Knowledgeable Privacy and Data Protection Lawyer
Welcome to PAIL Solicitors, where individuals ’ privacy and data protection rights, as well as small and medium-sized compliance, are one of our highest priorities.
Frequently Asked Questions
-
GDPR stands for General Data Protection Regulation and was put in place by the EU to give EU consumers more protection from businesses using their personal data. In essence, the regulations ensure that businesses take adequate steps to protect personal data and be transparent with consumers about using their personal data.
UK GDPR essentially takes existing EU GDPR and assimilates it into UK law. The harmonisation of UK law with EU GDPR was done to help minimise confusion for businesses on how to remain compliant with GDPR following the transition period and signal to the EU that the UK would still take GDPR and EU consumer data seriously.
The UK GDPR distinguishes between 'data controllers' and 'data processors' to recognise that not all organisations involved in the processing of personal data have the same degree of responsibility.
-
'Data controller' means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Most businesses act as data controllers as they decide how they use customer data. For example, for marketing or to fulfil customer orders.
-
‘Data processor' means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
For example, a printing and distribution company may be commissioned by another business (or an individual) to design and distribute flyers to several addresses. As the printing company has not chosen how to use the data (i.e. the addresses), they are simply data processors.
(However, the printing company is also likely to be a data controller if they also collect data from their customers and store and use it for marketing and other activities.)
-
The GDPR contains substantial fines for failing to comply with its requirements, including fines of up to €20 million, or 4% of your worldwide annual turnover, whichever is higher.
For many UK businesses, GDPR compliance can seem like a minefield, challenging to navigate whilst also continuing business as usual. Our digital media specialist lawyer at PAIL solicitors is on hand with 20 years of experience working with businesses to ensure GDPR compliance.
We can work with you to help establish the necessary steps you must take to be compliant and can help you implement SCCs and BCRs with external organisations or international offices.
To obtain accurate advice about your business' GDPR privacy policy status and how we can help, please contact us on (020) 7305-7491 or at [email protected], and we would be delighted to assist you. (Charge rates may vary)
Meet The Team: Peter Adediran; Maya El Husseini; Gabrielle Felix; Poppy Harston
Make an appointment
Contact us today to learn how we can help safeguard your success.