"It gives us a really broad coverage of the law, as well as the specialist areas we have to deal with: contracting, procurement, employment law, governance. I've found some fairly obscure case law on LexisLibrary, very quickly."
Walsall Council
Access all documents on Personal data
Personal data means data relating to a living individual who can be identified from such data, either alone or with other information in the data controller鈥檚 possession. It includes opinions about, and intentions in relation to the data subject.
Personal data can thus include names, addresses, National Insurance numbers, CCTV images of individuals, car registration numbers and details of company directors (not of the companies themselves).
Speed up all aspects of your legal work with tools that help you to work faster and smarter. Win cases, close deals and grow your business鈥揳ll whilst saving time and reducing risk.
For our full legal glossary and more legal research sources, register for a free Lexis+ trial
Key provisions in a consultancy agreement鈥攃hecklist This Checklist sets out the key provisions to consider in a consultancy agreement. This Checklist highlights issues which are relevant to the customer, issues which are relevant to the consultant and issues which are relevant to both parties for inclusion in a consultancy agreement. This Checklist will assist both the consultant and the customer when reviewing and negotiating a consultancy agreement. See also: Taking instructions for a consultancy agreement鈥攃hecklist. For Precedent consultancy agreements, see: 鈥 Consultancy agreement鈥攃ompany and individual鈥攑ro-client 鈥 Consultancy agreement鈥攃ompany and company鈥攑ro-client 鈥 Consultancy agreement鈥攊ndividual and company鈥攑ro-consultant 鈥 Consultancy agreement鈥攃ompany and company鈥攑ro-consultancy 鈥 Consultancy agreement鈥攃ompany and individual鈥攑ro-client (short form) 鈥 Side letter to consultancy agreement鈥攃ompany and company鈥攑ro-client For further related guidance, see: Consultancy services鈥攐verview and Practice Notes: 鈥 Managed service companies and the anti-avoidance legislation 鈥 Deciding appropriate employment status 鈥 Personal service companies鈥攖he key benefits and key tax considerations 鈥 Securing intellectual property rights from employees and contractors 鈥 IR35鈥攖he large and public client off-payroll regime鈥攑ractical considerations for the end client...
Website terms and conditions for supply of services to consumers鈥攃hecklist This Checklist sets out the essential points that should be considered when drafting or updating online terms and conditions for the supply of services to consumers. It should be used where a lawyer wants to make sure that such terms and conditions comply with consumer protection legislation (and any guidance issued under it). This Checklist should be used in addition to the following: 鈥 Key consumer information requirements鈥攃hecklist 鈥 Information requirements under the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013鈥攃hecklist 鈥 Consumer cancellation rights under the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013鈥擲ervices鈥擣lowchart 鈥 General information to be disclosed by e-commerce websites鈥攃hecklist 鈥 Drafting consumer contracts鈥攃hecklist For a discussion on the key legal issues to consider when designing and developing a business-to-consumer (B2C) e-commerce website for trading with consumers, see Practice Note: Business to consumer e-commerce鈥攍egal issues. Introduction Businesses that transact with consumers are subject to more onerous legislative requirements and, consequently, need to pay close...
Discover our 27 Checklists on Personal data
Evaluating an objection to processing request鈥攆lowchart This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Assimilated Regulation (EU) 2016/679) unless expressly stated otherwise. The UK General Data Protection Regulation (UK GDPR) provides a number of rights for data subjects, including providing a right to object. Data subjects can make a request to an organisation to exercise their right to object to processing at any time. This is not, however, an absolute right to object鈥攊t only applies in specific circumstances. There are strict time limits for complying with requests made. See Practice Notes: 鈥 Data subject rights鈥攐bjection to processing 鈥 How to handle data subject requests This Flowchart maps out a process for evaluating a data subject request under the right to object that your organisation receives under the UK GDPR. It reflects the requirements in the UK GDPR and the Data Protection Act 2018 (DPA 2018) together with guidance issued by the Information Commissioner鈥檚 Office (ICO). It should be...
Evaluating a data subject access request鈥攆lowchart The UK General Data Protection Regulation (UK GDPR) provides a number of rights for data subjects, including providing a right of access to their personal data. Data subjects can make a request to an organisation to exercise their right of access to their personal data (a data subject access request or DSAR) at any time and there are strict time limits for complying with requests made. See Practice Notes: 鈥 Data subject rights鈥攁ccess 鈥 How to handle data subject requests This Flowchart maps out a process for evaluating DSARs received under the UK GDPR. It reflects the requirements in the UK GDPR and the Data Protection Act 2018 (DPA 2018) together with guidance issued by the Information Commissioner鈥檚 Office (ICO). It should be read in conjunction with Practice Note: How to handle data subject requests and Flowchart: Handling data subject requests鈥攆lowchart, which covers requirements common to all data subject requests under the UK GDPR. Note 1鈥攏otifying the data subject you...
Discover our 7 Flowcharts on Personal data
ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998 (DPA 1998). This Practice Note is for background information only and is not maintained.BackgroundThe DPA 1998 governs processing of personal data in the UK. It obliges processors of such data to comply with eight principles, and gives individuals a right to know what information is held about them. For further information on the principles, see Practice Note: Data protection principles under the DPA 1998.The Information Commissioner's Office (ICO) supervises and enforces the implementation of the DPA 1998. For more information, see Practice Notes: The Information Commissioner鈥檚 Office (ICO) and Sanctions and enforcement under the DPA 1998.Sections 1 and 2 of the DPA 1998 contain definitions for the key terms used throughout the act and within the Information Commissioner's codes of practice or other guidance. Key statutory definitions include:鈥ata鈥ersonal data鈥ensitive personal data鈥ata subject鈥ata controller鈥ata processor鈥rocessing鈥elevant filing systemChanges as a result of the General Data Protection...
ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998 (DPA 1998). This Practice Note is for background information only and is not maintained.Changes as a result of the General Data Protection RegulationThe General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR) (applicable from 25 May 2018) introduces substantial amendments to EU and UK data protection law and replaces the DPA 1998 and Directive 95/46/EC (the Data Protection Directive) from that date.For further information, see Practice Notes: Introduction to the EU GDPR and UK GDPR and Rights of data subjects.A data subject is a living individual who is the subject of personal data, ie data from which he can be identified. For key definitions under the DPA 1998, see Practice Note: Key definitions under the DPA 1998. For a comprehensive introduction to the GDPR, collating key practical guidance, see: Data protection toolkit.Right of access to personal dataAn individual has a right to be informed...
Discover our 160 Practice Notes on Personal data
Ireland鈥攄ata protection impact assessment鈥攁rtificial intelligence DPIA screening questionnaire The screening questionnaire should be a concise document and not overly burdensome on the business. However, it needs to provide sufficient information to the DPO/Privacy POC to decide if a DPIA needs to be completed. Like the DPIA itself, the screening questionnaire will be drafted by a multidisciplinary team within the business. All completed screening questionnaires should be approved, time stamped and retained by the DPO/Privacy POC. Where a DPIA is required, it should be kept with the screening questionnaire to avoid duplication. The DPIA template is a continuation of the screening questionnaire. While the screening questionnaire and the DPIA detail AI use in accordance with EU GDPR requirements, companies deploying AI systems also need to factor in their obligations under additional relevant legislation, such as the requirement to carry out a fundamental rights impact assessment (FRIA) under the EU AI Act. While outside the scope of this document, information gathered as part of the screening questionnaire / DPIA exercise will be...
EU GDPR鈥攕tandard contractual clauses (SCCs) for compliance with Article 28(3) EU GDPR by Danish supervisory authority This is a set of Standard Contractual Clauses (SCCs) for compliance with Article 28(3) of the EU鈥檚 General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR), governing relationships between controllers and processors and published by the Danish data protection supervisory authority (the Danish SCCs). It was published following an opinion by the European Data Protection Board (EDPB). The Danish SCCs should not be confused with SCCs relating to international personal data transfers under Chapter V of the EU GDPR. Access the Danish SCCs Click the link below to download the agreement from the EDPB鈥檚 website: Standard Contractual Clauses for compliance with Article 28(3) of the EU GDPR published by the Danish supervisory authority (the Danish SCCs) Background As detailed in Practice Note: Supply chains under EU GDPR鈥攁rrangements between controllers and processors, Article 28(3) of the EU GDPR requires that controllers and processors put in place a contract which contains certain minimum terms (unless the...
Dive into our 285 Precedents related to Personal data
If a data controller shares personal data with another data controller based outside the EEA, and in doing so exports that personal data outside of the EEA using one of the permitted data export exceptions or adequacy solutions under Schedule 4 of the Data Protection Act 1998 (DPA 1998), does the transferor data controller retain any liability for the processing of that personal data by the transferee controller under the DPA 1998? For the purposes of this Q&A we have focused solely on the law under the UK鈥檚 Data Protection Act 1998 (DPA 1998) as regulated by the Information Commissioner鈥檚 Office (ICO). Please note that: 鈥 the General Data Protection Regulation (GDPR) will introduce substantial amendments to data protection law and will replace the current DPA 1998 and the current Directive 95/46/EC (the Data Protection Directive). The GDPR will be directly applicable and fully enforceable in all EU Member States from 25 May 2018. For further information, see Practice Note: Introduction to the EU GDPR and...
What is 'personal data' for the purposes of the Data Protection Act 1998? For the purposes of the Data Protection Act 1998 (DPA 1998), 'personal data' is defined as: 'data which relate to a living individual who can be identified鈥 (a)聽聽聽聽 from those data, or (b)聽聽聽聽 from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual' This definition refers to several key terms which are further defined in DPA 1998. The term 'data' is defined to include information which: '(a)聽聽聽聽 is being processed by means of equipment operating automatically in response to instructions given for that purpose (b)聽聽聽聽 is recorded with the intention that it should be processed by means of such equipment (c)聽聽聽聽 is recorded as part of a "relevant filing system" or...
See the 75 Q&As about Personal data
This week's edition of EU weekly highlights covers the approval of major revisions to the EU carbon border adjustment mechanism (EU CBAM) by the European Parliament and Council of the EU, the launch of a call for evidence on an EU Digital Justice strategy for 2025鈥2030, the Commission鈥檚 adoption of identification and calculation rules for European oil and gas producers to deliver new CO2 storage solutions and a series of secondary legislation to implement the EU Net-Zero Industry Act, and the Commission initiating formal proceedings against Pornhub, Stripchat, XNXX, and XVideos under the EU Digital Services Act for suspected breaches regarding protection of minors. In addition this week, the Consumer Protection Cooperation Network and Commission鈥檚 notified SHEIN of several practices on its platform that contravene EU consumer protection laws, the European Ombudswoman opened an inquiry into the Commission鈥檚 preparation of the omnibus package of simplification measures, the Data Protection Commission engaged with technology companies regarding the use of personal data to train large language models in the EU/EEA, the Council...
Welcome to this week鈥檚 edition of the TMT weekly highlights: a hand-picked summary of news analysis, updates and new content from across the technology, media and telecoms sectors. These highlights focus on key topics including new technologies, software, cloud computing, internet, outsourcing, music, film & television, publishing, defamation and telecoms.
Read the latest 321 News articles on Personal data
**Trials are provided to all 桔子视频 content, excluding Practice Compliance, Practice Management and Risk and Compliance, subscription packages are tailored to your specific needs. To discuss trialling these 桔子视频 services please email customer service via our online form. Free trials are only available to individuals based in the UK, Ireland and selected UK overseas territories and Caribbean countries. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
0330 161 1234