Big Data for Mutuals. Marc Dautlich 25 November 2013
|
|
- Oscar Fitzgerald
- 8 years ago
- Views:
Transcription
1 Big Data for Mutuals Marc Dautlich 25 November 2013
2 Agenda BIG DATA What is it? OPPORTUNITIES What are they? LEGAL CHALLENGES How do we overcome them? LEGAL REFORM What can we do now to minimise impact?
3 Big Data What is it?
4
5
6 What is Big Data? data sets that are too large and complex to manipulate or interrogate with standard methods or tools: much IT investment is going towards managing and maintaining big data
7 What is Big Data? Commercial "aggregation, mining, and analysis" of very large, complex and unstructured datasets
8 Buying and selling Big Data Source: Tata Consultancy Services
9 Buying and selling Big Data Source: Financial Times, 13 June 2013
10 Opportunities What are they?
11
12
13 Regulatory Change RDR will push 43 million into advice gap Auto-enrolment: A new generation
14 Profiling Geolocation / daily routine Television viewing Current health data Leisure habits Age and lifestyle of dependents Employment prospects Credit rating Shopping habits Gender Marital status Age Wealth Health Risk appetite Google searches Website browsing
15
16 Big Data Opportunities for Mutuals Big Data-driven marketing? Big Data-driven product development? Big Data-driven risk management?
17
18 Legal Challenges How do we overcome them?
19 Legal Challenges Data protection restrictions attaching to personal data Ownership rights: who owns arrangements of data alteration or license of rights by contract
20 Data Protection and Privacy Using Big Data Back to basics Transparency requirements Marketing rules Storing big data Security requirements The cloud
21 KEY CONCEPTS
22 Profiling: Processing Personal Data? Data Protection Act 1998 controls the way in which the personal data of data subjects is used by data controllers or processed on their behalf by data processors Personal Data is personal information is information which: is about a living person and affects that person s privacy in the sense that the information has the person at its focus and is biographical in nature identifies a person whether by itself, or together with other information in the organisation s possession (or likely to come into its possession) structured files
23 Key Themes Fairness Transparency Choice Individual rights and redress Data quality Security Processing must be fair and lawful No unwarranted prejudice Purpose limitation Fair processing / data protection notices and privacy Consent: specific, fully informed and freely given Right to object to certain types of processing Access to personal data Right to compensation Accurate and up-to-date Relevant and not excessive Not kept for longer than is necessary Appropriate security measures Adequate protection for extra EEA transfers
24 MARKETING RULES
25 Profiling for Direct Marketing Purposes Transparency requirements What marketing is being carried out By what means (eg Telephone, fax, SMS, ) By which organisations (intragroup, carefully selected third parties) Direct marketing rules (PECR) Notify that consents for the time being ( /sms/mms) soft opt-in ( /sms/mms) opt-out (telephone)
26 Marketing Consents: Where there is No Valid Consent Not all communications are marketing communications Customers can be contacted with service communications Must be factual rather than promotional Avoid prize incentives and text suggesting that the customer is missing out because they have opted out of marketing Virgin
27 Refresh of Marketing Consents New marketing significantly and genuinely departs from marketing being carried out at the time of the opt out Overriding customer service justification (targeted and specific) Customers are not required to do anything to retain existing marketing preferences
28 Managing the Risk Compliance Privacy by design Customers expectations and control
29 DATA SECURITY
30 The 7th Principle Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
31 Safe Storage of Data State of technology Cost appropriate technical and organisational measures Nature of the data Reliability of employees Harm 31
32 Appointing a Data Processor Due diligence Data processor providing sufficient guarantees in respect of the technical and organisational security measures governing the process to be carried out Monitoring Take reasonable steps to ensure compliance with those measures Written contract Data processor is required only to act on the instructions of data controller Impose the seventh principle obligations upon the data processors
33 Cases of Data Protection Breach by Principle Proportionality 4. Data Quality 5. Data Retention 7. Data Security
34 Breach of Principle 7 Data Security
35 Vendors and associated legal issues
36
37 Data and the Cloud Data security International transfers Standard terms US PATRIOT Act and other local laws Plan for exit
38 Cloud: Managing the Risks Weak negotiating positions / standard terms Identify security focussed suppliers Data security a deal breaker Location of storage Extra EEA transfers Health data? Audit obligations?
39 LEGAL REFORM What can we do now to minimise impact?
40 EU Data Protection Regulation One Regulation to Rule Them All
41 Regulation Objectives Consistency Harmonisation of data protection laws and enforcement across member states Setting up a one-stop shop in each member state for the resolution of data protection issues Cost savings?
42 Consent Big Data constraints Consent/Other legal basis for processing: legitimate interest now more or less back in the current position relating to legitimate interests under the EU Data Protection Directive 95/46/EC Amendment to the definition of consent to include a purpose limitation: consent is no longer valid when the purpose for the processing ceases or as soon as the processing is no longer necessary to carry out the purpose for which the personal data was originally collected
43 MARKETING
44 Changes that Impact on Marketing Rules Expanded definition of personal data Focuses solely on the identifiability or the potential identifiability of the data subject Other data now included: location data and online identifiers, biometric data etc Requirement for explicit consent Either by a statement or by a clear affirmative action Burden of proof on data controller Profiling Consent required or suitable safeguards where profiling concerns or significantly affects the data subject
45 Managing the Risk Privacy policies / data protection notices Consent mechanism Compliance Keep marketing preferences under review Privacy by design Customers expectations and control
46 DATA SECURITY
47 Data Security: Contracts with Data Processors Data processors also have statutory obligations Immediately to notify the data controller of a security breach Support the data controller to comply with its obligations Contracts with data processors Expanded mandatory provisions International Transfers: Can no longer rely on selfassessment
48 Impact on negotiations with cloud providers Processors now very motivated to specify exactly the limits of their remit Blurring responsibilities of the controller and processor Preserving liability status quo Who will drive market practice?
49 Data Security: Breach Notification Mandatory notification All breaches to be notified Without undue delay and, where feasible, within 24 hours (latest proposal: breaches that severely affect...within 72 hours) Notify individuals affected where breach likely adversely to affect them Fines: up to 2% of global turnover (including for failure to notify)
50 Prevention or Cure? Many current security incidents uncover OTHER data protection breaches (eg of the retention principle) Meeting the 72 hour deadline for notification where feasible will be a triumph of planning and rehearsal Rehearse now, while the regime is still voluntary
51 Questions? Marc Dautlich E: DDI:
52 Pinsent Masons LLP is a limited liability partnership registered in England & Wales (registered number: OC333653) authorised and regulated by the Solicitors Regulation Authority, and by the appropriate regulatory body in the other jurisdictions in which it operates. The word partner, used in relation to the LLP, refers to a member of the LLP or an employee or consultant of the LLP or any affiliated firm of equivalent standing. A list of the members of the LLP, and of those non-members who are designated as partners, is displayed at the LLP s registered office: 30 Crown Place, London EC2A 4ES, United Kingdom. We use 'Pinsent Masons' to refer to Pinsent Masons LLP, its subsidiaries and any affiliates which it or its partners operate as separate businesses for regulatory or other reasons. Reference to 'Pinsent Masons' is to Pinsent Masons LLP and/or one or more of those subsidiaries or affiliates as the context requires. Pinsent Masons LLP 2013 For a full list of our locations around the globe please visit our websites:
FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS
FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),
More informationFinancial Regulation: An overview of the FCA s proposal of the new Consumer Credit regime October 2013
Financial Regulation: An overview of the FCA s proposal of the new Consumer Credit regime October 2013 Consultation Paper 13/10: Detailed Proposals for the FCA regime for Consumer Credit In early October
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationAlixPartners, LLP. General Data Protection Statement
AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection
More informationWHISTLEBLOWING: Legislative changes, possible reforms and case law update. Euan Smith
WHISTLEBLOWING: Legislative changes, possible reforms and case law update Euan Smith Why is a Whistleblowing Policy Important? PIDA and public policy legislation only intended as a backstop Compliance
More informationThe Data Protection Landscape. Before and after GDPR: General Data Protection Regulation
The Data Protection Landscape Before and after GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection)
More informationClause 1. Definitions and Interpretation
[Standard data protection [agreement/clauses] for the transfer of Personal Data from the University of Edinburgh (as Data Controller) to a Data Processor within the European Economic Area ] In this Agreement:-
More informationVORTRAGSREIHE. Transfer of Undertakings and Restructuring A View from both Sides of the Channel
VORTRAGSREIHE Donnerstag, 19. März 2015 / 18.30 Uhr Transfer of Undertakings and Restructuring A View from both Sides of the Channel Referenten: Neil Black Pinsent Masons LLP Manfred Schmid Pinsent Masons
More informationCyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen
Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or
More informationBIG DATA. WHAT S YOUR STRATEGY?
TMT Insight Autumn 2013 BIG DATA. WHAT S YOUR STRATEGY? BIG DATA: WHAT S YOUR STRATEGY? INTRODUCTION WE ARE WITNESSING A DATA EXPLOSION THAT IS HAVING AS PROFOUND AN IMPACT ON OUR WAY OF LIFE AS THE LAUNCH
More informationThe Most Innovative Law Firm in Europe. Corporate Seminar programme 2016
The Most Innovative Law Firm in Europe Corporate Seminar programme 2016 Corporate Seminar programme 2016 Set out in the following pages is a selection of the seminars Pinsent Masons Corporate Group is
More informationPrivacy and Electronic Communications Regulations
ICO lo Notification of PECR security breaches Privacy and Electronic Communications Regulations Contents Introduction... 2 Overview... 2 Relevant security breaches... 3 What is a service provider?... 3
More informationMulti-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015
Multi-Jurisdictional Study: Cloud Computing Legal Requirements Julien Debussche Associate January 2015 Content 1. General Legal Framework 2. Data Protection Legal Framework 3. Security Requirements 4.
More informationtechnical factsheet 176
technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection
More informationFinancial Regulation. Consultation Paper 13/13: The FCA s regulatory approach to crowdfunding (and similar activities) November 2013
Financial Regulation Consultation Paper 13/13: The FCA s regulatory approach to crowdfunding (and similar activities) November 2013 5926 Pinsent Masons Financial Regulation In the Entrepreneurship 2020
More informationData and Cyber Laws Up-date 9 July 2015
Data and Cyber Laws Up-date 9 July 2015 Janine Regan Alexia Zuber Viktoria Protokova Simon Holdsworth charlesrussellspeechlys.com Topics Updates on the key aspects of, and commentary on, the proposed GDPR
More information1. Introduction. 2. Sectoral Areas Affected. 3. Data Security. 4. Data Breach Requirements. 5. Traffic Data
1. Introduction Special data protection rules apply to the protection of Personal Data by Data Controllers in the electronic communications sector. These are in addition to the general obligations that
More informationFirm Registration Form
Firm Registration Form Firm Registration Form This registration form should be completed by firms who are authorised and regulated by the Financial Conduct Authority. All sections of this form are mandatory.
More informationSecurity breach! A closer look from a data protection law perspective November 2014 Gabriel Voisin (Associate)
Security breach! A closer look from a data protection law perspective November 2014 Gabriel Voisin (Associate) Why is this a challenge? When personal data is compromised, mandatory or recommended notification
More informationData Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document
Data Protection Processing and Transfer of Personal Data in Kvaerner Binding Corporate Rules Public Document 1 of 19 1 / 19 Table of contents 1 Introduction... 4 1.1 Scope... 4 1.2 Definitions... 4 1.2.1
More informationChallenges faced and practical techniques for managing a dispersed or virtual team
Challenges faced and practical techniques for managing a dispersed or virtual team Rona Blair Pinsent Masons LLP BIALL 2015 Dispersed teams Recognise this? Body Language Agile working Plantronics Smarter
More informationComments and proposals on the Chapter II of the General Data Protection Regulation
Comments and proposals on the Chapter II of the General Data Protection Regulation Ahead of the trialogue negotiations in September, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International
More informationProcessor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries
Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.
More informationSecurity breaches: A regulatory overview. Jonathan Bamford Head of Strategic Liaison
Security breaches: A regulatory overview Jonathan Bamford Head of Strategic Liaison Security breaches and the DPA Data controllers security obligation - principle 7 of the DPA o Appropriate technical and
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services
More informationData Protection in Ireland
Data Protection in Ireland 0 Contents Data Protection in Ireland Introduction Page 2 Appointment of a Data Processor Page 2 Security Measures (onus on a data controller) Page 3 8 Principles Page 3 Fair
More informationhttp://www.pcpd.org.hk/english/publications/files/gn_insurance_e.pdf
Briefing Data privacy regulation: Spotlight on Hong Kong insurers Summary Two recent regulatory initiatives will place the Hong Kong insurance industry s use and handling of personal data under greater
More informationPersonal Data Protection Policy
Personal Data Protection Policy Please take a moment to read the following Policy. If there is anything you do not understand then please contact us. We are committed to protecting privacy. This Personal
More informationData Protection Avoiding Information Commissioner Fines. Caroline Egan 5 June 2014
Data Protection Avoiding Information Commissioner Fines Caroline Egan 5 June 2014 Why is data protection a hot topic in pensions? Pension schemes hold large amounts of personal data Individuals more aware
More information1 Data Protection Principles
Today, our personal information is being collected, shared, stored and analysed everywhere. Whether you are browsing the internet, talking to a friend or making an online purchase, personal data collection
More informationDATA PROTECTION POLICY
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
More informationHOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU
HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU 10 April 2014 Monica Salgado Advogada registered with the Portuguese Ordem dos Advogados Registered European Lawyer with the SRA Kirsti Laird Solicitor, (qualified
More informationHealth and Safety Legal Update. Laura Cameron
Health and Safety Legal Update Laura Cameron Introduction Corporate Manslaughter update Individual Responsibility Sentencing Guidelines Horizon Scanning Health and Safety: Corporate Homicide Corporate
More informationMIS Privacy Statement. Our Privacy Commitments
MIS Privacy Statement Our Privacy Commitments MIS Training Institute Holdings, Inc. (together "we") respect the privacy of every person who visits or registers with our websites ("you"), and are committed
More information(a) the kind of data and the harm that could result if any of those things should occur;
Cloud Computing This information leaflet aims to advise organisations on the factors they should take into account in considering engaging cloud computing. It explains the relevance of the Personal Data
More informationBinding Corporate Rules ( BCR ) Summary of Third Party Rights
Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting
More informationPrivacy and Cloud Computing for Australian Government Agencies
Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy
More informationOverview. Data protection in a swirl of change 28.03.2014. Cloud computing. Software as a service. Infrastructure as a service. Platform as a service
Data protection in a swirl of change Overview 1 Data protection issues in cloud computing 2 Consent for mobile applications Security Seminar 2014: Privacy Radboud University Nijmegen 3 The WhatsApp case
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationMEMBI PRIVACY POLICY
MEMBI 1 PURPOSE OF OUR POLICY 1.1 Membi Limited (Company Number 09775238) of 396a Kingston Road, Kingston Road, London SW20 8LL, United Kingdom (Membi, we, us or our) provides the services offered on the
More informationPersonal Data (Privacy) (Amendment) Ordinance 2012 - Use and Sale of Personal Data for Direct Marketing.
July 2012 Personal Data (Privacy) (Amendment) Ordinance 2012 - Use and Sale of Personal Data for Direct Marketing. Contents Introduction On 27 June 2012, Hong Kong s Legislative Council ( LegCo ) passed
More informationLast updated: 30 May 2016. Credit Suisse Privacy Policy
Last updated: 30 May 2016 Credit Suisse Please read this privacy policy (the ) as it describes how we intend to collect, use, store, share, and safeguard your information. By accessing, visiting or using
More informationFIRST DATA CORPORATION SUMMARY: BINDING CORPORATE RULES FOR DATA PRIVACY AND PROTECTION
FIRST DATA CORPORATION SUMMARY: BINDING CORPORATE RULES FOR DATA PRIVACY AND PROTECTION SUMMARY: BINDING CORPORATE RULES FOR DATA PRIVACY AND PROTECTION v 1.3 Supersedes: v 1.2 Summary Owner: Corporate
More informationData Protection for Charities
Data Protection for Charities CFG 15 May 2014 Overview Overview and key definitions The data protection principles Fair and lawful processing Data security and outsourcing Rights of data subjects Recent
More informationA Guide to Corporate Governance for QFC Authorised Firms
A Guide to Corporate Governance for QFC Authorised Firms January 2012 Disclaimer The goal of the Qatar Financial Centre Regulatory Authority ( Regulatory Authority ) in producing this document is to provide
More informationAuthorisation Requirements and Standards for Debt Management Firms
2013 Authorisation Requirements and Standards for Debt Management Firms 2 Contents Authorisation Requirements and Standards for Debt Management Firms Contents Chapter Part A: Authorisation Requirements
More informationINTERNATIONAL SOS. Data Protection Policy. Version 1.05
INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 Revised: 2015 All copyright in these materials are reserved to AEA
More informationHong Kong IPO Sponsor Reforms.
December 2012 Hong Kong IPO Sponsor Reforms. Background The Securities and Futures Commission (the SFC ) published on 12 December 2012 its Consultation Conclusions on the Regulation of IPO Sponsors (the
More informationIndicative Requirements for Cloud Service Providers. connect communicate collaborate
Requirements Document Cloud Services connect communicate collaborate www.geant.net This document has been produced with the financial assistance of the European Union. The contents of this document are
More informationPosition of the retail and wholesale sector on the Draft Data Protection Regulation in view of the trilogue 2015
2 September 2015 Position of the retail and wholesale sector on the Draft Data Protection Regulation in view of the trilogue 2015 We support the efforts of EU legislators to create a harmonised data protection
More informationTERMS OF BUSINESS FROM ROYAL LONDON INCORPORATING OUR TRADING NAME SCOTTISH PROVIDENT
For advisors only TERMS OF BUSINESS FROM ROYAL LONDON INCORPORATING OUR TRADING NAME SCOTTISH PROVIDENT Protection DOING BUSINESS TOGETHER 1. Our terms of business set out the conditions upon which we
More informationEvolve Financial Solutions Mortgage & Insurance Services & Costs
Evolve Financial Solutions Mortgage & Insurance Services & Costs Authorisation Statement Evolve Financial Solutions is Authorised and Regulated by the Financial Conduct Authority (FCA). The FCA regulates
More informationCorporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data
Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data *) For the purposes of these Corporate Guidelines, Third Countries are all those countries, which do not
More information2014 No. ELECTRONIC COMMUNICATIONS. The Data Retention Regulations 2014
Draft Regulations laid before Parliament under section 2(5) of the Data Retention and Investigatory Powers Act 2014, for approval by resolution of each House of Parliament. D R A F T S T A T U T O R Y
More informationBRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS
BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and
More informationData Protection and Cloud Computing: an Overview of the Legal Issues
Data Protection and Cloud Computing: an Overview of the Legal Issues Christopher Kuner Partner, Hunton & Williams, Brussels Research Assistant, University of Copenhagen Nordic IT Law Conference Copenhagen,
More informationThe HR Skinny: Effectively managing international employee data flows
The HR Skinny: Effectively managing international employee data flows Topics we will cover today Laws affecting HR data flows HR international data protection challenges and strategic solutions Case study
More informationENA SHE12 Major Incident H&S Aspects a Lawyer s perspective. Kevin Bridges Partner and Chartered Safety and Health Practitioner
ENA SHE12 Major Incident H&S Aspects a Lawyer s perspective Kevin Bridges Partner and Chartered Safety and Health Practitioner Implement an Incident Response Protocol Covering: - Escalating incidents internally
More informationOVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively.
Joint work between experts from the Article 29 Working Party and from APEC Economies, on a referential for requirements for Binding Corporate Rules submitted to national Data Protection Authorities in
More informationDublin City University
Dublin City University Data Protection Policy Data Protection Policy Contents Purpose... 1 Scope... 1 Data Protection Principles... 1 Disclosure of Personal Data... 2 Summary of Responsibilities... 3 Rights
More informationBusiness Associate Agreement
Business Associate Agreement This Business Associate Agreement (the Agreement ) is made by and between Business Associate, [Name of Business Associate], and Covered Entity, The Connecticut Center for Health,
More informationInfinedi HIPAA Business Associate Agreement RECITALS SAMPLE
Infinedi HIPAA Business Associate Agreement This Business Associate Agreement ( Agreement ) is entered into this day of, 20 between ( Company ) and Infinedi, LLC, a Limited Liability Corporation, ( Contractor
More information23/1/15 Version 1.0 (final)
Information Commissioner s Office response to the Cabinet Office s consultation on the proposal to amend the Privacy and Electronic Communications (EC Directive) Regulations 2003 ( PECR ), to enable the
More informationAlign Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved.
Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION
More informationAdvice Note. An overview of civil proceedings in England. Introduction
Advice Note An overview of civil proceedings in England Introduction There is no civil code in England; English civil law comprises of essentially legislation by Parliament and decisions by the courts.
More informationAlign Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved.
Align Technology Data Protection Binding Corporate Rules Processor Policy Confidential Contents INTRODUCTION TO THIS POLICY 3 PART I: BACKGROUND AND ACTIONS 4 PART II: PROCESSOR OBLIGATIONS 6 PART III:
More informationmeans the Eligibility Criteria set forth in clause 4 of these Rules.
LIQUIDNET EUROPE LIMITED ( LIQUIDNET ) LIQUIDNET EUROPE FIXED INCOME MTF PARTICIPATION RULES 1 Glossary Term Competent Authority EEA Eligibility Criteria Erroneous Order Erroneous Trade FCA FCA Rules FSMA
More informationProposed guidance for firms outsourcing to the cloud and other third-party IT services
Guidance consultation 15/6 Proposed guidance for firms outsourcing to the cloud and other third-party IT services November 2015 1. Introduction and consultation 1.1 The purpose of this draft guidance is
More informationEU Data Protection Reforms Challenges for Business
www.pwc.com Contents EU Data Protection Reforms Challenges for Business July 2014 1. Introduction 2. The need for change 3. Changes and challenges 4. Recommendations 5. Conclusion 6. For a deeper conversation
More informationSTATUTORY INSTRUMENTS. S.I. No. 336 of 2011
STATUTORY INSTRUMENTS. S.I. No. 336 of 2011 EUROPEAN COMMUNITIES (ELECTRONIC COMMUNICATIONS NETWORKS AND SERVICES) (PRIVACY AND ELECTRONIC COMMUNICATIONS) REGULATIONS 2011 (Prn. A11/1165) 2 [336] S.I.
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Approval date: June 2014 Approved by: Board Responsible Manager: Executive Director of Resources Next Review June 2016 Data Protection Policy 1. Introduction Data Protection Policy
More informationWhat's Up with Apps in Hong Kong July 2013
What's Up with Apps in Hong Kong July 2013 In May this year, the Hong Kong Privacy Commissioner for Personal Data ("Privacy Commissioner") joined the Global Privacy Enforcement Network ("GPEN") to conduct
More informationOUTSOURCING, HOSTING AND DATA PRIVACY ISSUES
OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES 4 April 2013 James Castro-Edwards Solicitor Monica Salgado Advogada / Portuguese Lawyer OUR TEAM Speechly Bircham is an ambitious, full-service law firm with
More informationHamblin-Martin Financial: Service Charter Mortgage & Insurance
Hamblin-Martin Financial: Service Charter Mortgage & Insurance OUR SERVICES 2 TERMS OF BUSINESS 3 THE COST OF OUR SERVICES 6 TERMS OF AGREEMENT 9 CUSTOMER CHARTER & OUR CONTACT DETAILS 10 Client Agreement
More informationClient Agreement Mortgages, Equity Release and Insurance
Client Agreement Mortgages, Equity Release and Insurance An overview of the services we offer I am an Independent Adviser, which means that I offer a range of services designed to meet the financial goals
More informationOBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;
OBJECTS AND REASONS This Bill would provide for (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; (b) the protection of the privacy of individuals in relation
More informationCloud Computing: Legal Risks and Best Practices
Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent
More informationGUIDE TO THE ISLE OF MAN DATA PROTECTION ACT. CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4
GUIDE TO THE ISLE OF MAN DATA PROTECTION ACT CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4 PREFACE The following provides general guidance on data protection
More information7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data
Akzo Nobel N.V. Executive Committee Rules 7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data Source Directive Content Owner Directive 7.08 Protection of Personal Data AkzoNobel Legal
More informationI. Personal data and its use in the business to business environment.
RESPONSE FROM THE DIRECT MARKETING ASSOCIATION (UK) LTD. TO THE EUROPEAN COMMISSION'S CONSULTATION ON THE IMPLEMENTATION OF DIRECTIVE 95/46 EC ON THE PROTECTION OF INDIVIDUALS WITH REGARD TO THE PROCESSING
More informationComments and proposals on the Chapter IV of the General Data Protection Regulation
Comments and proposals on the Chapter IV of the General Data Protection Regulation Ahead of the trialogue negotiations later this month, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International
More informationTracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan. charlesrussellspeechlys.com
Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan charlesrussellspeechlys.com Janine Regan Associate +44 (0)20 7427 6798 janine.regan@crsblaw.com Janine has extensive experience
More informationCorporate ICT & Data Management. Data Protection Policy
90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control
More informationCloud Computing. Introduction
Cloud Computing Introduction This information leaflet aims to advise organisations which are considering engaging cloud computing on the factors they should consider. It explains the relationship between
More informationIf you are unclear about the implications of Auto Enrolment you will find our Guide to Auto Enrolment a good starting point.
The Pay Check Auto Enrolment Service A service designed for Pay Check clients who are looking for a first class pension solution that is simple to administer, cost effective and guarantees full compliance
More informationUNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION
UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION The Data Protection Act 1998 (DPA) was passed in order to implement the EU Data Protection Directive (95/46/EC) and applies to all data relating to, and
More informationDailyMailz may collect and process the following personal information about you:
Privacy Policy DailyMailz is committed to preserving the privacy of all visitors to its website www.dailymailz.nl ("Website"). This privacy policy along with DailyMailz s terms and conditions of use and
More informationRPM INTERNATIONAL INC. AND ITS SUBSIDIARIES AND OPERATING COMPANIES SAFE HARBOR PRIVACY NOTICE. EFFECTIVE AS OF: August 12, 2015
RPM INTERNATIONAL INC. AND ITS SUBSIDIARIES AND OPERATING COMPANIES SAFE HARBOR PRIVACY NOTICE EFFECTIVE AS OF: August 12, 2015 This Notice sets forth the principles followed by RPM International Inc.,
More informationNorwegian Data Inspectorate
Norwegian Data Inspectorate Narvik kommune Postboks 64 8501 NARVIK Norway Your reference Our reference (please quote in any reply) Date 1111/1210-6/PEJA 11/00593-7/SEV 16 January 2012 Notification of decision
More informationGSK Public policy positions
Safeguarding Personally Identifiable Information A Summary of GSK s Binding Corporate Rules The Issue The processing of Personally Identifiable Information (PII) 1 and Sensitive Personally Identifiable
More informationPublic Consultation regarding Data Sharing and Governance Bill. Contribution of Office of the Data Protection Commissioner
Submission of the Office of the Data Protection Commissioner (DPC) on the data-sharing and Governance Bill: - Policy Proposals (dated the 1 st of August 2014) Public Consultation regarding Data Sharing
More informationPrivacy Policy. February, 2015 Page: 1
February, 2015 Page: 1 Revision History Revision # Date Author Sections Altered Approval/Date Rev 1.0 02/15/15 Ben Price New Document Rev 1.1 07/24/15 Ben Price Verify Privacy Grid Requirements are met
More informationSummary of Data Protection Requirements When transferring Data Outside the UK End Users
Summary of Data Protection Requirements When transferring Data Outside the UK End Users 14 May 2010 Background to transfers of the Data outside the UK Data can be transferred in a couple of ways in relation
More informationCorporate Policy. Data Protection for Data of Customers & Partners.
Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing
More informationThe U.K. Information Commissioner s Office Report on Big Data and Data Protection
reau of National Affairs, Inc. (800-372-1033) http://www.bna.com WORLD DATA PROTECTION REPORT >>> News and analysis of data protection developments around the world. For the latest updates, visit www.bna.com
More informationCrossing Borders New Guidance on the Transfer of Personal Data outside Hong Kong
Legal Update Privacy & Security Hong Kong 20 January 2015 Crossing Borders New Guidance on the Transfer of Personal Data outside Hong Kong Section 33 of the Hong Kong Personal Data (Privacy) Ordinance
More informationDraft Code of Conduct on privacy for mobile health applications
Draft Code of Conduct on privacy for mobile health applications I. About this Code 1) Introduction To be drafted as a last step, when the rest of the Code is more or less stable Ed. 2) Purpose The purpose
More informationINSIGNIA MEDICAL SYSTEMS LTD PRIVACY POLICY
INSIGNIA MEDICAL SYSTEMS LTD PRIVACY POLICY This Website is owned by Insignia Medical Systems Ltd (hereafter Company ), a company registered in England and Wales. We take user privacy seriously and take
More informationAIRBUS GROUP BINDING CORPORATE RULES
1 AIRBUS GROUP BINDING CORPORATE RULES 2 Introduction The Binding Corporate Rules (hereinafter BCRs ) of the Airbus Group finalize the Airbus Group s provisions on the protection of Personal Data. These
More information