The Catling Mindswipe

So we all think that we've done all we need to do to comply with GDPR, gaining consents, allowing withdrawal of consents and breaking down consents to a granular level. However, it looks like the regulations demand something a little more complex than that.

Best practices for consent forms Sifting through the mass of materials and example best practices to help you bring your consent forms into compliance with these new regulations, this is what we've come up with in working for clients.

Five principles of consent in the GDPR May 25th saw the implementation of General Data Protection Regulation (GDPR) legislation and I don't doubt for a minute that there are many organisations still not compliant. If you still don't get it, then first of all fix your privacy policy and post a privacy notice on your website. Second, gain consent to collect any personal information you need to keep operating.

With the imminent introduction of GDPR on May 25th, you may have noticed you're getting a flurry of 'opt-in' emails from your various membership sites, news groups, mailing lists and social media. Ad per the new rules, they are all trying to gain renewed consents to contact you. The the key question is: what counts as consent under GDPR?

Bought on a budget, the new slimline workhorse laptop has a respectable AMD A9 processor, 8GB of memory and 1TB of storage. So far so good. Otherwise this Lenovo is a letdown; truly terrible battery life from a non-removable battery; a dead keyboard with an irritatingly inconsistent layout, placement and use of keys; a 15.6in display out of the 1950's; and the worst sound ever since sound was installed on a laptop.

The incoming General Data Protection Regulation significantly raises the bar on personal data processing for all organisations contacting EU citizens. Not least in the list of considerations is the extent of legitimate interest - contacting existing customers - and the requirement for explicit, opt-in consent. GDPR compliance does not mandate discarding all of your existing data and gaining fresh consents from users, but it is absolutely necessary to review your current consent management process.

Supporting the rollout of the new General Data Protection Regulations (GDPR) , the ICO in the UK has published an at-a-glance checklist for items to consider on the opt-in form and signup process. The checklist includes the following items:

Under the new GDPR regulations, you need to decide your 'basis for processing'; a reason why you are collecting and storing personal data. The GDPR makes a distinction between 'consent' and 'legitimate interests'. Under the new regulations, there are six lawful basis for processing data:

GDPR imposes new rules around data protection for any organisation that collects and uses personal data about EU residents. The new regulation is designed to strengthen existing data protection laws and will impact on all organisations, changing the way that they handle, use and store data about the people they contact. GDPR is based on six privacy principles. These are:

The EU has reformed its laws around data protection for a couple of reasons; one is to help generate business in the EU by simplifying rules for companies in the Digital Single Market; the other is in response to Europeans' concerns about data protection. The GDPR aims to achieve this by having one set of EU-wide rules. Starting with first principles, if the EU wants to protect personal and sensitive data, then how exactly are we to define 'personal' and 'sensitive'?

GDPR (General DATA Protection Regulation) comes into force on 25th May 2018. It requires: enhanced personal privacy, meaning more rights for your customers and visitors. more defined processes dealing with personal data. more transparency in why and how you use personal data. greater staff awareness of the new regulations. awareness of the greater financial penalties which can be imposed for breaches.

This is no stroke of original genius, as all the content for this post is lifted from the summary text of the guide Preparing for the General Data Protection Regulations , from the UK Information Commissioners' Office (copyright HM Government of the United Kingdom). It's a concise, clear rendering of the bones of the GDPR, and as such, a good thing. It is, however, pretty light on practical examples in many areas, so after understanding the twelve pillars of GDPR, you may need to stick with us to get further insight into tools and techniques to achieve compliance...

This May is data protection month! If you're operating any kind of organisation with an online presence within the European Union, then you should know that the new General Data Protection Regulations (GDPR) come into force on May 25th, bringing in new requirements and increasing the penalties for breaches. Non-compliance after that date is not an option.

It seems like any idiot can have their own website these days; and most of us do. You no longer need to be a genius-level computer programmer - or indeed any kind of programmer - to do this. In fact, you can get by on almost no knowledge of IT whatsoever. There are now so many point-and-click, drag-and-drop, site-builder, page-builder, menu-builder, widget-builder platforms on the web, complete with step-by-step wizards, guides, help and tutorials, you could be a medieval peasant with a belief in the Flat Earth and sorcery and still be able to build your own website to talk about it. Perhaps with the help of a wizard.

It's official; the Lenovo G580 is about done. My great value Core i5 laptop which I got from Lenovo direct in mid-2012, is just about unusable as a result of entirely predictable design flaws and general wear and tear. During the original unboxing, I noted the track pad built into the surface of the wrist-rest, concluded the resistive pad was glued to the underside and predicted a track pad failure before any other hardware breakdowns. So it has come to pass.