Consent

Launch of the IRMS Third Sector Retention and Disposal Toolkit

The Information and Records Management Society (IRMS) and Protecture were delighted to formally launch the IRMS Third Sector Retention and Disposal Toolkit and Schedule at an event in Central London last week. Attendees from a number of charities, not-for-profits and companies heard Scott Sammons, Chair of the IRMS, argued passionately for the benefits of record …

Launch of the IRMS Third Sector Retention and Disposal Toolkit Read More »

Equifax – 12 lessons to learn

As the Data Protection Act 1998 (DPA98) comes to an end, we have a first! The first maximum fine under the old law was issued in September to Equifax Ltd. If you’ve heard any of the Data Protection Leads here at Protecture speak about basic security issues facing organisations, you will have heard us talk …

Equifax – 12 lessons to learn Read More »

Cookie D’oh!

With the news that the changes to ePrivacy law have now been delayed until 2020, now is a good time to evaluate whether your organisation’s practices are already in line with existing electronic privacy law. The ePrivacy Regulation is likely to strengthen the current provisions of PECR in similar ways to which GDPR strengthened previous …

Cookie D’oh! Read More »

What would you say? 20 questions from the ICO

What would you say? 20 questions from the ICO The findings from the ICO’s latest Information Risk reviews highlight the many and varied areas that data protection risk touches upon. We turned the findings into the 20 key questions you should ask yourself about data protection at your organisations. Do you have a clear Data …

What would you say? 20 questions from the ICO Read More »

Facebook and ‘CA’ – not Cambridge Analytica, but Custom Audiences

Unless you have been living under a rock for the past few weeks, you will have noticed that Facebook’s business practices have been coming under the microscope of public scrutiny. It’s been well-known for a long time among the data protection and marketing communities that Facebook operates by harvesting, generating and acquiring large amounts of …

Facebook and ‘CA’ – not Cambridge Analytica, but Custom Audiences Read More »

Taking the ‘Con’ out of ‘Consent’

Taking the ‘Con’ out of ‘Consent’ In many ways, the GDPR is not very different to the Data Protection Act. This is true for the requirement to justify which of the six lawful “basis for processing” you are relying on to legitimise the processing (activity) in question. Some have been, and remain clear: in life …

Taking the ‘Con’ out of ‘Consent’ Read More »

Better the devil you know – personal data breach reporting and GDPR

The ICO Annual Report for 2016-17 has been published. Among the findings reported is the number of self-reported data protection incidents, broken down by sector. The headline figures show a 31.5% increase in self-reported incidents – from 1,950 to 2,565 incidents. The key word here: self. Reporting of actual or suspected incidents to the ICO …

Better the devil you know – personal data breach reporting and GDPR Read More »

Fundraising Factsheet: Consent, confusion and clarity

Those attending Fundraising Week recently could be forgiven for scratching their heads and leaving none the wiser about the future of fundraising. Rob Wilson MP, the Minister for Civil Society, called on charities to prepare for ‘opt-in’ for fundraising – noting that the focus should be less on the Fundraising Preference Service (FPS) and more …

Fundraising Factsheet: Consent, confusion and clarity Read More »

Updating consent – implications of the Flybe and Honda fines

On 27th March 2017, the ICO issued Monetary Penalty Notices to Honda and Flybe, having determined that their approaches to confirming customers’ contact details and marketing preferences were not compliant with PECR (The Privacy & Electronic Communications Regulations 2003). Since these fines were issued, there has been some concern about whether this means that verification …

Updating consent – implications of the Flybe and Honda fines Read More »

Do you agree? Getting consent projects right

With new guidance from the Fundraising Regulator and ICO, and the GDPR now almost visible on the horizon, many organisations are feeling the need to take action about consent. This is understandable; if you send campaigning, fundraising or awareness raising materials (i.e. send Direct Marketing) to donors, supporters or volunteers via electronic channels you need …

Do you agree? Getting consent projects right Read More »

Scroll to Top