021 by Ginny Hallam

Last week we shared our initial thoughts on how to ensure your privacy notices keep pace with your data processing practices. Below is pt.2 on what your privacy notices need to cover…

Sharing – if you need to share personal data with third parties, clearly explain why and what they’re going to do with the information (and how they’re going to keep it secure).

Transfer – post-Brexit the European Commission provided an adequacy decision meaning rules on transfers of personal data between the EU and UK are unchanged. That said, your privacy notice will still need to call out if you transfer data outside of the UK, where to, and the legal basis for the transfer.

Rights over data – clearly explain individuals’ rights in respect of the data you collect and how they can exercise them including access, deletion, correction, or withdrawal of consent.

Complaints – explain who to contact if individuals have any queries or concerns along with their right to contact the Information Commissioner’s Office (ICO) if they’re unsatisfied with your response.

Keep your privacy notice simple, straight-forward, and use real examples throughout to present the relevant detail in a user-friendly and meaningful way. Ensure to communicate whenever you’ve updated your privacy notice. If you need our support, get in touch.

 

This update is accurate on the date it was sent (13 October 2021), but may be subject to change which may, or may not be notified to you. This update is not to be taken as advice and you should seek advice if anything contained within affects you or your business.

Data protection – is your privacy notice up to date?

Posted on: October 7th, 2021 by Ginny Hallam

Your privacy notices need to keep pace with your data processing practices. Regular reviews ensure you’re being proactive with your privacy notices – below are our thoughts on what to look for:

Processing – is your purpose and legal basis for processing personal data still relevant and accurate? If not, you might find yourself unable to lawfully use that personal data if your new practices are incompatible with your original purpose.

The data you collect – new behaviour tracking on your website, who’s opening what newsletter – if you’ve introduced new data collection practices that aren’t in your privacy notice, update your notices to reflect them (as well as any new categories of personal data you’re collecting).

Timescales – you must not keep personal data for longer than you need it. If you now need to hold personal data for longer than your privacy notice states, you’ll need to update it with a clear justification as to why this is now the case.

Contact details – ensure your business contact details are still accurate, along with those for your data protection officer if you have one (because your core activities include regular monitoring of individuals, for example).

We’ve got more for you to consider in our next privacy notice update. Later in this series we’ll be looking at audit routines, training, contracts and policies.

In the meantime, get in touch if you’d like our support to ensure you’re being proactive in your privacy practices. 

 

This update is accurate on the date it was sent (7 October 2021), but may be subject to change which may, or may not be notified to you. This update is not to be taken as advice and you should seek advice if anything contained within affects you or your business.