Data Protection Impact Assessments – At A Glance

At a glance A data protection impact assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project. You must do a DPIA for certain listed types of processing, or any other processing that is likely to result in a high risk to individuals’ interests. You can use […]

Read more
Lawfulness of Processing

Article 6 of the GDPR defines lawfulness of processing. It states that processing is only lawful if one of the following applies: The data subject has given consent to the processing of his or her personal data for one or more specific purposes; Processing is necessary for the performance of a contract to which the […]

Read more
Cyber Essentials Checklist

Use a firewall to secure your internet connection ☐ Understand what a firewall is ☐ Understand the difference between a personal and a boundary firewall ☐ Locate the firewall which comes with your operating system and turn it on ☐ Find out if your router has a boundary firewall function. Turn it on if it […]

Read more
6 Key Questions to Ask for GDPR

What data do we collect and manage? Why do we collect this data? How do we source this data? What is our legal basis for holding this data? How do we minimise risk for people whose data we hold? How do we secure this data?  

Read more
GDPR Becomes Easier For Small Business Owners

A new and affordable self-service tool simplifies compliance London, Friday, 9 March 2018 – A new service launched by 123DPO in association with GDPR365 gives small businesses an online, self-service tool which covers every single aspect of GDPR compliance. The online portal takes business owners through each aspect of the GDPR in a clear and […]

Read more
Legitimate Interests – Checklist

Legitimate Interests ☐ We have checked that legitimate interests is the most appropriate basis. ☐ We understand our responsibility to protect the individual’s interests. ☐ We have conducted a legitimate interests assessment (LIA) and kept a record of it, to ensure that we can justify our decision. ☐ We have identified the relevant legitimate interests. […]

Read more
About GDPR

The EU’s new data protection regulation is complex to understand and implement. GDPR365 reduces the risk of non-compliance by giving each company an intuitive cloud-based hub with customised, thoughtful workflows to simplify the compliance process by organising it into clear, simple and assignable tasks. In May 2016, the European Union (EU) passed a EU-wide data […]

Read more
Consent – Checklist

Asking for Consent ☐ We have checked that consent is the most appropriate lawful basis for processing. ☐ We have made the request for consent prominent and separate from our terms and conditions. ☐ We ask people to positively opt in. ☐ We don’t use pre-ticked boxes or any other type of default consent. ☐ […]

Read more
Six Data Protection Principles

Six data protection principles will require that personal data should be: processed in a fair, lawful and transparent manner collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes adequate, relevant and limited to what is necessary accurate and where necessary kept up to date […]

Read more