Publishing house fined for data security violation under the GDPR

In late 2021, the Spanish Data Protection Authority (‘AEPD’) initiated an investigation on the data processing activities of Bayard Revistas S.A., a publishing house in Madrid, after receiving a complaint by an individual. According to this complaint, the person in charge of Bayard’s web portal notified all data subjects via e-mail that a third party […]

Googles decides to make easier to Reject All 

Google on laptop

Recently, Google announced its plans to introduce a “Reject All” option within its famous cookie banner. The decision was appreciated by the Information Commissioners Office, by observing this to be a change that was long awaited to improve not only the user interaction, but also the compliance aspects. The ICO in its statement was also […]

The DPC’s new approach to addressing personal data breach notifications 

Data Breach

The Data Protection Commission Ireland, in its Annual Report 2021, announced a changed approach towards handling data breach notifications. The report explains that the focus of DPC will shift towards enforcement rather than the current approach that prioritises communication and conciliation with data controllers to assist mitigating the impacts of data breaches on the controllers […]

Data protection and marketing: optimising your outreach activities

Data Protection and Marketing

Marketing is a necessity for any organisation. Private companies and organisations offering goods and services require marketing to publicise their messages and attract new customers. Similarly, charities, non-profit, and research organisations require marketing to  share the outputs of their work with relevant audiences in a timely and effective fashion. However,  many organisations are nervous about […]

Data governance and data protection compliance within the social enterprise, charity and the third-sector

data Protection and social enterprise

Social enterprises, charities and other third-sector organisations are doing important work safeguarding vulnerable individuals and providing essential services. However, they face unique challenges when it comes to data protection compliance. In fact, the person-centred approach of these organisations, though essential for providing services, means that data protection may not always be prioritised. How can we […]

Fostering a data protection culture within universities and academic institutions

Data Protection in academic institutions

Universities and academic institutions are complex organisations where compliance with issues like data protection can vary greatly. On one hand, you have departments, groups and institutions at the cutting-edge of research practice where new ideas, policies and processes are approached enthusiastically. On the other hand, some departments and research clusters may take more traditional approach, […]