Due to popular demand and/or customer complaining, we have recently introduced a large number of new legal document packs on Website Contracts. The packs are particularly useful if you need lots of documents, or if you need different elements from different documents, if you’re not sure exactly which documents you need, or if you just […]
Blog - Page 2 of 14 - SEQ Legal
How I approach cloud contracts negotiations
I’ve been negotiating the legal aspects cloud service contracts for over 15 years. In most negotiations, I represent an SME vendor selling to a corporate customer. In this post, I highlight the principles that inform my approach these negotiations. There won’t be much here of interest to experienced negotiators, but if you are new to […]
Thinking about data sharing agreements
The sharing of personal data by businesses and other organisations is, within Europe and to an extent outside Europe, subject to the General Data Protection Regulation (GDPR). If your organisation is sharing personal data with another organisation, you should be thinking about the legal implications of the sharing. It is useful to categorise sharing in […]
Creating a privacy policy for your WordPress website
All the privacy policy documents (and other templates) on Docular have been updated for the GDPR, and this tool is particularly useful for creating privacy policies for websites operated by business in the UK and EU. Step 1: Create a Docular account First you should create a Docular account, here: https://docular.net/users/register Step 2: Choose your […]
The controller / processor distinction under the GDPR
One of the first steps in any effective GDPR compliance program is to establish the extent to which the subject organisation is a data controller with respect to personal data, and the extent to which it is a data processor. This distinction is fundamental. The legal obligations that apply in relation to controllers are quite […]
New ICO fees
On 20 February 2018, the UK government published changes to the funding of the ICO. The Information Commissioner’s Office (ICO) is an independent body which oversees compliance with data protection legislation in the UK. On 25 May 2018 a new data protection scheme for businesses and organisations throughout the EU comes into effect – this […]
How to write a data breach notification policy
Businesses and other institutions collect and generate vast amounts of data about the individuals with whom they come into contact. Many organisations hold records relating to millions of individuals. Some of this data is highly confidential; and the theft or unauthorised disclosure of even non-confidential this data can cause real damage. Security incidents involving personal […]
How the GDPR will damage personal data security
The GDPR should enhance the protection of personal data across the EU and beyond. That’s one of the core functions of the legislation – along with improved harmonisation of data protection law within the EU. However, having spent much of the last 9 months helping clients to prepare for the GDPR, I’m concerned that the […]
GDPR, sub-processors and authorisations
Article 28(2) GDPR provides that a processor of personal data “shall not engage another processor without prior specific or general written authorisation of the controller. In the case of general written authorisation, the processor shall inform the controller of any intended changes concerning the addition or replacement of other processors, thereby giving the controller the […]
Article 28 of the GDPR: problems for processors
The GDPR*, which will come into force on 25 May 2018, represents a major evolution in EU data protection law. Data subjects’ rights are strengthened across the board, with a concomitant toughening of obligations for data controllers and data processors. In this post, I look in detail at three problems for cloud services providers arising […]