Exercises, GDPR and Retail - Information Management Today

How Organisations Are Failing to Process Personal Data Lawfully Under the GDPR

IT Governance

NOVEMBER 4, 2024

Problems with consent, purpose limitation, retention periods, and more At the heart of the GDPR (General Data Protection Regulation) lie the Article 5 data protection principles. How are organisations failing to process personal data lawfully under the GDPR, and how can they address this while improving their day-to-day business operations?

Personal data

Personal data GDPR Marketing Archiving

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Even the world’s biggest businesses are not free from GDPR woes. Many businesses find it hard to implement GDPR requirements because the law is not only complex but also leaves a lot up to discretion.

GDPR

GDPR Compliance Personal data Privacy

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR

GDPR Privacy Retail Personal data

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. Carrefour France and Carrefour Banque are both affiliates of the French retail group, the Carrefour Group.

GDPR

GDPR Personal data Data collection Marketing

CCTV and the GDPR – an overview for small businesses

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. You can find more information about GDPR compliance on our website >> Data processing principles (Article 5).

GDPR

GDPR Personal data Privacy Access

Data Subject Access Requests – High Court dismisses claim where DSAR regime abused

DLA Piper Privacy Matters

JANUARY 15, 2021

In late 2019, the Claimant issued proceedings and sought various relief, including in connection with an allegation that the Defendant had failed to provide data, contrary to the Data Protection Act 2018 ( “DPA 18” ) and the General Data Protection Regulation (EU) 2016/679 ( “GDPR” ). In each case, the answer had been adequate.

Access

Access GDPR Personal data Retail

Subject Access Requests in Scotland: Do you know what data is held about you?

IT Governance

NOVEMBER 12, 2018

The impact of the GDPR (General Data Protection Regulation) in Scotland is greater than most realise. One of the rights amended by the GDPR is the right of access. In Scotland, this will impact most significantly on sectors such as banking and retail however other key organisations in Scotland will also be affected.

Access

Access GDPR Personal data Retail

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

Evolving privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mean ongoing headaches for cybersecurity, compliance and risk management teams. GDPR requires a designated chief privacy officer (CPO). Regulatory compliance. Create a data catalog. Conduct risk analysis.

Encryption

Encryption Cloud Privacy GDPR

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

Source (New) Professional services USA Yes Unknown Thillens Source (New) Finance USA Yes Unknown Elston-Nationwide Carriers Source (New) Transport USA Yes Unknown American Insulated Glass Source (New) Retail USA Yes Unknown MooreCo Inc.

Data Privacy

Data Privacy Privacy Manufacturing Retail

How FIDO 2 authentication can help achieve regulatory compliance

Thales Cloud Protection & Licensing

JUNE 24, 2021

The retail sector, especially, is a lucrative target for credential stuffing attacks , resulting in billions lost every year. In the following paragraphs we will examine use cases where FIDO2 simplifies compliance with privacy and security regulations, namely GDPR, CCPA and PSD2. Compliance with GDPR and CCPA.

Authentication

Authentication Compliance Personal data GDPR

Avoiding, Managing And Responding To Cyber Incidents

Data Protection Report

NOVEMBER 2, 2023

Regulated firms remain responsible for any data that they outsource and, in line with this, they must exercise appropriate oversight of any outsourcing – firms may want to consider, for example, what would happen if there was an issue, including whether back-up is adequate and if they would receive appropriate information if something did go wrong.

GDPR

GDPR Risk Cybersecurity Compliance

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

Privacy and Cybersecurity Law

JULY 26, 2021

The Company was found guilty of infringing the following provisions of Regulation EU 2016/679 (“ GDPR ”): Information provided to the riders pursuant to Article 13 of the GDPR. The Company was also charged with the violation of Articles 5(1)(c) and 25 of the GDPR. What infringements did the Garante identify?

Personal data

Personal data GDPR e-Delivery Communications

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Italian data protection authority notifies OpenAI of GDPR breaches Following last March’s temporary ban in the country, Italy’s data protection regulator, the Garante per la Protezione dei Dati Personali, has notified ChatGPT’s parent company, OpenAI, that it has identified several breaches of data protection law. “The

Data Privacy

Data Privacy Privacy Insurance Security

Selling and utilising personal data in an insolvency situation

Data Protection Report

JUNE 1, 2020

Many businesses are suffering serious financial difficulties as a result of COVID-19, particularly those in the retail, hospitality and tourism sectors. But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area.

Personal data

Personal data Sales Marketing GDPR

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Read more below for a summary of what was included in the law that was passed yesterday.

Privacy

Privacy GDPR Personal data Risk

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Read more below for a summary of what was included in the law that was passed yesterday.

Privacy

Privacy GDPR Personal data Risk

A Practical Guide to Cyber Incident Response

IT Governance

MAY 24, 2024

It’s how I convince them that they really need that cyber incident response plan , to do tabletop exercises , to train their staff , and so on. If you’re a retailer, you’re going to see way more web traffic than usual. Tabletop exercises are important – they tell you whether your plans are working as intended.

Security

Security Risk Ransomware Phishing

#ModernDataMasters: Mike Evans, Chief Technology Officer

Reltio

MARCH 19, 2019

“If you are not tying what you are doing, in any kind of data initiative, to a business vision and some tangible outcomes that a business is trying to achieve, then MDM can become just a complex academic exercise.”. Prioritise people, process and governance.

MDM

MDM Retail IT Government

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Meanwhile, GDPR (General Data Protection Regulation) enforcement continues apace. Although Vladimir Putin and his sympathisers assured the world that they were simply conducting military exercises, the inevitable occurred on 24 February, when troops mobilised and war was declared. million) fine for twelve breaches of the GDPR.

Security

Security Data breaches Ransomware Military

#ModernDataMasters: Bob More, SVP Global Field Operations

Reltio

JULY 10, 2019

Much of background is what we now call customer experience and its predecessors of CRM and eCommerce applications in Retail and CPG as well as PLM, ERP and supply chain. The solely IT-driven ones are more likely to be a plumbing exercise – more about pulling data together and feeding it somewhere else.

MDM

MDM Sales Digital transformation Cloud

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. Anti-Discrimination Provisions.

Privacy

Privacy Sales Compliance Government

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. Anti-Discrimination Provisions.

Privacy

Privacy Sales Education Compliance

#ModernDataMasters: Henrik Liliendahl, Chairman & CTO, Product Data Lake

Reltio

JUNE 20, 2019

I like to walk and bicycle – it is good exercise but you can also think while you do these things. No, I think we have covered all my pet hobby horses! What do you like to do outside of work? I am at an age now where I have grandchildren so I really like to be with them. It is as much to freshen my mind and do some out-of-the-box thinking.

MDM

MDM Manufacturing Computer and Electronics Digital transformation

Security Affairs newsletter Round 298

Security Affairs

JANUARY 24, 2021

Critical flaws in Orbit Fox WordPress plugin allows site takeover EMA said that hackers manipulated stolen documents before leaking them Security Affairs newsletter Round 297 500K+ records of C-level people from Capital Economics leaked online Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts German laptop retailer fined €10.4m (..)

Security

Security Retail Libraries GDPR

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

In most cases, this regards the European Union’s General Data Protection Regulation or GDPR, and in the UK that law continues as the UK GDPR. And I think it is an exercise, pretty fun to look at those credentials. Moffatt: But what they equally do they publish notifications as well. Look what they've done.

Passwords

Passwords Authentication Access Data breaches

What you need to know about the CCPA rules on AI and automated decision-making technology

IBM Big Data Hub

MAY 3, 2024

For example, a digital retailer can have a web form for users to complete. Access request responses should also include information on how the consumer can exercise their CCPA rights, such as filing complaints or requesting the deletion of their data. Information on how to appeal the decision, if applicable.

Artificial Intelligence

Artificial Intelligence Privacy Compliance Risk

A new era for customer data – could security be ‘the new green’ for businesses?

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

Driven by the introduction of the General Data Protection Regulation (GDPR) and heightened by constantly evolving demands, consumers are changing their purchasing habits. GDPR: to help or hinder? So, similarly to environmental issues, data security is shifting from a box-ticking exercise to something that demonstrably drives sales.

GDPR

GDPR Security Marketing Data breaches

Key takeaways for the private sector from The Bridges v South Wales police facial recognition case

Data Protection Report

AUGUST 27, 2020

The court held that a weighing exercise had been correctly conducted and that the potential benefits outweighed the impact on Mr Bridges which was deemed to be minor. Most of the lawful bases for processing under the EU General Data Protection Regulation ( GDPR ) require processing to be “necessary”.

Risk

Risk Retail IT GDPR

Information Management Today

How Organisations Are Failing to Process Personal Data Lawfully Under the GDPR

How to implement the General Data Protection Regulation (GDPR)

Webinars

Trending Sources

Does your use of CCTV comply with the GDPR?

Webinars

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

CCTV and the GDPR – an overview for small businesses

Data Subject Access Requests – High Court dismisses claim where DSAR regime abused

Subject Access Requests in Scotland: Do you know what data is held about you?

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

How FIDO 2 authentication can help achieve regulatory compliance

Avoiding, Managing And Responding To Cyber Incidents

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

Selling and utilising personal data in an insolvency situation

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

A Practical Guide to Cyber Incident Response

#ModernDataMasters: Mike Evans, Chief Technology Officer

2022 Cyber Security Review of the Year

#ModernDataMasters: Bob More, SVP Global Field Operations

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

#ModernDataMasters: Henrik Liliendahl, Chairman & CTO, Product Data Lake

Security Affairs newsletter Round 298

The Hacker Mind Podcast: Going Passwordless

What you need to know about the CCPA rules on AI and automated decision-making technology

A new era for customer data – could security be ‘the new green’ for businesses?

Key takeaways for the private sector from The Bridges v South Wales police facial recognition case

Stay Connected