On Thursday 25th May Susan Corless, our Client Relationship and Email Marketing Manager, attended the Data Protection Networks ‘GDPR Countdown: one year to go – will your marketing be legal?’, held at The Unilever building in London. The event aimed to raise awareness of the impending General Data Protection Regulation set to come into play in May 2018, with information and guidance for businesses about how to prepare and ensure they're compliant when the time comes.
The speakers at the event were:
Robert Bond, Partner Bristows LLP & Chairman of the DPN Governance Board
Stephen McCartney, Director of Information Governance & Data Protection Officer at the Royal Mail Group
Rosemary Smith, Owner of Opt-4 & Co-founder of the Data Protection Network
Robert and Stephen focused on the legal grounds for processing data, specifically Legitimate Interest, while Rosemary focussed on the ePrivacy Regulation.
- When you rely on grounds of legitimate interest, the rights of the data subject exclude the right to data portability and the right of erasure.
- To process under grounds of legitimate interest, the processing has to be necessary.
- Businesses must have a relevant & appropriate relationship to use grounds of legitimate interest - so there must be a connection between the data subject and the controller. This doesn’t have to be direct, although it would be incredibly hard, if not impossible, to find a way to make this work for third party data, given no connection is in place.
- The new ePrivacy Regulation is also planned for May 2018, on course to be delivered in line with GDPR.
- This new regulation will cover more channels – digital, cookies, behavioural targeting, mobile devices etc - and may also cover B2B email addresses, though as yet unconfirmed.
The full slides from the session can be found on the Data Protection Network website (free registration required). For more information about GDPR and to read the latest updates from the ICO, click here.