breakout b - bvrla.co.uk€¢ico may impose more severe punishments than the current £500,000...
TRANSCRIPT
![Page 1: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/1.jpg)
![Page 2: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/2.jpg)
Breakout BGDPR: how it affects our industry
Chairman: Jay Parmar; Director of Policy & Membership
Speakers: David Farnell; Partner at Shoosmiths LLP
Inderpal Lall; Head of Corporate Legal & Compliance Services International at Avis Budget Group
Breakout Session Sponsored by
![Page 3: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/3.jpg)
GDPR is the most significant change to data protection legislation since 1998.
Our expert panellists will discuss how the changes will affect our businesses with specific reference to vehicle rental and leasing operations.
Breakout Session Sponsored by
![Page 4: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/4.jpg)
GDPR: Main Changes to UK Data Law & Implications for Members
David Farnell
Partner at Shoosmiths LLP
Breakout Session Sponsored by
![Page 5: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/5.jpg)
GDPR: Main Changes to UK Data Law & Implications for Members
A presentation to the BVRLA Outlook Conference
By David Farnell
Thursday 30 November 2017
www.shoosmiths.co.uk
![Page 6: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/6.jpg)
Introduction: Why?• Global transfers of personal data and ECJ ruling in Maximillian Schell
• Concept of European “Safe Zone”
• GDPR will apply to all organisations in the EEA and others on the “White List”, eg. Guernsey, Isle of Man, Jersey
![Page 7: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/7.jpg)
What changes will GDPR bring?• “Personal Data” and “Sensitive Personal Data” are more widely-defined
• Data processing must be fair and lawful, but also transparent
• Organisations may only collect and use data that is necessary and protect a data subject’s privacy by default
• New rights for data subjects – to data access, to object to kinds of processing, to “port”, to be forgotten and to know when their personal data is compromised
• Processors have obligations as well as controllers
![Page 8: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/8.jpg)
What if there is a data breach?• ICO may impose more severe punishments than the current £500,000 maximum fine
• Controllers up to €20m or 4% of global group turnover
• Processors up to €10m or 2% of global group turnover
• Threat of data subjects claiming compensation (class actions)
• Uber
![Page 9: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/9.jpg)
Contact Details
David Farnell
Partner – Finance Disputes
UK Direct Dial 03700 86 7336
Mobile +44 (0) 7736 502 986
Email [email protected]
![Page 10: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/10.jpg)
The national UK law firm• 186 partners and 726 legal advisers
• Turnover of £116.7m to end April 2017
• The UK’s leading legal adviser by deal volume in 2016 (and 5th in Europe) – Experian
MarketIQ’s M&A Review
• Rated a ‘Best Employer’ for 13th consecutive year in 2017 - Legal Week
• ‘Real Estate Legal team of the Year’ finalist - Estates Gazette Awards 2016
• Recognised twice in the latest FT Most Innovative Law Firms report (and for the eighth
consecutive year)
• Gold Standard status - Investors in People
• ‘Best Talent Initiative Finalist’ - Business Leadership Summit & Awards 2016
• Authorised by the Financial Conduct Authority (FCA)
![Page 11: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/11.jpg)
Getting GDPR ReadyInderpal Lall
Head of Corporate Legal & Compliance Services International at
Avis Budget Group
Breakout Session Sponsored by
![Page 12: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/12.jpg)
Getting GDPR Ready
Inderpal S Lall
Thursday 30th November 2017
![Page 13: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/13.jpg)
13
• Business Process Analysis
Where is personal data gathered?
Where and how is personal data stored?
Where and how is personal data transmitted…..outwith of the EEA?
To which third parties is personal data given?
• Technical Analysis
Technical testing of IT systems to instances of personal data.
Do not forget paper records !
Know Your Personal Data - Audit
![Page 14: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/14.jpg)
14
• Must have a written contract with suitable provisions.
• Assess security measures taken by the third party to safeguard personal data.
• Only provide the personal data needed for the job……..duty to minimise.
• Must all done before the personal data is handed over.
• Records.
Third Parties and Personal Data
![Page 15: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/15.jpg)
15
• Use-cases for personal data must fall into one of:
Performance of Contract;
Legitimate Interest;
Consent;
Legal Requirement.
Export of personal data outwith of EEA must be lawful.
Legal Basis For Processing Personal Data
![Page 16: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/16.jpg)
16
• Update Privacy Policy.
• Data Processing Notices.
• Consent:
Fully informed, freely given and capable of withdrawal;
No pre-ticked boxes !!;
Records.
Must reflect use-cases and handling of personal data.
Privacy Policy and Consents
![Page 17: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/17.jpg)
17
• Must know where your personal data is.
• Prudent to have a web-page/portal for requests.
• Establish robust processes to respond in time.
• Record keeping.
Connected Cars – data generated by internet enabled cars.
Don’t forget about personal data stored on cars.
Data Subject Rights
![Page 18: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/18.jpg)
18
• Data Protection Audit – you know where your personal data is and what you do with it.
• Privacy Policy and Notices – accurate, up to date and maintained.
• Data Subject Rights – robust and demonstrable processes in place.
• Privacy by Design – be able to demonstrate this, embed in project processes, supplier evaluation, privacy impact assessments.
• Accountability Framework – Data Protection Officer, sound record keeping, ongoing commitment to compliance.
“Culture of Compliance”
![Page 19: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/19.jpg)
![Page 20: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/20.jpg)
Questions & AnswersYour chance to pose your questions to our speakers
Breakout Session Sponsored by
![Page 21: Breakout B - bvrla.co.uk€¢ICO may impose more severe punishments than the current £500,000 maximum fine ... • 186 partners and 726 legal advisers ... No pre-ticked boxes !!;](https://reader031.vdocument.in/reader031/viewer/2022030709/5af7c69d7f8b9aac248c3dca/html5/thumbnails/21.jpg)
Thank you.Back to the Atrium for a coffee break.
Breakout Session Sponsored by