Cyber Security Breaches Survey 2018

The Cyber Security Breaches Survey is a quantitative and qualitative survey of UK businesses and, for the first time in this 2018 release, charities. The quantitative survey was carried out in winter 2017 and the qualitative survey in early 2018. It helps these organisations to understand the nature and significance of the cyber security threats […]

Read more
Information rights research

The ICO has conducted and commissioned several reports on customer satisfaction and information rights. One of the goals of the Information Commissioner’s Office (ICO) Information Rights Strategic Plan 2017-21 is ‘to increase the public’s trust and confidence in how data is used and made available’. It is therefore important for the ICO to gauge the […]

Read more
Right to Object to Processing – art. 12, 21

Right to Object to Processing – art. 12, 21 A data subject has the right to object to being subject to public authorities or companies processing their data without explicit consent. A data subject also has the right to stop personal data from being included in direct marketing databases. An individual can make an objection […]

Read more
Right to Data Portability – art. 12, 20

Right to Data Portability – art. 12, 20 A data subject has the right to move, copy, or transfer personal data from one data controller to another, in a safe and secure way, in a commonly used and machine-readable format. Wherever technically possible, this also includes the right to have the data transferred directly from […]

Read more
Right to Restriction of Processing – art.12, 18

Right to Restriction of Processing – art.12, 18 A data subject has the right to block or suppress personal data being processed or used. This means that an individual can limit the way that an organisation uses their data. This is an alternative to requesting the erasure of their data. Individuals have the right to […]

Read more
Right to Erasure (Right to Be Forgotten) – art. 12, 17

Right to Erasure (Right to Be Forgotten) – art. 12, 17 A data subject has the right to have personal data permanently deleted. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. Individuals have the right to have their personal data erased if: the […]

Read more
Right to Correction (“Rectification”) – art. 12, 16

Right to Correction (“Rectification”) – art. 12, 16 Under Article 16 of the GDPR a data subject has the right to have incorrect or incomplete data corrected. An individual may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary […]

Read more
Right to Access – art. 12,15

Right to Access – art. 12,15 After data is collected, a data subject has the right to know how it has been collected, processed, and stored, what data exists, and for what purposes. Summary: Individuals have the right to access their personal data. This is commonly referred to as subject access. Individuals can make a subject […]

Read more
Right to Be Informed – art.12,13,14

Right to Be Informed – art.12,13,14 Before data is collected, a data subject has the right to know how it will be collected, processed, and stored, and for what purposes. Create easy-to-read policies that provide explicit details on what information is being stored on an individual—and how it will be used. Ensure all data collection processes […]

Read more