News: ICO fines British Airways for its 2018 data breach

talking about personal data

The General Data Protection Regulations (GDPR) came into force in May 2018 and was incorporated into UK law with the Data Protection Act 2018 (DPA). The GDPR and DPA provided substantial fines compared to its predecessor. Companies can now be fined a maximum of ‘20 million Euros or 4% of the undertakings total annual worldwide […]

What is the Information Commissioner’s Office?

talking about personal data

The Information Commissioner’s Office (ICO) is an independent public authority which is the United Kingdoms (UK) data protection regulator. Its task is to uphold information rights for the UK public. It enforces the Data Protection Act and has responsibility for the Freedom of Information Act 2000, Privacy and Electronic Communications (EC Directive) Regulations 2003, and […]

What rights does a data subject have?

talking about personal data

Data subjects have certain rights under the General Data Protection Regulation (GDPR) which was implemented into the United Kingdom (UK) with the Data Protection Act 2018. Personal data is information that relates to an identified or identifiable individual. That information could be a name, number, or IP address. The identified or identifiable individual would be […]

What is a lawful basis for processing data?

image to represent data protection

To process personal data, you must have a valid lawful basis. There are six lawful bases for processing. The most appropriate basis will depend on your relationship with the individual. The requirement of most the lawful bases is that the processing is ‘necessary’ for a specific purpose. You will not have a lawful basis if […]

What are the data protection principles?

image to represent data protection

The General Data Protection Regulation (GDPR) which was implemented into United Kingdom (UK) law with the Data Protection Act 2018, sets out data protection principles that data controllers must comply with. They are as follows: The lawfulness, fairness, and transparency principle – Lawfulness: there are six lawful bases for the processing of data as set […]

Are you a data controller or processor?

talking about personal data

It is vital that you understand your role regarding personal data to ensure compliance with the General Data Protection Regulation (GDPR). Your obligations under the GDPR will differ depending on whether you are a controller, joint controller, or processor. If you breach your obligations the Information Commissioner’s Office (ICO) can take legal action against you […]