< Zurück zu den aktuellen Neuigkeiten & Events

Retail Scanner

GDPR is here!

Juni 2018

Have you made the necessary changes? In case you have been living under a rock (from a data protection point of view) for the last two years (or two weeks in some cases!), the most significant changes to the rules that govern the handling of personal data took effect on 25th May.

All retailers are only ever a step away from customers’ personal data and the impact these regulations have on the way personal data can be used, makes this subject relevant across the sector. While there has been some hype around huge new fines, no longer being able to use personal data the way you wish, or having to obtain consent for everything, most organisations have taken a pragmatic approach to these changes using them as an opportunity to get its ‘house’ in order and fully understand where and how personal data is stored and used. In many cases, those who have struggled to come to terms with the changes were not complying with the pre-existing regime in any event.

To be confident around compliance, organisations should first take time to understand what personal data they use, how it flows into, around, and out of the organisation, what it does with it and the lawful basis on which it is processed i.e. why is it justified in using it? (consent is one of six grounds). It will then need to check that any personal data is handled in line with the data protection principles, and in accordance with data subjects’ (identifiable living persons) rights. In large organisations, or where processing is large scale, of certain categories or potentially risky this understanding and analysis should all be documented in order to demonstrate compliance.

Alongside this shift in thinking around use of personal data and how it is documented, organisations should look at updating internal and external policies and consent procedures, so that they adequately reflect and, (importantly) clearly communicate how personal data is used. Relevant changes may include notifying data subjects of their updated rights under the GDPR, and advising them of the personal data obtained, together with what is being done with it and the lawful basis, it is being used for. Other updated duties around data breach reporting, the appointment of a Data Protection Officer and the use of Privacy Risk Assessments may also need to be factored in.

Having a complaint made against an organisation (not forgetting the associated impact on brand and customer confidence) continues to be a key risk in this area, and the Information Commissioner will have greater powers under GDPR including enhanced ability to investigate and levy fines. How the Information Commissioner and other European data protection authorities wield these increased powers over the next few months will certainly be of interest and may also prompt those who are behind in compliance to get up to speed.

Aktuelle Neuigkeiten

IP-Zutaten: Kann man einen Geschmack patentieren lassen?

Wenn Sie ein neues Getränk oder Lebensmittel mit einem besonderen Geschmack oder einer besonderen Konsistenz entwickelt haben und sich nicht sicher sind, ob es patentierbar ist, dann könnte dieser Artikel …

Weiterlesen

BioNow-Programm zur Förderung von Innovationen im Gesundheitswesen

HGF ist stolz darauf, am 12. September am BioNow-Event des Greater Manchester Business Growth Hub Health and Life Science Innovation Catalyst in Manchester teilzunehmen. HGF-Partner und Leiter der Chemieabteilung Andrew …

Weiterlesen

Die Zukunft gestalten: 3D-Betondruck im modernen Bauwesen

Anfang des Jahres habe ich meine Gedanken über die Bedeutung von Innovationen für die Bauindustrie beim Aufbau einer nachhaltigen Zukunft (hier) geteilt. Ein Bereich, in dem es bereits eine Vielzahl …

Weiterlesen

HGF für die Auszeichnung „Leadership Training Programme of the Year“ in Europa (ohne Großbritannien) bei den Legal Benchmarking Group Social Impact EMEA Awards 2024 nominiert

HGF ist stolz darauf, für die Auszeichnung „Leadership Training Programme of the Year“ in Europa (ohne Großbritannien) bei den Legal Benchmarking Group Social Impact EMEA Awards 2024 nominiert zu sein. …

Weiterlesen

Dresden & Salzburg Seminar: Erfolgreicher Patentschutz in Europa – Von der Anmeldung bis zur Verteidigung

HGF freut sich, Sie zu unserem kommenden deutschsprachigen Seminar zum Thema „Erfolgreicher Patentschutz in Europa – von der Anmeldung bis zur Verteidigung“ in Salzburg und Dresden einzuladen. Das Seminar bietet …

Weiterlesen

Agritech Thymes: Einer der ältesten Rebsortenschutzrechte in Europa wird für ungültig erklärt

Die italienischen Gerichte verhandelten kürzlich einen Fall der Verletzung eines Sortenschutzrechts (PVR) von Sun World International LLC zum Schutz der Rebsorte Sugraone und der entsprechenden Marke „Superior Seedless“. Die Angeklagten: …

Weiterlesen