Guidance
Short insights and practical takeaways that can be applied to your organisation.
EDPB adopts 2026-2027 work programme
Earlier this month, the EDPB adopted its 2026-2027 work programme which is part of its broader strategy for 2024-2027. In terms of practical guidance and
Completing Your Article 30 Record of Processing Activities (ROPA) Under UK GDPR
A Record of Processing Activities (ROPA) is a cornerstone of UK GDPR compliance. Knowing what personal data you process, why you process it, and how
Outsourcing your way to compliance confidence
UK organisations are navigating an ever evolving data protection regulatory landscape. Staying compliant can feel like steering through fog, especially without the right expertise on
DSAR Responses: What to include and how to share it
So you are finally putting together your response to the Data Subject Access Request (DSAR), but what does it need to cover? Supplementary information As
UK DPA Exemptions: What are they and when are they relevant?
The right to access personal data is not absolute and there are situations where a controller will not need to comply/fully comply with a Data
Question of the month: what do we need to think about when responding to an employment related DSAR?
When an employee asks for a copy of their information, there are a few points we need to think about in addition to the usual