Blog - Page 15

Legal articles in easy to understand language.

How to Handle Consent for Minors: Complying with US COPPA, EU & UK GDPR, and Other Emerging Privacy Laws

How to Handle Consent for Minors: Complying with US COPPA, EU & UK GDPR, and Other Emerging Privacy Laws

If you make websites, apps, or games for kids, or services that are likely to be used by them, you need to make sure you comply with legal rules relating to minors. In particular, a number of different privacy laws, including the Children's Online Privacy Protection Act (COPPA), the General Data...

Third-Party Risk Management (TPRM) Guide: What It Is

Third-Party Risk Management (TPRM) Guide: What It Is

With increasing cyberattacks and data breaches, as well as stricter privacy laws, organisations are increasingly implementing measures to protect themselves and their data. One necessary step is called third-party risk management (TPRM), which helps to protect your business against risks from partners, vendors, contractors, and other third parties that you...

Managing Consent in a Multichannel Marketing Strategy

Managing Consent in a Multichannel Marketing Strategy

If your business connects with users via email, SMS, websites, and apps, you may be collecting personal data across multiple legal risk zones. Here's how to manage consent across all touchpoints and stay compliant with privacy laws like GDPR, CCPA, and more. This article explains what multichannel marketing is, why you...

How to Handle International Data Transfers After Schrems II: A Startup's Guide

How to Handle International Data Transfers After Schrems II: A Startup's Guide

Schrems II is an important legal ruling from the European Court of Justice, made in 2020. The ruling invalidated the EU-US Privacy Shield, which was an agreement covering data transfers between the two countries. There are a number of ways in which data transfers can still take place, including Standard Contractual...

Can You Use Consent as a Catch-All Legal Basis? Pros, Cons, and Risks

Can You Use Consent as a Catch-All Legal Basis? Pros, Cons, and Risks

Consent is the most visible legal basis under GDPR, but it's also one of the most misused. Many companies rely on consent for all types of data processing, only to discover they've made their compliance harder, or illegal. You need to have a lawful basis for collecting or using personal data...

How to Handle User Requests for Data Access, Deletion, and Portability

How to Handle User Requests for Data Access, Deletion, and Portability

You've got your Privacy Policy, and you're fully compliant with data protection legislation. But part of your duties involve being ready to handle the following requests: Access to data Requests for deletion (sometimes known as the "right to be forgotten" Portability requests (receive a copy of their personal data to transfer to another...