COVID-19 UPDATE: It is important that we follow official guidelines to minimise the risk from COVID-19, so we would ask you to bear with us during these unprecedented times. We are now welcoming clients back to the office for in-person meetings where necessary, but we are still able to meet by telephone or video call. Please also ensure you are wearing a face mask if you come to visit us in the office, in line with Welsh Assembly guidelines.

Employers Liability for Data Breaches

The UK Supreme Court has handed down its judgment in the case of a claim brought against Morrisons supermarkets by various former and current employees. The claim relates to a data breach which occurred in 2014. Background Morrisons employed Andrew Skelton as part of...

The GDPR – Part 2

Accountability The GDPR introduces the concept of accountability.  Governance under the GDPR must be transparent. Data controllers and processors must put in place comprehensive but proportionate systems of governance. Good practice tools such as privacy impact...

A Guide to the GDPR

The GDPR comes into force in the UK on 25 May 2018. It replaces the Data Protection Act 1998. It applies to data processors within the EU and also to organisations outside the EU who sell goods and services into the EU. There are two types of people and organisations...