A Data Processing Agreement is one of the most common — and most misunderstood — elements of GDPR. Most organisations know they "should have one"....
Data Processing Agreement (DPA) – When Is It Required and What Must It Contain
read more
GDPR
Most Common GDPR Mistakes – What Supervisory Authorities Find During Inspections
The most common GDPR mistakes in organisations do not result from a lack of documentation. They result from documentation that exists on paper but...
GDPR Data Subject Rights – How to Handle Requests Step by Step
Data subject rights are one of the most practical aspects of GDPR — and one of the most operationally challenging. Requests do not arrive as formal...
GDPR Data Retention – How Long Can You Store Personal Data
One of the most frequently asked questions in GDPR compliance is deceptively simple: how long can we keep personal data? The answer is equally...
GDPR risk assessment and DPIA – how to do it step by step
GDPR risk assessment is one of those obligations that exists in the documentation of almost every organisation — but in practice tends to be...
Record of Processing Activities (ROPA) – What It Must Contain and Example Entry
The record of processing activities is one of the first documents requested during a supervisory authority inspection. In theory, the obligation...