Category Archives: Data Protection

The Data Protection Act puts organisations under a legal obligation to:
1) use personal information fairly and legally;
2) collect only the information necessary for a specific purpose(s);
3) ensure it is relevant, accurate and up to date;
4) only hold as much as you need, and only for as long as you need it;
5) allow the subject of the information to see it on request; and
6) keep it secure.

The new GDPR come into effect on 25th May 2018 as well.

BBC News: GDPR: ‘Don’t panic!’ data watchdog tells firms

I saw this on the BBC and thought you should see it: GDPR: ‘Don’t panic!’ data watchdog tells firms – http://www.bbc.co.uk/news/business-44208456

Posted in Crab Alert, Data Protection, Information Risks, What we are being asked about | Tagged , , ,

BBC GDPR Quiz – Third time lucky!

With GDPR looming you may wish to try this Quiz from the BBC http://www.bbc.co.uk/news/technology-44224802 If you need help with your compliance please see https://crimsoncrab.net/our-solutions/data-protection-compliance/ With thanks to Peter at PPG Proofreading for highlighting the Quiz.

Posted in Data Protection, Information Risks | Tagged , ,

GDPR – Exactly what can we do to approach unknown prospects by mail or email?

This is actually a question about the Privacy & Electronic Communication Regulations (PECR) although GDPR does have an impact. PECR restrict unsolicited marketing by phone, fax, email, text, or other electronic message. There are different rules for different types of … Continue reading

Posted in Data Protection, Information Risks, What we are being asked about | Tagged , , , ,

GDPR – Getting business cards at meetings…. How to process them

This is personal data if it identifies an individual e.g. someones name in which case the GDPR apply. You must not do anything which the subject would not expect. So if you are handed a business card by all means … Continue reading

Posted in Data Protection, Information Risks, What we are being asked about | Tagged , ,

GDPR – Names & addresses collected in the normal course of business?

This is personal data – data which identifies an individual and therefore the GDPR applies.

Posted in Data Protection, Information Risks, What we are being asked about | Tagged ,

GDPR – Phone data (numbers, names etc.,)

This is personal data – data which identifies an individual and therefore the GDPR applies.

Posted in Data Protection, Information Risks, What we are being asked about | Tagged ,

GDPR – Where do I stop?

There are a number of continuing obligations and compliance monitoring requirements under GDPR. Key people in the business must demonstrate support for the law and promote a positive culture of data protection compliance.

Posted in Data Protection, Information Risks, What we are being asked about | Tagged , ,

GDPR – Where do I start?

Carry out an information audit to map data flows. Document what personal data you hold, where it came from, who you share it with and what you do with it.

Posted in Crimson Crab, Data Protection, Information Risks, What we are being asked about | Tagged ,

Data protection: Why you’re getting so many emails about privacy

From the BBC: Data protection: Why you’re getting so many emails about privacy – http://www.bbc.co.uk/news/newsbeat-43909196

Posted in Data Protection, Information Risks, Reputation Matters, What we are being asked about | Tagged , ,

European Commission GDPR guidance

The European Commission has published guidance on the EU data protection rules under the General Data Protection Regulation (GDPR). The guidance outlines what the European Commission, national data protection authorities and national administrations still need to do to bring preparations … Continue reading

Posted in Crab Insight, Data Protection, Information Risks, Reputation Matters | Tagged ,