Tag Archives: Processors

Updated ICO guidance on handling special category data

On 14 November 2019, the Information Commissioner’s Office (ICO) published guidance (link here for organisations that process special category personal data (the Guidance). Previously, organisations tended to focus only on GDPR article 9 processing bases when processing special category personal data. Following this update from the ICO, organisations are reminded that they must have both … Continue Reading

ICO publishes draft guidance on contracts and liabilities under the GDPR

The UK’s Information Commissioner (ICO) has published draft GDPR guidance on contracts and liabilities between controllers and processors. The draft guidance is currently open for consultation,with responses due by 10 October 2017. The purpose of the guidance is to help organisations understand what needs to be included in written contracts between controllers and processors under … Continue Reading

Binding Corporate Rules for Processors

The Article 29 Working Party (the “Working Party”) has issued a Working Document intended as a “toolbox” for the use of Binding Corporate Rules (“BCRs”) for Processors aimed at both companies and data protection authorities. This document describes the conditions which must be met and includes a full checklist of requirements. The intention is that … Continue Reading