LEGAL, REGULATORY & COMPLIANCE CONSULTANTS

Handley Gill Limited

Our expert consultants at Handley Gill share their knowledge and advice on emerging data protection, privacy, content regulation, reputation management, cyber security, and information access issues in our blog.

Posts tagged EUROPEAN COMMISSION
Best Before: 21 March 2024

Handley Gill’s specialist data protection consultants highlight the forthcoming deadline for data controllers to review and, if necessary, update the safeguards relied upon as the lawful basis for conducting transfers of personal data from the UK to overseas where these currently rely upon the old European Commission standard contractual clauses / model clauses, including guidance on the actions that need to be taken.

Read More
Certify...certify me!

Handley Gill’s specialist data protection consultants consider the options and certification requirements for US entities importing personal data from the EEA following the adoption of the European Commission’s adequacy decision in respect of the Trans-Atlantic EU-US Data Privacy Framework, providing a lawful basis for transferring personal data to the US under the GDPR.

Read More
A bridge to nowhere?

A commitment to establishing a UK-US data bridge, which would take the form of adequacy regulations being issued by the Secretary of State pursuant to section 17A Data Protection Act 2018, has been announced. Since this bridge is likely to be contingent on the European Commission issuing its own adequacy decision, and the draft has recently been rejected by the European Parliament, data exporters will be reliant on the Commission ramming through the roadblock or will find themselves stuck in traffic on the UK-US data flyover.

Read More
GDPR-versary

Handley Gill Limited’s specialist consultants have compiled 5 facts about the application of the General Data Protection Regulation (GDPR) to mark the 5th anniversary of the GDPR taking effect across the EEA on 25th May 2023. Happy 5th birthday GDPR!

Read More
See ya SCCs, enter the IDTA

New data processing or other sharing agreements governed by the UK GDPR, which are entered into on or after Thursday 22 September 2022 and which involve the export of personal data from the UK to third countries and will rely on appropriate safeguards under Article 46 UK GDPR in the form of standard data protection clauses, can no longer rely on the standard contractual clauses (SCCs) or ‘model clauses’ issued by the European Commission and valid as at 31 December 2020 and must instead incorporate the International Data Transfer Agreement or modernised SCCs and International Data Transfer Addendum.

Read More
DCMS SoS?

Handley Gill considers the impact of the new Prime Minister, Liz Truss, and Secretary of State at the Department for Digital, Culture, Media and Sport, for the Online Safety Bill and the Data Protection and Digital Information Bill.

Read More
Rishi’s capital gains?

Former Chancellor and Conservative Party leadership candidate Rishi Sunak’s promise that one of his top priorities will be the removal of the burdens of the GDPR need not be interpreted as a significant departure from the proposals for the Data Reform Bill set out in the Government’s response to the Data: A New Direction consultation, but it will rely on the European Commission adopting equality of approach and not seeking to punish the UK for Brexit.

Read More
Pile Up Ahead?

Handley Gill comments on the Government’s response to the ‘Data: A New Direction’ consultation, which previews the content of the forthcoming Data Reform Bill, and identifies other issues which would merit being addressed in the proposed legislation.

Read More
Nicola CainHandley Gill LimitedPERSONAL DATA, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, DATA PROTECTION ACT 2018, DPA 2018, PECR, PRIVACY AND ELECTRONIC COMMUNICATIONS REGULATIONS, DATA: A NEW DIRECTION, DATA PROTECTION REFORM, BREXIT, NATIONAL DATA STRATEGY, CONVENTION FOR THE PROTECTION OF INDIVIDUALS WITH REGARD TO AUTOMATIC PROCESSING OF PERSONAL DATA, POLITICAL PROCESSING, ARTICLE 6 UK GDPR, SPECIAL CATEGORY PERSONAL DATA, SCHEDULE 1 DATA PROTECTION ACT 2018, ANONYMITY, ANONYMOUS DATA, ARTICLE 4(1) UK GDPR, THE COUNCIL OF EUROPE’S CONVENTION 108, THE COUNCIL OF EUROPE CONVENTION 108, PRIVACY MANAGEMENT PROGRAMME, DATA PROTECTION OFFICER, ARTICLE 37 UK GDPR, DATA PROTECTION IMPACT ASSESSMENT, DPIA, ARTICLE 35 UK GDPR, ARTICLE 30 UK GDPR, RECORDS OF PROCESSING ACTIVITIES, ARTICLE 36 UK GDPR, PRIOR CONSULTATION, ARTICLE 12(5) UK GDPR, MANIFESTLY UNFOUNDED OR EXCESSIVE, VEXATIOUS OR EXCESSIVE, ARTICLE 45(2) UK GDPR, INTERNATIONAL DATA TRANSFERS, ADEQUACY DECISION, S.17B(1) DATA PROTECTION ACT 2018, COOKIES, COOKIE CONSENT, REGULATION 6 PRIVACY AND ELECTRONIC COMMUNICATIONS REGULATIONS, REGULATION 22(2) PRIVACY AND ELECTRONIC COMMUNICATIONS REGULATIONS, SOFT OPT-IN, MARKETING, INFORMATION COMMISSIONER, EXPERT PANEL, ENFORCEMENT, MONETARY PENALTY NOTICE, ARTICLE 15 UK GDPR, DATA SUBJECT ACCESS REQUEST, SUBJECT ACCESS REQUEST, BILL OF RIGHTS, EUROPEAN COURT OF HUMAN RIGHTS, UK SUPREME COURT, SUPREME COURT, EUROPEAN COMMISSION, COMMISSION IMPLEMENTING DECISION C(2021) 4800, Data Protection & Digital Information BillComment