Tag Archives: GDPR

GDPR’s Impact on the CAP Code and How Prize Winners are Announced

Back in May this year, the Committee of Advertising Practice (CAP), which authors the UK Code of Non-broadcast Advertising and Direct & Promotional Marketing (the CAP Code), launched a consultation (the Consultation) on changes that may be required to the CAP Code on the issue of administration of prize promotions. This followed the introduction of … Continue Reading

GDPR’s Impact on Use of Employee Images in Marketing Campaigns – How to Protect Yourself!

The practise of employers using their employees’ images and names within marketing materials (from graduate recruitment materials and internal-only promotions, to nationally distributed campaigns) has become a riskier strategy in light of the consent requirements under the General Data Protection Regulation (GDPR), which recently came fully into force across the EU.  Even where employers have … Continue Reading

ICO Recommends Refresh Existing Consents Now If They Don’t Meet The GDPR Standard

The ICO has updated its guidance “Preparing for the General Data Protection Regulation (GDPR), 12 steps to take now” and recommends that businesses “Refresh existing consents now if they don’t meet the GDPR standard”. Why is this necessary? In March 2017 the ICO issued draft “GDPR consent guidance”.  This was a consultation version to gather … Continue Reading

WP29 Publishes Guidance on Important GDPR Concepts: DPOs, Data Portability and Lead Supervisory Authority

On December 16, 2016, the Article 29 Data Protection Working Party (“WP29”) published guidelines and FAQs on the forthcoming General Data Protection Regulation (the “GDPR”) addressing the following three key issues: Data Protection Officers (“DPOs”) (WP 243) The right to “data portability” (WP 242) The identification of the lead supervisory authority (WP244) The published guidelines … Continue Reading

GDPR Article 40: Code of Conduct for Cloud Providers Being Finalized by C-ISG

While over the last several months, many have expressed concern about cloud service providers’ (“CSPs”) ability to comply with the General Data Protection Regulation (“GDPR”), at the end of November some clarity was provided.  On November 30, 2016, the Cloud Select Industry Group (“C-ISG”) agreed on a Code of Conduct on Data Protection for CSPs … Continue Reading
LexBlog