Presentation is loading. Please wait.

Presentation is loading. Please wait.

Revisited under the GDPR Hugh Jones - Sytorus

Published byLanny Tanudjaja Modified over 5 years ago

Similar presentations

Presentation on theme: "Revisited under the GDPR Hugh Jones - Sytorus"— Presentation transcript:

1 Revisited under the GDPR Hugh Jones - Sytorus
Transparency Revisited under the GDPR Hugh Jones - Sytorus

2 Principle of Transparency
Not just at the point of data acquisition Applies throughout the data life cycle Fundamental to the Principles of Fairness and Accountability Challenges the expectations being set with Data Subjects Controller must be able to demonstrate transparency of processing Information must be accessible and understandable

3 Entire Life Cycle before or at the start of the data processing cycle i.e. when the personal data is being collected either from the data subject or otherwise obtained; throughout the whole processing period i.e. when communicating with data subjects about their rights; and at specific points while processing is ongoing, for example: when data breaches occur, or when information is requested, or in the case of material changes to the processing.

4 Transparency Defined? Not specifically defined in the articles of the GDPR Recital 39, however, provides some clarification Information in relation to the data processing should be: easily accessible and easy to understand, that clear and plain language be used. Clarity in relation to the identity of the controller Explanation of the purposes of the processing Information to ensure fairness in respect of the natural persons concerned Clarity on the Subject’s right to obtain confirmation and communication of processing

5 Transparency inferred
GDPR Articles in relation to Subject Rights indicate characteristics Information in relation to processing: must be concise, transparent, intelligible and easily accessible (Article 12.1); clear and plain language must be used (Article 12.1); particularly when providing information to children (Article 12.1); it must be in writing “or by other means, including ….by electronic means” (Article 12.1); where requested by the data subject it may be provided orally (Article 12.1) ; and it must be provided free of charge (Article 12.5).

6 Transparency Tips – what to do
Avoid language qualifiers (“may”, “might”, “some”, “often”, “possible”) Short, structured sentences and paragraphs Active, rather than passive language Should not be technical or legalistic Any translations should be consistent with the original Vocabulary, tone and style should suit the intended audience Provided clearly in writing, or using standardised icons and images

7 Transparency Tips – What to avoid
Imprecise, not easily understood by the intended audience “Words of two syllables or less” – avoid complex language Information is overly technical, avoid ‘information fatigue’ Not mixed in with contract T&C’s No Privacy Statement / Fair Processing Notice / FAQ’s Unclear scope and consequences of processing Failure to provide Article 13 and 14 explanations Explanation is hidden or difficult to navigate

8 Data Protection Consultancy and Assessments Tailored training courses
Privacy Engine portal DPIA, PAL Capability Tracks Risks, SAR’s, Breach Reporting Repository for contracts, policies, training Full suite of DPO Reporting templates Contact us at

Download ppt "Revisited under the GDPR Hugh Jones - Sytorus"

Similar presentations

Specification Writing Presentation Training & Development.

Specification Writing Presentation Training & Development.
Policy Development – Helpful Hints School Councils

Policy Development – Helpful Hints School Councils
Reporting to Parents’ Presentation for Primary Schools

Reporting to Parents’ Presentation for Primary Schools
Policy Overview Policy Management Practices: A How to Guide & Best Practices.

Policy Overview Policy Management Practices: A How to Guide & Best Practices.
GCSE UNIT 1 EXAM June 2015. Timing Section A is 1hr 15mins 15mins reading time to be spread equally across the 4 questions Q1/2/3- 15mins each (inc reading)

GCSE UNIT 1 EXAM June Timing Section A is 1hr 15mins 15mins reading time to be spread equally across the 4 questions Q1/2/3- 15mins each (inc reading)
APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.

APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.
7 C’s of Effective Communication. The seven C’s 4 When We talk about “ Effective Communication” one thing that comes in mind, what are the basic principles.

7 C’s of Effective Communication. The seven C’s 4 When We talk about “ Effective Communication” one thing that comes in mind, what are the basic principles.
General Data Protection Regulation (EU 2016/679)

General Data Protection Regulation (EU 2016/679)
Data Protection Regulation

Data Protection Regulation
GDPR 12 POINTS 679/2016 DATA LEX 2016.

GDPR 12 POINTS 679/2016 DATA LEX 2016.
UNHCR‘s Policy on the Protection of Personal Data of Persons of Concern - An introduction (October 2016)

UNHCR‘s Policy on the Protection of Personal Data of Persons of Concern - An introduction (October 2016)
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
Accountability & Structured Privacy Management

Accountability & Structured Privacy Management
EU Data Protection Reform: An ICO Perspective

EU Data Protection Reform: An ICO Perspective
INTERNAL AUDIT REPORTS

INTERNAL AUDIT REPORTS
Preparing for a data protection audit 28 September 2017

Preparing for a data protection audit 28 September 2017
9 tips for writing a school policy

9 tips for writing a school policy
Viewing the GDPR Through a De-Identification Lens

Viewing the GDPR Through a De-Identification Lens
General Data Protection Regulation

General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

Similar presentations

Ads by Google