Sign Up

What is 8 + 4?

Have an account? Sign In Now

Sign In

What is 8 + 4?

Forgot Password?

Don't have account, Sign Up Here

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

What is 8 + 4?

Have an account? Sign In Now

Please type your username.

Please type your E-Mail.

Please choose an appropriate title for the question so it can be answered easily.
Please choose the appropriate section so the question can be searched easily.

Type the description thoroughly and in details.

What is 8 + 4?

Sign InSign Up

Watercooler by DPOrganizer

Watercooler by DPOrganizer Logo Watercooler by DPOrganizer Logo

Watercooler by DPOrganizer Navigation

Search
Ask A Question

Mobile menu

Close
Ask a Question
  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler

Stephen Lark

Bronze contributor
1Follower
2Questions
Home/ Stephen Lark/Answers
  • About
  • Questions
  • Polls
  • Answers
  1. Asked: November 23, 2021In: GDPR

    Confused – ‘data definitions and calculations’ – must be provided prior to contract?

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Replied to answer on December 2, 2021 at 10:27 pm

    Thanks for your response. This was my first response too however the deadline had passed for asking questions!

    Thanks for your response. This was my first response too however the deadline had passed for asking questions!

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  2. Asked: November 15, 2021In: GDPR

    Closing a DSAR

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on November 23, 2021 at 6:47 pm

    In this instance I would charge a fee for further work on the SAR, this is likely to quelle their enthusiasm. It is perfectly acceptable to charge a fee for work that goes above and beyond what is reasonable.

    In this instance I would charge a fee for further work on the SAR, this is likely to quelle their enthusiasm. It is perfectly acceptable to charge a fee for work that goes above and beyond what is reasonable.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  3. Asked: October 15, 2021In: GDPR

    Renewal emails

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on October 17, 2021 at 10:41 pm

    Lawful basis would be contract and service message. However once the subscription expires then the lawful basis would be Legitimate Interest and marketing. Personally I continue to use contract for a period of 1 month after expiration. if I hear nothing from the 'member' after this period it's usualRead more

    Lawful basis would be contract and service message. However once the subscription expires then the lawful basis would be Legitimate Interest and marketing.

    Personally I continue to use contract for a period of 1 month after expiration. if I hear nothing from the ‘member’ after this period it’s usually safe to say they are not looking to renew.

    See less
    • 2
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  4. Asked: June 2, 2021In: GDPR

    UK company providing GDPR training for employees?

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on June 3, 2021 at 9:16 am

    Sounds like it is a company wide initiative so in this case I would use one of the 'security awareness providers' who as part of the solution provide phish testing emails, hundreds of videos on GDPR and other security related topics, and importantly a delivery mechanism to ensure employees are engagRead more

    Sounds like it is a company wide initiative so in this case I would use one of the ‘security awareness providers’ who as part of the solution provide phish testing emails, hundreds of videos on GDPR and other security related topics, and importantly a delivery mechanism to ensure employees are engaged. Employee engagement is key and very difficult to achieve. If a breach were to happen the ICO will ask the question – ‘When were your employees last trained’….so you need evidence of a program rollout and employee engagement.

    We use KnowBe4 as they have the largest video content and then include a services wrap for cyber security training sessions and to deliver the phish email tests.

    In the spirit of openness on this forum you could choose from between 10 and 20 mainstream vendors, all of which would fit the bill.

    I would recommend the specialist GDPR companies only if you want specific individual’s, such as a DPO, to get some certificates.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  5. Asked: June 2, 2021In: GDPR

    UK company providing GDPR training for employees?

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on June 3, 2021 at 9:00 am

    Yesterday I wrote a full response but it got blocked. Wonder if the fault has been corrected.

    Yesterday I wrote a full response but it got blocked. Wonder if the fault has been corrected.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  6. Asked: May 31, 2021In: GDPR

    Loyalty schemes

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on June 2, 2021 at 9:26 am

    If they are your customers then you already have a basis for processing and storing their information however that will not by default include other purposes such as loyalty schemes. You are best advised to seek consent to further process their information for a loyalty scheme.

    If they are your customers then you already have a basis for processing and storing their information however that will not by default include other purposes such as loyalty schemes.

    You are best advised to seek consent to further process their information for a loyalty scheme.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  7. Asked: May 28, 2021In: Software tips and tricks

    ROPA/PIA SaaS solution

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on June 2, 2021 at 9:21 am

    I'd echo Egil, and like Egil, I'm not truly objective as I am in the process of gearing up to use/promote PriviQ. They are new to the UK but established in other geo locations. The key for me is the price which you can see on their website. Happy to arrange a demo. For sure you cannot go wrong withRead more

    I’d echo Egil, and like Egil, I’m not truly objective as I am in the process of gearing up to use/promote PriviQ. They are new to the UK but established in other geo locations. The key for me is the price which you can see on their website. Happy to arrange a demo.

    For sure you cannot go wrong with DPOrganiser – it does what is says on the tin.

    I don’t know Keepabl

    Like all purchases – due diligence is key

    See less
    • 1
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  8. Asked: May 26, 2021In: GDPR, Software tips and tricks

    Extracting emails and duplication of data in SARs

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on May 28, 2021 at 8:56 am

    I've never heard of SmartBox so checked them out. I'd be careful as parts of their website are still in Latin and their cookie 'more info' button takes you to a marketing companies page that drops more cookies. I'm sure they are a good company but it tells me they are resource stretched at present wRead more

    I’ve never heard of SmartBox so checked them out. I’d be careful as parts of their website are still in Latin and their cookie ‘more info’ button takes you to a marketing companies page that drops more cookies. I’m sure they are a good company but it tells me they are resource stretched at present which may affect product development, response and support.

    As the others have said – due diligence is key.

    Finding emails is easy, redacting and preparing for submission to the requestor is not and sadly the cost of doing so in an automated fashion is very expensive.

    I’m sure you have not but don’t forget your unstructured data too.

    We do have a commercial arrangement with a company called Guardum which is top of the tree when it comes to DSAR’s. If you want to know more let me know.

    See less
    • 1
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  9. Asked: May 14, 2021In: GDPR

    PECR – Marketing and service emails

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on May 25, 2021 at 9:40 am

    HellenB is spot on. If you do not have valid consent I would suggest trying the following: Email the ladies explaining the project and the primary purpose is a positive outcome for women in that industry but highlight openly that the long term results will likely be a raised profile and promotion ofRead more

    HellenB is spot on. If you do not have valid consent I would suggest trying the following:

    Email the ladies explaining the project and the primary purpose is a positive outcome for women in that industry but highlight openly that the long term results will likely be a raised profile and promotion of the charity itself.

    Explain that you are looking for testimonials and focus group engagement only and as such are seeking one off consent to participate in this initiative.

    Reassure that existing communication preference will remain unaffected.

    This is what I call the pragmatic approach and has served me well so far.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
  10. Asked: May 18, 2021In: GDPR

    Cookies and legitimate interest

    Stephen Lark

    Stephen Lark

    • 2 Questions
    • 29 Answers
    • 0 Best Answers
    • 26 Points
    View Profile
    Stephen Lark Bronze contributor
    Added an answer on May 25, 2021 at 9:28 am

    LI does not require consent and it is the industries way of circumventing the current cookie regulations that require consent. Most that do this have an object to all button but is is important to realise, which most people don't, that you need to hit two buttons not one! At present there is nothingRead more

    LI does not require consent and it is the industries way of circumventing the current cookie regulations that require consent.

    Most that do this have an object to all button but is is important to realise, which most people don’t, that you need to hit two buttons not one!

    At present there is nothing you can do about it save use a different website. The worst are the media companies and the likes of Formula 1.

    See less
    • 0
    • Share
      Share
      • Share on Facebook
      • Share on Twitter
      • Share on LinkedIn
1 2 3

Sidebar

Ask A Question

Trending contributors

Smurf333

Smurf333

  • 11 Answers
Bronze contributor
Dave_Wylie

Dave_Wylie

  • 28 Answers
Bronze contributor
CRodica

CRodica

  • 6 Answers
Rising star contributor
Atis

Atis

  • 4 Answers
Andrea

Andrea

  • 15 Answers
Bronze contributor

Recent questions

  • Anonymous

    Instagram!!

    • 0 Answers
  • Olga

    DPO in EU and UK

    • 0 Answers
  • Smurf333

    DBS scenario with HR retaining excessive information for longer than ...

    • 0 Answers
  • CRodica

    Parties role towards employees data for administrative purposes

    • 0 Answers
  • Donna

    ‘serious harm test’ for health data

    • 0 Answers

Explore

  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler

Footer

Your privacy

  • Cookie notice
  • Privacy notice

Terms and policy

  • Acceptable Use Policy
  • Terms of Use

© 2021 DPOrganizer. All Rights Reserved. With Love by DPOrganizer.