Pension company fine highlights perils of bad advice and non-compliance

ICO fines company for unsolicited emails

Grove Pension Solutions Ltd has been fined £40,000 for sending just over 2 million unsolicited emails. What’s interesting about this case is that a third-party was used to send the emails making use of hosted marketing campaigns. They even checked with a data protection expert and lawyer before instructing the marketing program to be carried …

Read morePension company fine highlights perils of bad advice and non-compliance

When should Data Controllers be auditing their Processors?

third-party data processor due diligence checks

Whilst there has always been a responsibility on Data Controllers (those who collect and determine how personal data is processed) to ensure that their Data Processors (organisations actually doing the processing on the request of the Controller) are compliant (particularly with security) the GDPR upped the liabilities and responsibilities of both Controllers and Processors. Specifically …

Read moreWhen should Data Controllers be auditing their Processors?