I. Personal data and its use in the business to business environment.
|
|
- Shawn Hines
- 8 years ago
- Views:
Transcription
1 RESPONSE FROM THE DIRECT MARKETING ASSOCIATION (UK) LTD. TO THE EUROPEAN COMMISSION'S CONSULTATION ON THE IMPLEMENTATION OF DIRECTIVE 95/46 EC ON THE PROTECTION OF INDIVIDUALS WITH REGARD TO THE PROCESSING OF PERSONAL DATA AND ON THE FREE MOVEMENT OF SUCH DATA. A. INTRODUCTION The Direct Marketing Association (UK) Ltd (DMA) welcomes the opportunity to respond to the consultation in connection with the preparation of the European Commission's first report on the implementation of the Data Protection Directive ("the Directive") The DMA and its Members The DMA is Europe's largest trade association in the marketing and communications sector, with over 870 corporate members and positioned in the top 5% of UK trade associations by income billion was spent on direct marketing activity in 2001 (DMA Census of the Direct Marketing Industry 2001/2). The DMA represents both advertisers, who market their products using direct marketing techniques, and specialist suppliers of direct marketing services to those advertisers - for example, advertising agencies, mailing houses, list brokers, computer bureaux, database companies, etc. The DMA also administers the Mailing Preference Service and other self-regulatory mechanisms designed to protect consumers. On behalf of its membership, the DMA promotes best practice, through its Codes, in order to maintain and enhance consumers' trust and confidence in the direct marketing industry. The Direct Marketing Authority is an independent body that monitors industry compliance. B SUMMARY OF DMA's RESPONSE I. Personal data and its use in the business to business environment. The DMA is concerned that the current definition of personal data may catch data such as job title and business address, which should not be considered personal data if it is simply used to ensure that communications reach the right employee
2 II. Applicable law and jurisdiction Differences between the national laws in the Member States mean that multinational companies with branches and subsidiary companies throughout the EEA should only have to comply with the data protection legislation in the EEA country where their principal office is located. III Transfer of Personal Data to third countries and use of contracts Globalisation and the growth of the Internet mean that the Directive needs to be amended to allow greater use of company group wide security/privacy policies as a method of allowing transfers to third countries. IV. Sensitive Personal Data The definition causes problems for business in that they may be inadvertently holding sensitive personal data. Data subjects do not gain any real benefit from the extra protection. The category should therefore be deleted. V. Right of Access - Data Subject Access Requests Owing to the increase in the amount of data held on data subjects, data controllers should be exempt from providing a full data subject access request when to do so would involve a disproportionate effort on the part of the data controller VI. Notification The notification system is a regulatory burden on businesses and ties up resources at the national data protection authorities. Our view is that the requirement to notify should be removed. C SPECIFIC COMMENTS ON THE DIRECTIVE 1. Personal Data and its use in the business-to-business environment (Article 2 Definitions) We are concerned about the issue that name, job title and workplace addresses may be considered to be personal data. This poses problems for companies as often they only hold this information for the purpose of ensuring that the communication reaches the correct person in the other organisation. The growth of Internet and usage since the Directive was passed makes reform in this area essential. The Direct Marketing Association (UK)
3 Limited in their Code of Practice (2 nd Edition) suggest a simple test for determining whether or not such data is personal or business data which is as follows:" if the job holder changes will there be any changes to the data other than the change in the jobholder's name, If the answer is yes then the data is personal data, if no then it is business data." DMA recommendation is for an exemption from the definition of personal data for basic contact information (name, job title and workplace address) about an employee held either by the employer or by another organisation, which has a relationship with the employer. We accept that in the case of sole traders and partnerships this basic information would remain personal data. Employees already have sufficient protection through the duty of trust and confidence between an employer and an employee to cover unlawful disclosure of an employee's address by an employer. We are aware that the European Commission has launched a first stage consultation on the protection of workers personal data. We believe that Directive 95/46 provides sufficient protection for workers personal data. The UK Information Commissioner is in the final stages of producing The Employment Practices Data Protection Code, which deals with issues of workers personal data. We would suggest that there is no need for action at the European level in this field and it should be left up to national data protection authorities to clarify the application of Directive 95/46 to workers personal data. DMA recommendation is that there is no need for further action to protect workers personal data. 2. Applicable law and jurisdiction (Article 4) The Directive was introduced under the Internal Market provisions and was designed to harmonise data protection legislation throughout the EEA. However there are differences in implementation between Member States, for example some require an opt -in approach fo personal data being passed on to third parties, whereas others require an opt -out approach. This makes it difficult for members of the DMA, who are increasingly becoming involved in pan European marketing programmes. Many companies, particularly SMEs, do not have the resources either to check the data protection legislation in the 15 Member States internally or to afford the costs for professional advice in this area. This position will only worsen with expansion of the EU to include the current candidate countries from Central and Eastern Europe. Furthermore there is a problem for companies who have offices throughout the EEA. Each individual office may have to notify the relevant data protection authority and comply with the national law in the country where the office is located. The company is likely also to be transferring personal data relating to employees and customers between different countries within the EEA. Clearly the current legislative situation is not practical in today's business world.
4 DMA recommendation is that, if notification is retained, there should be a system whereby a company can have one notification in the EEA country where its principal office is located. This would cover it for all the other countries in the EEA, where it has offices. Similarly the Data Protection Authority in the country where the company had notified would take the lead in any enforcement action. The company would only have to comply with the data protection legislation in the country where the notification was made and the Directive. 3. Sensitive Personal Data - (Article 8) In the direct marketing arena it is perfectly possible for a data controller to inadvertently hold sensitive personal data, such as medical or health information, about a data subject, which is for the benefit of the individual. The data controller may not always have the explicit consent of the data subject or be able to process the sensitive data under one of the exemptions. DMA recommendation is for the definition of sensitive personal data to be abolished. Whether or not the processing of sensitive personal data was fair could be dealt with under the fair processing code in Article Right of Access - Data Subject Access Requests ( Article 12) There are problems with this right for both data controllers and data subjects. Data controllers, particularly SMEs can find it expensive in time and resources to comply with a data subject access request, especially if they hold a large amount of information about the data subject. The increasing use of has caused part of the problem. It is quite likely that the data subject is only interested in one particular piece of information or is looking for confirmation from the data controller that the data subject' s record has been changed as requested. DMA recommendation is for there to be a exemption for data controllers where a disproportionate effort would be required on the part of the data controller to comply with a data subject access request. 5. Notification (Article 18) We do not see the need for the notification provisions to remain. The national data protection authorities can take enforcement action against companies, who are in breach of data protection legislation, regardless of whether the companies have notified or not. Many businesses see notification as a regulatory burden. We accept that there may be certain benefits for consumers and other businesses in knowing that a particular company has notified its national data protection authorities of its activities, but on balance we believe that the requirement to notify should be removed. This would free up resources at the national protection authorities and allow more resources to be diverted to enforcement action. DMA recommendation is for this article to be deleted.
5 6. Transfer of Personal Data to third countries and use of contracts (Articles 25 and 26) Developments since 1995 have meant that these Articles need revision. Firstly the growth of the Internet, in particular and online shopping, since 1995 has been one of the profound changes to the way business-to-business and business to consumers communicate with each other. Secondly globalisation has meant an increase in the number of global companies who have branches or subsidiary companies within the EEA and need to store and access customer and employee information on a global basis. This has meant that there is a far greater amount of personal data, which is being transmitted from the EEA to other third countries than was the case in Although the agreement with the USA on the Safe Harbor Principles is a welcome development, there are problems with it, in particular the fact that it does not extend to the financial services. industry. The number of countries that have been given adequate level of protection status is limited. It is also not practical to expect companies with multiple branches and subsidiaries to enter into multiple contractual arrangements within the group for the transfer of personal data. Many global companies have sought to develop group wide security and privacy policies, and rely on the provisions in Article 26 (2). It is interesting to note that the use of these policies has been one of the reasons why the 1995 Directive has become the global standard. DMA recommendation is that there should be specific reference to group wide security and privacy policies as a means of complying with Article 26(2). The national data protection authorities clearly do not have the resources to approve every security/privacy policy and therefore prior approval by the authority should not be required. Rather there should be a presumption that such a security or privacy policy provides an adequate level of protection until proved otherwise through enforcement action taken as a result of a complaint by an individual. D. COMMENTS ON ISSUES RAISED IN THE QUESTIONNAIRES 1.Use of the Internet. As already noted above in the comments on Articles 25 and 26, the growth of the internet has been one of the major developments in the online world since The DMA has actively been involved in giving consumers confidence to shop online, through its membership of the Alliance for Electronic Business (AEB), a partnership between the following UK organisations, Confederation of British Industry, Intellect, and the e-centre. The AEB, together with the UK Consumers Association has set up Trust UK as an initiative to accredit the on -line codes of practice of associations and organisations whose members' websites display an e-hallmark. This initiative has the endorsement of the UK Government.. The DMA has achieved Trust UK approval for its codes of Practice on Electronic Commerce and Commercial Communications to Children Online. All DMA members have to comply
6 with the codes, and those who carry out e-business must therefore display the Trust UK logo, which provides a means for consumers to complain about web trading activities. The DMA believes that the use of such codes of practice is way to encourage consumer confidence rather than a specific legislation dealing with data protection issues and the Internet. E.CONCLUSION The DMA welcomes the extensive consultation process, which the European Commission is engaging in this revision of the Directive. A representative from the DMA will be attending the conference at the end of September. Please contact us if you wish to discuss any of the points raise in this consultation in greater detail. The Direct Marketing Association (UK) Limited 30 August 2002
Insurance Europe key messages on the European Commission's proposed General Data Protection Regulation
Position Paper Insurance Europe key messages on the European Commission's proposed General Data Protection Regulation Our reference: SMC-DAT-12-064 Date: 3 September 2012 Related documents: Proposal for
More informationPublic Consultation regarding Data Sharing and Governance Bill. Contribution of Office of the Data Protection Commissioner
Submission of the Office of the Data Protection Commissioner (DPC) on the data-sharing and Governance Bill: - Policy Proposals (dated the 1 st of August 2014) Public Consultation regarding Data Sharing
More informationPrivacy Policy for Data Collected by Blue State Digital s Clients
Privacy Policy for Data Collected by Blue State Digital s Clients Blue State Digital LLC. ("Blue State Digital", BSD or "we") provides various services to nonprofits and business entities ("Clients"),
More informationApplication of Data Protection Concepts to Cloud Computing
Application of Data Protection Concepts to Cloud Computing By Denitza Toptchiyska Abstract: The fast technological development and growing use of cloud computing services require implementation of effective
More informationQUESTIONNAIRE ON CONTRACT RULES FOR ONLINE PURCHASES OF DIGITAL CONTENT AND TANGIBLE GOODS
QUESTIONNAIRE ON CONTRACT RULES FOR ONLINE PURCHASES OF DIGITAL CONTENT AND TANGIBLE GOODS Information about the respondent 1. Please enter your full name OR the name of the organisation / company / institution
More informationtechnical factsheet 176
technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection
More informationOliver Brettle London. Employee Monitoring in the UK and Generally: Concerns Beyond the EU Data Protection Directive
Oliver Brettle London Employee Monitoring in the UK and Generally: Concerns Beyond the EU Data Protection Directive 6 th Annual Privacy Law Symposium April 27, 2006 The Focus Part I an overview on data
More informationData protection issues on an EU outsourcing
Data protection issues on an EU outsourcing Saam Golshani, Alastair Gorrie and Diego Rigatti, Orrick Herrington & Sutcliffe www.practicallaw.com/8-380-8496 Outsourcing can mean subcontracting a process
More informationAlign Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved.
Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION
More informationAlixPartners, LLP. General Data Protection Statement
AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection
More informationPrivacy Statement. What Personal Information We Collect. Australia
Privacy Statement Kelly Services, Inc. and its subsidiaries ("Kelly Services" or Kelly ) respect your privacy and we acknowledge that you have certain rights related to any personal information we collect
More informationd. Members shall not conduct their business in a manner which tends to bring either BRBA or the BMF or its membership into disrepute.
Boat retailers and brokers who are Members of the Boat Retailers and Brokers Association ( BRBA ), a Group Association of the British Marine Federation (BMF) must adhere to the following terms: 1. Standard
More informationThe Data Protection Landscape. Before and after GDPR: General Data Protection Regulation
The Data Protection Landscape Before and after GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection)
More informationCredit Union Code for the Protection of Personal Information
Introduction Canada is part of a global economy based on the creation, processing, and exchange of information. The technology underlying the information economy provides a number of benefits that improve
More informationData Protection in Ireland
Data Protection in Ireland 0 Contents Data Protection in Ireland Introduction Page 2 Appointment of a Data Processor Page 2 Security Measures (onus on a data controller) Page 3 8 Principles Page 3 Fair
More informationAn overview of UK data protection law
An overview of UK data protection law Our team Vinod Bange Partner +44 (0)20 7300 4600 v.bange@taylorwessing.com Graham Hann Partner +44 (0)20 7300 4839 g.hann@taylorwessing.com Chris Jeffery Partner +44
More informationCorporate Policy. Data Protection for Data of Customers & Partners.
Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing
More informationPrivacy Policy. Ignite your local marketing
Privacy Policy Ignite your local marketing Contents 1) Introduction... 3 2) What is your personal information?... 3 3) What personal information do we collect and hold?... 3 4) How do we collect your personal
More informationCOMPLYING WITH THE E-COMMERCE REGULATIONS 2002
COMPLYING WITH THE E-COMMERCE REGULATIONS 2002 You should read this guide if you. advertise goods or services online (i.e. via the Internet, interactive television or mobile telephone) sell goods or services
More informationPRIVACY POLICY. "Personal Information" comprising:
PRIVACY POLICY Uniqlo is committed to respecting the privacy rights of visitors to its website. This privacy policy ("Policy") explains how we collect, store and use personal data about you when you browse
More informationOffice 365 Data Processing Agreement with Model Clauses
Enrollment for Education Solutions Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Enrollment for Education Solutions number Microsoft to complete 7392924 GOLDS03081
More informationWestpac Business Debit MasterCard Application
Westpac Business Debit MasterCard Application Westpac Banking Corporation ABN 33 007 457 141 AFSL and Australian credit licence 233714 In order to apply for a Westpac Business Debit MasterCard, the following
More informationThe Regulation of Unfair Practices in TV and Radio Advertisements
The Regulation of Unfair Practices in TV and Radio Advertisements BCAP Consultation Document Issued: 24 June 2008 Closing date for responses: 22 July 2008 2 The Regulation of Unfair Practices in TV and
More informationPRIVACY POLICY AND INFORMATION ON COOKIES
PRIVACY POLICY AND INFORMATION ON COOKIES This privacy policy governs the collection, storage and use of personal information (meaning any information about you which is personally identifiable namely:
More informationThe HR Skinny: Effectively managing international employee data flows
The HR Skinny: Effectively managing international employee data flows Topics we will cover today Laws affecting HR data flows HR international data protection challenges and strategic solutions Case study
More informationMEMBI PRIVACY POLICY
MEMBI 1 PURPOSE OF OUR POLICY 1.1 Membi Limited (Company Number 09775238) of 396a Kingston Road, Kingston Road, London SW20 8LL, United Kingdom (Membi, we, us or our) provides the services offered on the
More informationPrivacy Policy for Data Collected by Blue State Digital
Privacy Policy for Data Collected by Blue State Digital Overview Blue State Digital LLC. ( Blue State Digital, BSD or we ) provides various services to non- profit entities and other related businesses
More informationBRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS
BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and
More information1. TYPES OF INFORMATION WE COLLECT.
PRIVACY POLICY GLOBAL ASSESSOR POOL, LLC, DBA PINSIGHT ( Company or we or us ) is committed to protecting your privacy. We prepared this Privacy Policy to describe our practices regarding the information
More informationFIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS
FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),
More informationE-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY
E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY Oana Dolea 7 th Annual Leg@l.IT Conference March 26th, 2013 Montreal, Canada INTRODUCTION Mobile e-commerce vs. E-commerce Mobile e-commerce:
More informationThe new EU Clinical Trials Regulation How NHS research and patients will benefit
the voice of the NHS in Europe Briefing September 2014 Issue 19 The new EU Clinical Trials Regulation How NHS research and patients will benefit Who should read this briefing? This briefing will be of
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationAlign Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved.
Align Technology Data Protection Binding Corporate Rules Processor Policy Confidential Contents INTRODUCTION TO THIS POLICY 3 PART I: BACKGROUND AND ACTIONS 4 PART II: PROCESSOR OBLIGATIONS 6 PART III:
More informationDailyMailz may collect and process the following personal information about you:
Privacy Policy DailyMailz is committed to preserving the privacy of all visitors to its website www.dailymailz.nl ("Website"). This privacy policy along with DailyMailz s terms and conditions of use and
More informationBig Data for Mutuals. Marc Dautlich 25 November 2013
Big Data for Mutuals Marc Dautlich 25 November 2013 Agenda BIG DATA What is it? OPPORTUNITIES What are they? LEGAL CHALLENGES How do we overcome them? LEGAL REFORM What can we do now to minimise impact?
More informationAppendix A Data Protection and Marketing Regulatory Considerations for the European Union
Appendix A Data Protection and Marketing Regulatory Considerations for the European Union Notes: Soft opt-in rules, denoted with a * within the consent for marketing columns below, generally allow marketing
More informationPrincipal Members. February 1, 2007. Review of Australia s Consumer Policy Framework Productivity Commission PO Box 1428 Canberra ACT 2616
February 1, 2007 Principal Members Review of Australia s Consumer Policy Framework Productivity Commission PO Box 1428 Canberra ACT 2616 Via email: consumer@pc.gov.au The Australasian Compliance Institute
More informationROYAL AUSTRALASIAN COLLEGE OF SURGEONS
1. SCOPE This policy details the College s privacy policy and related information handling practices and gives guidelines for access to any personal information retained by the College. This includes personal
More informationMIS Privacy Statement. Our Privacy Commitments
MIS Privacy Statement Our Privacy Commitments MIS Training Institute Holdings, Inc. (together "we") respect the privacy of every person who visits or registers with our websites ("you"), and are committed
More informationCONSULTATION ON A POSSIBLE STATUTE FOR A EUROPEAN PRIVATE COMPANY (EPC)
EUROPEAN COMMISSION Internal Market and Services DG MARKT/ 19.07.2007 CONSULTATION ON A POSSIBLE STATUTE FOR A EUROPEAN PRIVATE COMPANY (EPC) Consultation by the Services of the Internal Market Directorate
More informationThe kinds of personal information we collect and hold vary depending on the services we are providing, but generally can include:
ABN 47 001 768 190 AFSL 244526 Our Privacy Policy At Capital Insurance Brokers, we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian
More informationROEHAMPTON UNIVERSITY DATA PROTECTION POLICY
ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:
More informationPRIVATE HEALTH INSURANCE INTERMEDIARIES CODE OF CONDUCT JUNE 2015 VERSION 2
PRIVATE HEALTH INSURANCE INTERMEDIARIES CODE OF CONDUCT JUNE 2015 VERSION 2 CONTENTS PART A - Page 4 GENERAL 1. INTRODUCTION 2. OUR COMMITMENT UNDER THE CODE 3. PRIVATE HEALTH INSURANCE ENVIRONMENT PART
More informationCorporate Compliance: A Global Perspective
Corporate Compliance: A Global Perspective 6/27/2012 37 Offices in 18 Countries Current Compliance Environment Ever-intensifying regulatory burden new areas of regulation existing regulations becoming
More informationThe eighth data protection principle and international data transfers
Data Protection Act 1998 The eighth data protection principle and international data transfers The Information Commissioner s recommended approach to assessing adequacy including consideration of the issue
More informationCLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:
CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential
More informationPersonal Data Protection Policy
Personal Data Protection Policy Please take a moment to read the following Policy. If there is anything you do not understand then please contact us. We are committed to protecting privacy. This Personal
More informationData Protection Good Practice Note
Data Protection Good Practice Note This explanatory document explains what charities and voluntary organisations need to do to comply with the Data Protection Act 1988 as amended by the Data Protection
More informationPersonal information, for purposes of this Policy, includes any information which relates to an identified or an identifiable person.
PART I: INTRODUCTION AND BACKGROUND Purpose This Data Protection Binding Corporate Rules Policy ( Policy ) establishes the approach of Fluor to compliance with European data protection law and specifically
More informationPRIVACY NOTICE. Last Updated: March 24, 2015
PRIVACY NOTICE Your access to and use of this website is governed by the TERMS OF WEBSITE USE and the following PRIVACY NOTICE. Please read them carefully as they constitute a legally binding agreement
More informationA list of CIArb subsidiaries relevant to this notice and their activities is set out below.
CHARTERED INSTITUTE OF ARBITRATORS DATA PRIVACY NOTICE INTRODUCTION This data protection notice explains what personal data will be collected by the Chartered Institute of Arbitrators and its subsidiary
More informationDraft guidance for registered pharmacies providing internet and distance sale, supply or service provision
Draft guidance for registered pharmacies providing internet and distance sale, supply or service provision September 2014 1 The General Pharmaceutical Council is the regulator for pharmacists, pharmacy
More informationEU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update. By Stephen H. LaCount, Esq.
EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update By Stephen H. LaCount, Esq. Overview The European Union Data Protection Directive 95/46/EC ( Directive ) went effective in
More informationIf you have any questions about our privacy practices, please refer to the end of this privacy policy for information on how to contact us.
c4m Privacy Policy Last Modified: July 20, 2015 Colbette II Ltd., Block 1, 195-197 Old Nicosia-Limassol Road, Dali Industrial Zone, Cyprus 2540 (hereinafter "c4m", Colbette we", "our" or "us") is always
More informationQUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt
QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.
More informationDATA PROMOTIONAL OFFERS ARKETING TO CHILDREN CODE OF PRACTICE FINANCIAL SERVICES CHARITIES NVIRONMENTAL RESPONSIBILITY EMAIL MARKETING
Direct Marketing CODE OF PRACTICE CATALOGUE & HOME SHOPPINGDIRECT MAIL e-commerce FAX MARKETING CHARITIES FINANCIAL SERVICES DATA DIRECT MARKETING COMMISSION EMAIL MARKETING PROMOTIONAL OFFERS NVIRONMENTAL
More informationPlease read this Policy carefully. Your continued use of our sites means that you understand and consent to the terms of this Policy.
EFFECTIVE: February 2016 Version 1.2 CHECK 'N GO PRIVACY POLICY This Privacy Policy ("Policy") applies to the use of Check 'n Go (the "Company") online sites and any Company affiliate or subsidiary sites.
More informationEUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE. on a common framework for electronic signatures
COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 29.04.1999 COM(1999) 195 fmal 98/0191(COD) Amended proposal for a EUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE on a common framework for electronic signatures
More informationEcommerce Applications 2009/10. E-Commerce Applications UK e-commerce Regulations
E-Commerce Applications UK e-commerce Regulations Overview Regulation provisions Who does it affect Court jurisdiction Information requirements Electronic communications Electronic contracting What is
More informationThis Applicant Privacy Notice Continental Europe is dated: July 2012 WILLIS.COM: PRIVACY NOTICE
Applicant Privacy Notice for Positions in Willis Companies Located in the European Union and European Economic Area Excluding the United Kingdom ( Applicant Privacy Notice Continental Europe ) This Applicant
More informationFederated Access Management
Federated Access Management Document Version: 2 DRAFT Date: Oct 2011 Author (Version 2): Andrew Cormack (JANET(UK)) Authors (Version 1): Andrew Cormack (JANET(UK)), Eva Kassenaar (SURFnet), Mikael Linden
More informationImportant information about your credit card account ( Account )
Important information about your credit card account ( Account ) This notice is provided to you with your December 2013 statement of Account and details changes to the terms and conditions of your account
More informationPrivacy Policy documents for
Privacy Policy documents for Praendex Incorporated doing business as PI Worldwide Product User Privacy Policy - For Customers, as well as those invited to our websites to complete a PI Survey or SSAT General
More informationFactsheet on the Right to be
101010 100101 1010 101 Factsheet on the Right to be 100 Forgotten ruling (C-131/12) 101 101 1) What is the case about and what did 100 the Court rule? 10 In 2010 a Spanish citizen lodged a complaint against
More informationThe Manitowoc Company, Inc.
The Manitowoc Company, Inc. DATA PROTECTION POLICY 11FitzPatrick & Associates 4/5/04 1 Proprietary Material Version 4.0 CONTENTS PART 1 - Policy Statement PART 2 - Processing Personal Data PART 3 - Organisational
More informationPRIVATE HEALTH INSURANCE INTERMEDIARIES. DOCUMENT 1: Self-Audit Guide for All Members of PHIIA JUNE 2015 VERSION 2
PRIVATE HEALTH INSURANCE INTERMEDIARIES DOCUMENT 1: Self-Audit Guide for All Members of PHIIA JUNE 2015 VERSION 2 9 For All Members of PHIIA Code Compliance Committee Private Health Insurance Intermediaries
More informationGuidance Note. on the. Use of Internet for Insurance Activities
GN8 Guidance Note on the Use of Internet for Insurance Activities Office of the Commissioner of Insurance Table of Contents Page INTRODUCTION... 1 INTERPRETATION... 2 IDENTITY OF SERVICE PROVIDERS... 3
More informationESTRO PRIVACY AND DATA SECURITY NOTICE
ESTRO PRIVACY AND DATA SECURITY NOTICE This Data Privacy and Security Policy is a dynamic document, which will reflect our continuing vigilance to properly handle and secure information that we are trusted
More informationPERSONAL DATA PROTECTION POLICY RELATING TO CIGNA EUROPE INSURANCE COMPANY S.A.-N.V. SINGAPORE BRANCH
PERSONAL DATA PROTECTION POLICY RELATING TO CIGNA EUROPE INSURANCE COMPANY S.A.-N.V. SINGAPORE BRANCH Personal data protection in Singapore is regulated by the Personal Data Protection Act 2012 (the PDPA
More informationAUSTRALIA S NEW PRIVACY LAWS - WHAT LAWYERS NEED TO KNOW ABOUT THEIR OWN PRACTICES
AUSTRALIA S NEW PRIVACY LAWS - WHAT LAWYERS NEED TO KNOW ABOUT THEIR OWN PRACTICES http://www.lawcouncil.asn.au The Privacy Commissioner has welcomed the Law Council s initiative in producing this overview.
More informationEU Employment Law Euro Info Centre December 2006
EU Employment Law Euro Info Centre December 2006 CONTENTS EU Employment Law 2 1. Anti-discrimination 2 2 2 2. Equal treatment of men and women in the workplace 3 3 3 3. Fixed and part time work including
More informationBCS, The Chartered Institute for IT Consultation Response to:
BCS, The Chartered Institute for IT Consultation Response to: A Comprehensive Approach to Personal Data Protection in the European Union Dated: 15 January 2011 BCS The Chartered Institute for IT First
More informationThe Impact on Marketing-Related Activities of the Data Protection Act and Related Legislation
The Impact on Marketing-Related Activities of the Data Protection Audience 1. This guidance is intended for all University staff who maintain or use database of contacts for marketing purposes, including
More informationPRIVACY POLICY Personal information and sensitive information Information we request from you
PRIVACY POLICY Business Chicks Pty Ltd A.C.N. 121 566 934 (we, us, our, or Business Chicks) recognises and values the protection of your privacy. We also understand that you want clarity about how we manage
More informationslaughter and may The new EU Data Protection Regulation revolution or evolution?
slaughter and may The new EU Data Protection Regulation revolution or evolution? BRIEFING April 2012 Reform of Europe s data protection regime moved one step closer this January with the publication of
More informationPRIVATE HEALTH INSURANCE INTERMEDIARIES PRACTICE CODES JUNE 2015 VERSION 2
PRIVATE HEALTH INSURANCE INTERMEDIARIES PRACTICE CODES JUNE 2015 VERSION 2 CONTENTS PART A - Pages 3-4 INTRODUCTION 1. ACCEPTANCE OF CODES 2. CODE COMPLIANCE 2.1 CODE COMPLIANCE COMMITTEE 3. REVIEW AND
More informationFUNDRAISING STANDARDS BOARD STAGE 3 ADJUDICATION REPORT
FUNDRAISING STANDARDS BOARD STAGE 3 ADJUDICATION REPORT Case Number: W20150311-FS02044 Respondent: Breast Cancer Campaign/Insight CCI Limited Complaint: The complainant believes that their Telephone Preference
More informationAustralian Privacy Principle 7 direct marketing
Australian Privacy Principle 7 direct marketing Chapter 7 Draft version, September 2013 Key points... 2 What does APP 7 say?... 2 What is direct marketing?... 3 When are agencies covered by APP 7?... 4
More informationJohnson Controls Privacy Notice
Johnson Controls Privacy Notice Johnson Controls, Inc. and its affiliated companies (collectively Johnson Controls, we, us or our) care about your privacy and are committed to protecting your personal
More informationLEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction
LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed
More informationCredit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information
Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information INTRODUCTION Privacy legislation establishes legal privacy rights for individuals and sets enforceable
More informationI loved reading the terms & conditions! said no one, ever. term deposit terms + conditions
I loved reading the terms & conditions! said no one, ever term deposit terms + conditions index. Part a - general terms and conditions. 2 1 Purpose of this booklet. 2 2 Meaning of words used. 2 3 Opening
More informationChapter 7: Australian Privacy Principle 7 Direct marketing
Chapter 7: APP 7 Direct marketing Version 1.0, February 2014 Chapter 7: Australian Privacy Principle 7 Direct marketing Version 1.0, February 2014 Key points... 2 What does APP 7 say?... 2 Direct marketing...
More informationHow To Get A Health Insurance Policy From Mybupa
Information Handling Policy February 2015 Page 1 1. Introduction 1.1 About Bupa In this document, we, us, our and Bupa refers to Bupa Australia Pty Ltd (ABN 81 000 057 590) and its related entities and
More informationCOMMENTARY. Hong Kong Strengthens Its Personal Data. on Direct Marketing JONES DAY
May 2013 JONES DAY COMMENTARY Hong Kong Strengthens Its Personal Data Privacy Laws and Imposes Criminal Penalties on Direct Marketing In 2012 Hong Kong introduced the Personal Data (Privacy) (Amendment)
More informationANZ Privacy Policy PROTECTING YOUR PRIVACY 07.15
ANZ Privacy Policy PROTECTING YOUR PRIVACY 07.15 Contents Introduction to ANZ s Privacy Policy 4 Collecting your personal information 6 Using your personal information 9 Disclosing your personal information
More information.eu Domain Name Registration. Terms and Conditions
.eu Domain Name Registration Terms and Conditions 1/15 TABLE OF CONTENTS Table of Contents... 2 Definitions...... 3 Object and Scope... 5 Section 1. Eligibility Requirements... 5 Section 2. First Come,
More informationDublin City University
Dublin City University Data Protection Policy Data Protection Policy Contents Purpose... 1 Scope... 1 Data Protection Principles... 1 Disclosure of Personal Data... 2 Summary of Responsibilities... 3 Rights
More informationTHE CLAIMS MANAGEMENT CODE ( the Code )
THE CLAIMS MANAGEMENT CODE ( the Code ) CONTENTS 1 Introduction 2 Principles 3 Publishing the Code 4 Training and Competence 5 Advertising, Marketing and Promotional Activities 6 Charges 7 Information
More informationAUSTRALIAN DIRECT MARKETING ASSOCIATION SUBMISSION PRODUCTIVITY COMMISSION DRAFT RESEARCH REPORT
AUSTRALIAN DIRECT MARKETING ASSOCIATION SUBMISSION ON PRODUCTIVITY COMMISSION DRAFT RESEARCH REPORT ANNUAL REVIEW OF REGULATORY BURDENS ON BUSINESS: SOCIAL AND ECONOMIC INFRASTRUCTURE SERVICES 1 1. TABLE
More information1. Introduction. 2. Sectoral Areas Affected. 3. Data Security. 4. Data Breach Requirements. 5. Traffic Data
1. Introduction Special data protection rules apply to the protection of Personal Data by Data Controllers in the electronic communications sector. These are in addition to the general obligations that
More informationDirect marketing The new rules 1
3 Direct marketing The new rules 1 Ruth Boardman, solicitor, Bird & Bird 2 The majority of this paper focuses on the provisions in the Privacy and Electronic Communications (EC Directive) Regulations 2003
More informationTNS UK PRIVACY & COOKIE POLICY FOR SURVEYS ( Policy )
TNS UK PRIVACY & COOKIE POLICY FOR SURVEYS ( Policy ) Introduction Market and survey research serves an important function in society. Businesses and governments are able to make informed decisions through
More informationMRS Policy Unit. Submission to Which? task force on consent and lead generation in the direct marketing industry
MRS Policy Unit Submission to Which? task force on consent and lead generation in the direct marketing industry Introduction: About MRS and the research market 1. The Market Research Society (MRS) is the
More informationCOMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
More informationONLINE SAVINGS ACCOUNT.
ONLINE SAVINGS ACCOUNT. TERMS AND CONDITIONS. THE FINE PRINT. All the details to keep everyone smiling. ABOUT THIS BOOKLET. Congratulations on choosing an Online Savings Account with ME Bank. We know that
More informationPROTECTION OF PERSONAL INFORMATION
PROTECTION OF PERSONAL INFORMATION Definitions Privacy Officer - The person within the Goderich Community Credit Union Limited (GCCU) who is responsible for ensuring compliance with privacy obligations,
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Data Protection Policy Version: 3 Reference Number: CO59 Keywords: Data, access, principles, protection, Act. Data Subject, Information Supersedes Supersedes:
More informationGSK Public policy positions
Safeguarding Personally Identifiable Information A Summary of GSK s Binding Corporate Rules The Issue The processing of Personally Identifiable Information (PII) 1 and Sensitive Personally Identifiable
More information