Is your business GDPR ready? 27/09 Richmond 28/09 Southampton - - PowerPoint PPT Presentation

is your business gdpr ready
SMART_READER_LITE
LIVE PREVIEW

Is your business GDPR ready? 27/09 Richmond 28/09 Southampton - - PowerPoint PPT Presentation

Feb 13, 2024 269 likes •431 views

Is your business GDPR ready? 27/09 Richmond 28/09 Southampton BROUGHT TO YOU BY Welcome Moore Blatch, Carswell Gould and Sofigate recently joined forces for two GDPR breakfast briefings, in Richmond and Southampton. The three firms have

slide-1
SLIDE 1

Is your business GDPR ready?

BROUGHT TO YOU BY

27/09 Richmond 28/09 Southampton

slide-2
SLIDE 2

Is your business GDPR ready?

Welcome

Moore Blatch, Carswell Gould and Sofigate recently joined forces for two GDPR breakfast briefings, in Richmond and Southampton. The three firms have combined their know-how on the subject to deliver a unique insight into the legal, communication, IT challenges and opportunities presented by the GDPR. Our aim is to help you get GDPR ready!

slide-3
SLIDE 3

Is your business GDPR ready?

We’re different because we believe the most important person in a legal team isn’t the lawyer, it’s you. So we give you more than other law firms. More expertise. More depth. More clarity. Whatever you face in life or in business, we won’t be just your lawyer, we’ll be your trusted friend and confidant as well. Our job is to listen and understand, and then use our expertise to find the best solution for you. You’ll find we are fast and efficient, with a team based approach and a relentless focus on quality. You’ll also find our prices are competitive, giving you excellent value for money. We’re the south’s best connected creative communications agency. We start with the customer and focus on delivering measurable impact to exceed expectations. Our work spans a wide range of industries including professional services, education, culture and heritage, land and property, start-ups and marine. Our single minded aim is to help our clients’ businesses grow. Each of our core services of content, web development and creative design have all recently been recognised by leading industry bodies including three Hermes Creative Awards, twelve CIPR PRide Awards and we’ve been a finalist at the Wirehive 100 Awards on multiple occasions, so you know you are in good hands. We work hand in hand with global clients to deliver transformational digital changes, shaping landscapes internally and externally by accelerating growth, reducing cost and cutting time to market. Our primary focus is on enabling through technology, allowing our clients to leverage existing digital competencies, exploring new technologies and transforming existing technologies, empowering them to seize opportunities both old and new. Our ways of working deliver tangible results that build on the business capabilities provided by technology, fostering sustainable and lasting positive change.

www.carswellgould.co.uk www.mooreblatch.com www.sofigate.com

slide-4
SLIDE 4

Presenters

Is your business GDPR ready?

Ed Gould Creative Director Dorothy Agnew Partner Nick Russell Director Gareth Miller Managing Director John Warchus Partner Peter Truman Director

slide-5
SLIDE 5

What is the GDPR?

  • General Data Protection Regulation
  • Replaces the UK Data Protection Act 1998 (DPA)
  • Live from 25 May 2018
  • Will affect every organisation that collects or handles data relating to EU

residents.

  • Monitored by national supervisory authorities

Is your business GDPR ready?

slide-6
SLIDE 6

It’s all about personal data

The use of data will be subject to the GDPR where it involves processing personal data There are two types of processors of personal data: 1. Controllers - determine purpose and means of processing personal data 2. Processors - process personal data on behalf of the controller Is your business GDPR ready?

slide-7
SLIDE 7

Six principles of data processing

Personal data must be processed in accordance with the following six principles: 1. Processed fairly and lawfully and in a transparent manner 2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes 3. Adequate, relevant, limited to what is necessary 4. Accurate and, where necessary, kept up to date 5. Kept in a form which permits identification of data subjects for no longer than necessary 6. Processed in a manner that ensures appropriate security of the personal data Is your business GDPR ready?

slide-8
SLIDE 8

Six conditions of processing

Processing is only lawful if at least one of these six conditions apply: 1. You have the data subject’s consent 2. Processing is necessary for the performance of a contract 3. Processing is necessary for compliance with a legal obligation of controller 4. Processing is necessary to protect the data subject’s vital interests 5. Processing is necessary to perform a task carried out in the public interest or the exercise of official authority 6. Processing is necessary for the purposes of the legitimate interest of the controller or third party, except where overridden by interests or fundamental rights/freedoms of data subject Is your business GDPR ready?

slide-9
SLIDE 9

New obligations on controllers

  • To demonstrate compliance with the data protection principles
  • To carry out impact assessments
  • Appoint a data protection officer (DPO)
  • Data protection by design and default
  • Notification of breaches
  • Keep a record of processing activities

Is your business GDPR ready?

slide-10
SLIDE 10

New rights for data subjects

  • Broader rights of subject access
  • Right to be forgotten (erasure)
  • Right to object to profiling for direct marketing purposes
  • Data portability

Is your business GDPR ready?

slide-11
SLIDE 11

Increased fines for non-compliance

Controllers

  • Fines up to (greater of) 4% of annual worldwide turnover of the

preceding financial year or 20 million euros Processors

  • Fines up to (greater of) 2% of annual worldwide turnover of the

preceding financial year or 10 million euros Is your business GDPR ready?

slide-12
SLIDE 12

Is your business GDPR ready?

The GDPR and direct marketing

Put someone in charge of GDPR in your business to:

  • Update processes and communication for the collection,

cleansing and storage of personal data

  • Create/update your internal data policy
  • Update

○ current terms and conditions ○ data protection policy ○ sign-up forms ○ privacy notices

  • Invite and encourage your active customers and subscribers
  • Enshrine solid and consistent deletion processes
slide-13
SLIDE 13

1. Live from 25 May 2018 2. Consent should be – freely given, specific, informed and unambiguous 3. Data portability 4. Right to erasure/Right to be forgotten 5. You may be required to appoint a data protection officer (DPO) 6. Fines of up to £20 million, or 4% of turnover Is your business GDPR ready?

Summary - Six key ‘takeaways’ about the GDPR

slide-14
SLIDE 14

1.

Promote awareness of GDPR with your team

2.

Audit the data you hold and how it is collected

3.

Check the privacy policies and procedures you have in place

4.

Be prepared to provide information to individuals and allow for exercise of their other rights

5.

Review processing of data based on consent and collect and store the evidence

6.

Consider special procedures for dealing with children's data

7.

Review and if necessary update security for data and prepare for possible data breaches

8.

Implement “Data Protection by Design and Default”

9.

Review appointment of a Data Protection Officer

10.

Don’t ignore it! Is your business GDPR ready?

10 steps to get in shape for GDPR

slide-15
SLIDE 15

Thank You

BROUGHT TO YOU BY