Our Compliance and Deliverability Director, Tim Roe, the Chair of the DMA GDPR task force, has put together this list of useful links from industry bodies, plus a lot of information he has written himself. Don’t forget he offers GDPR consultancy – so get in contact for more information.
The following articles are digestible blogs and guides written by a myriad of experts, however scroll to the end of this list for the documents our Compliance Director can’t live without, they may be less digestible, but they are crucial!
We will be updating this list over time, so do check back!
Tim's blogs on Econsultancy
Moving On From GDPR: Being Transparent And Using It To Your Advantage
Data Protection Impact Assessments & the GDPR: The Lowdown
Cutting out the crap – the truth about the GDPR consent
Focus on GDPR, but ignore e-Privacy at your peril
RedEye’s own GDPR content
Blog: GDPR, time to move on
Video: GDPR - Where do I start?
Video: What can your customers expect from you after GDPR?
Video: Is a Data Protection Officer essential for GDPR?
Video: GDPR - Tell me more about consent and legitimate interest
Video: Actionable GDPR advice from the experts: RedEye & Smart Insights Webinar
Blog: What is GDPR and why is it important?
Infographic: Getting prepared for GDPR – A 12-step guide
Blog: CDP & GDPR – A match made in Scrabble heaven
Blog: Marketing consent and the GDPR – No really means no!
Blog: Last Things First, Do I Need Consent, Or Can I Use Legitimate Interest?
Blog: Data Protection Impact Assessments & the GDPR: The Lowdown
White paper: What You Need to Know About GDPR and Marketing
White paper: GDPR Checklist: The Key Actions to Take
Great resources from the DMA
GDPR for marketers: The essentials
GDPR for marketers: Accountability
The DMA’s own hub of resources to help you get prepared
GDPR checklist for getting prepared
Privacy notices - Why are they important to the GDPR?
A data audit - The first step in GDPR compliance
Resources from the Information Commissioner’s Office
The ICO’s overview of the GDPR
Preparing for the General Data Protection Regulation – 12 steps to take now
Privacy notices, transparency and control – A code of practice on communicating privacy information to individuals
Documents he can’t live without…seriously he carries these around in his bag day-to-day
Article 29 data protection working party - Opinion 06/2014 on the notion of legitimate interests of the data controller
Guidelines on Consent under Regulation 2016/679
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (1)
Article 29 data protection working party - Opinion 01/2017 on the Proposed Regulation for the ePrivacy Regulation
Centre for Information Policy Leadership - Risk, High Risk, Risk Assessments and Data Protection Impact Assessments under the GDPR
Article 29 data protection working party - Opinion 4/2007 on the concept of personal data
Information and Privacy Commissioner of Ontario – Privacy by Design
The Institute of Internal Auditors – Assessing the Adequacy of Risk Management
Centre for Information Policy Leadership - Examples of Legitimate Interest Grounds for Processing of Personal Data
Article 29 data protection working party - Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679
European Data Protection Supervisor - Opinion on the Proposal for a Regulation on Privacy and Electronic Communications (ePrivacy Regulation)
Regulation of the European Parliament and of the Council - Concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)
Information Commissioner’s Office – ICO GDPR Guidance: Contracts and liabilities between controllers and processors