The Article 29 Working Party (referred to as “WP29”) is made up of a representative from the data protection authority of each EU Member State, the European Data Protection Supervisor and the European Commission. The composition and purpose of WP29 were set out in Article 29 of the Data Protection Directive, and it was launched in 1996. WP29’s mission is to provide expert advice to the EU Member States regarding data protection and promote the consistent application of the Data Protection Directive.
A group of experts in data protection from EU member states who provide advice on lawmakers regarding GDPR.
Any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
The individual giving a clear indication that they are happy for their data to be used in the way expressed at the point of collection.
A data protection officer (DPO) is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.
Someone who is responsible for your organisation’s data protection, GDPR compliance and ensuring the individuals' rights are met during the controlling and processing period of their data being stored.
The Data Controller is a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal
The Data Controller is someone who decides what happens to the individual’s data held.
In relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
The Data Processing performs the request made by the Data Controller.
The Data Subject is a living individual to whom personal data relates.
Referencing a person whose data can be related back to them.
Legitimate interests are the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate.
It is likely to be most appropriate where you use people’s data in ways they would reasonably expect, and which have a minimal privacy impact, or where there is a compelling justification for the processing.
The lawful basis for processing is based on identifying the interests and rights of the data subject in question. Deciding whether the marketing material you are sending is the most appropriate basis ensuring that the processing is low risk and not likely to cause the individual harm.
Any information relating to an identified/identifiable individual, whether it relates to his or her private, professional, or public life.
Any data which reveals the identity of the individual.
Privacy by design is an approach to projects that promotes privacy and data protection compliance from the start. Unfortunately, these issues are often bolted on as an after-thought or ignored altogether.
Privacy by design means having the mindset that privacy and data compliance is at the forefront of all aspects of data controlling or handling from the outset, rather than introducing the protocols further down the line.
In relation to information or data means obtaining, recording or holding the information or data or carrying out any operation or set of operations on the information or data.
Processing can include organisation, adaptation or alteration of the information or data. Retrieval, consultation or use of the information or data, disclosure of the information or data by transmission. Dissemination or otherwise making available, or alignment, combination, blocking, erasure or destruction of the information or data.
Any form of automated processing of personal data using it to evaluate, analyse or predict certain personal aspects of a natural person.
Processing the data in an automated way which you can then evaluate, analyse or predict traits of a natural person. Examples of profiling explicitly listed in the text of the GDPR are performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
The processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.
A procedure by which the most identifying fields within a data record are replaced by one or more artificial identifiers or pseudonyms. There can be a single pseudonym for a collection of replaced fields or a pseudonym per replaced field.
The Data Protection Act (DPA) will be the new act of the United Kingdom (UK) Parliament aligning with GDPR, giving information about personal data that can be legally used and handled.
The Data Protection Act, due to come into force on the 25th of May 2018, will be the updated version of the current DPA 1998. This DPA will mirror regulations set out in the GDPR ensuring the UK's ability to process, control and transfer data abiding by the EU rules.
The Data Protection Act 1998 (DPA 1998) is an act of the United Kingdom (UK) Parliament defining the ways in which information about living people may be legally used and handled. The main intent is to protect individuals against misuse or abuse of information about them.
The current laws on data protection introduced in 1998 by the UK government outlining how personal information can be used by organisations or individuals
The Data Protection Bill was published on 14 September 2017 and aims to modernise data protection laws to ensure they are effective in the years to come.
A bill is the draft of a legislative proposal, which, when passed by both houses of Parliament and assented to by the President, becomes an Act of Parliament.
The Data Protection Bill is the draft/proposal of what parliament wants to do regarding Data Protection. The Bill is discussed and debated in which amendments can be made. Once the bill has been agreed, the process begins to turn the bill into law or an act.
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR begins officially on the 25th of May 2018.
A set of rules/guidelines produced within the European Union outlining new rights to individuals regarding their personal data being used.
The GDPR will then be introduced into each countries legislation turning it into law retrospectively.
The Information Commissioner's Office (ICO; stylised as ico.) in the United Kingdom, is a non-departmental public body that reports directly to Parliament and is sponsored by the Department for Digital, Culture, Media and Sport (DCMS).
The authority who polices, advises and assists with any data-related issues.
"The Influence Salestracker has had on my team is excellent, the financial information is invaluable, it optimizes them to achieve the best results they possibly can."
Zac Nedimovic - Sales and Marketing Manager
"VBH chose Insight Data Salestracker as it gives us a full scope of data on fabricators and installers of PVC-u, aluminium and timber window and door products."
Simon Monks - Managing Director
"We chose Insight Data as they have detailed information on fenestration companies allowing us to segment customers better and target them according to what products they are likely to use."
Jenny Read - Marketing Manager
"We have been using Salestracker religiously. We use it to record all the visits we make, it has been instrumental in our growth over the past 4 years."
Gareth Mobley - Managing Director