The GDPR came into effect almost a year ago on the 25 May 2018. As the most significant reform of data protection law in Europe for over 20 years, the legislation raised expectations of a cultural shift in attitude to data privacy. A year on from the fanfare of implementation, this bulletin looks at key … Read more
The EDPB has published guidance on the ability of online service providers to rely on the fact that processing is necessary for the performance of a contract in order to legitimise their processing of personal data. Read more
The recent High Court judgment in Rudd v Bridle & J&S Bridle Ltd provides some useful guidance on subject access requests under the Data Protection Act 1998 (equally relevant to the new GDPR regime). Read more
In the run up to the GDPR applying from next year, there has been a variety of practical guidance for compliance at the European level through the Article 29 Working Party (“WP29”) (which reflects the consolidated view of national supervisory data protection authorities in each member state) and at the national level through the UK … Read more
