GDPR: The Legitimate Interests test

GDPR: The Legitimate Interests test

Uncategorized
On 25 May the EU General Data Protection Regulation (GDPR) came into force. If you need help in working out whether or not your Australian business will be affected by GDPR, please get in touch with us without delay. We have offered updates recently on: - Cross-country data transfer (https://www.compliancequarter.com.au/gdpr_implications_for_australia/); - Consent (https://www.compliancequarter.com.au/gdpr-countdown-2-how-to-get-consumer-consent-and-when-is-it-required/). Photo by Yeo Khee on Unsplash By Dr Drew Donnelly, Regulatory Specialist, Compliance Quarter Today we update you on one of the more perplexing aspects of the GDPR; the ‘legitimate interests’ ground for processing personal data. On the one hand, the GDPR makes it easier for organisations to know when personal data processing is permitted (or ‘lawful’). The clear-cut definition of ‘consent’ means all organisations can be on the same page as to whether consent holds. On the other hand,…
Read More
GDPR Countdown 2: How to get consumer consent and when is it required?

GDPR Countdown 2: How to get consumer consent and when is it required?

Consumer
In today’s article, part 2 of our countdown to GDPR on May 25, we look at what the European Union General Data Protection Regulation (GDPR) says about consumer consent. For a discussion of when the GDPR can apply to Australian businesses see https://www.compliancequarter.com.au/understanding-gdpr-opportunities-risks/.   By Dr Drew Donnelly, Compliance Quarter. Consent Defined The definition of consent in article 4(11) of the GDPR provides that it be “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”. Compared to the existing EU data protection rules, and the definition in the Australian Privacy Act 1988, there is a greater emphasis in the…
Read More
GDPR Australia: When can EU personal data be transferred to Australia?

GDPR Australia: When can EU personal data be transferred to Australia?

Consumer
GDPR Australia: The EU Data Protection Regulation (GDPR) comes into effect on 25 May 2018. In order to ensure that you are GDPR compliant we are offering a series of articles responding to some key questions you might have with respect to the GDPR. For a general overview of the GDPR and whether it might apply to your organisation see https://www.compliancequarter.com.au/understanding-gdpr-opportunities-risks/. You should also check out the comprehensive resource created by the Office of the Australian Information Commissioner at https://oaic.gov.au/agencies-and-organisations/business-resources/privacy-business-resource-21-australian-businesses-and-the-eu-general-data-protection-regulation. Access our Exclusive & Free GDPR Australia checklistSimply provide your details below to be sent our free GDPR Self Assessment Checklist.Today we ask: When can personal data of EU origin be transferred to an organisation based in Australia?We divide the justifications provided by the GDPR for transfer to any other country…
Read More
Data Protection Officer – Which Businesses Need One & What do they do?

Data Protection Officer – Which Businesses Need One & What do they do?

Uncategorized
We have previously looked at the sweeping changes to privacy laws coming into effect in the EU. These laws will have an impact on a number of Australian businesses. One of the first steps towards GDPR compliance is to identify whether your business is captured under Article 37 and requires the appointment of a Data Protection Officer ('DPO'). Reading this article will give you the option of downloading our free report on DPO, written by Dr. Drew Donnelly, Compliance Quarter. Download our free report for further details on the DPO by following the instructions in the popup box. Alternatively, you can complete our FREE GDPR Readiness Questionnaire so that we can help you assess where you stand with GDPR and the work required. Our initial assessment and response is free…
Read More
What will the new EU Privacy Laws mean for your business?

What will the new EU Privacy Laws mean for your business?

Uncategorized
As of 25 May 2018, the European Union General Data Protection Regulation (GDPR) will implement a new extra-territorial data protection regime, which will impact Australian entities that handle personal data of EU residents. Thankfully some of the provisions of the GDPR mirror those of the Australian Privacy Act 1988, which Australian entities are hopefully already familiar with. However, there are numerous substantive differences and unique requirements that go beyond the Australian position. It is therefore important for organisations with operations in the EU to determine whether or not the GDPR applies to them and to ensure their personal data handling practices are brought into compliance before next year’s deadline. Does my business need to comply with the new EU regulations? You will need to comply with the GDPR requirements if…
Read More