THE DATA PRIVACY EXPERTS OF CHOICE DELIVERING FRICTION LESS COMPLIANCE

BOOK YOUR 30 MINUTE FREE GDPR ENQUIRY CALL
BOOK NOW

RELENTLESS GDPR 24/7

The Number One GDPR Compliance HUB

GDPR 24/7 Software has you covered!

Compliance with the EU’s new data protection regulation is complex and requires team to work effectively together. GDPR 24/7 intuitive interface and thoughtful workflows simplify the compliance process by organising it into clear, simple assignable tasks via a cloud-based hub.

TRY IT FOR FREEGreat Pricing
 

Relentless Services

______________________

GDPR ASSESSMENT

SEE MORE

OUTSOURCED     DPO

SEE MORE

RELENTLESS GDPR 24/7

SEE MORE

EU REPRESENTATIVE

SEE MORE

BRAZIL  LGPD   SERVICE

SEE MORE

JAPAN APPI    SERVICE

MORE

SOUTH KOREA PIPA  SERVICE

SEE MORE

CALIFORNIA CCPA   SERVICE

SEE MORE

 

OUR GOAL

______________________

______________________

 

 

Individuals are using global digital platforms to learn, find work, showcase their talent, and build personal networks. Some 900 million people have international connections on social media, and 360 million take part in cross-border e-commerce. Digital platforms for both traditional employment and freelance assignments are beginning to create a more global labor market.

Mapping and documentation of data processing activities are required under the GDPR.

 

 

 

MEET OUR TEAM

______________________

, Home, Relentless Data Privacy and Compliance | Birmingham| United Kingdom

Khwanchira specialises in data privacy mapping to the GDPR DPA 2018 regulations. Khwanchira has led a number of GDPR projects across diverse industries and also specialises in global data privacy laws worldwide.

KHWANCHIRA KHAN

SENIOR PRIVACY AND COMPLIANCE ASSOCIATE

, Home, Relentless Data Privacy and Compliance | Birmingham| United Kingdom

Robert brings a wealth of international compliance experience across diverse industries. With over 20 years experience in senior global IT Operations and compliance management. 

ROBERT HEALEY

FOUNDER

, Home, Relentless Data Privacy and Compliance | Birmingham| United Kingdom

With 5 years of privacy operations management Meena currently oversees all client outsourced privacy services including scheduling , billing , and support services.

MEENA KHAN

OPERATIONAL MANAGER

RELENTLESS DATA PRIVACY SERVICE

We a

PRIVACY COMPLIENCE BY DESIGN

WHY YOU SHOULD CHOSE RELENTLESS

Client focused Data Privacy Experts

Our team has over 30 Years industry experience in the global data protection and data privacy sector.

Large Number of successful GDPR Implementations

Our adaptable and knowledgeable team has delivered GDPR compliance across industries from startup’s to PLC.

Frictionless Implementation Delivery Approach

Our bespoke GDPR delivery framework ensures data privacy compliance is delivered without disruption of business operations.

Free Initial Consultation Meeting

We are pleased to meet prospective clients for a free initial meeting to discuss their data privacy requirements. This can be at your offices or by video link.

OUR LATEST NEWS

______________________

WHY A EUROPEAN SOVEREIGN CLOUD COULD BE THE SILVER LINING TO COUNTER THE U.S. CLOUD ACT

Where it all Started     It all started with an American investigation into a drug-trafficking case. Data on this criminal network was reportedly located on a user’s Outlook account in Microsoft’s servers in Ireland. The U.S. Government issued a warrant requiring...

The LGPD Brazil’s Data Protection Law From February 2020

On July 10, 2018, the Brazilian Federal Senate approved a General Data Protection Regulation (“Lei Geral de Proteção de Dados” or “LGPD”). The bill, was largely inspired by the European General Data Protection Regulation (“GDPR”). Although several LGPD provisions were vetoed by Brazil’s president in August 2018, a December 2018 executive order reinstated many of the vetoed provisions. Most significantly, the executive order reinstated sections establishing an agency tasked with enforcing Brazil’s data protection laws.

The US (Cloud) Act and EU Businesses Better to Play It Safe

The fact that the US does not have the same ideas about data protection as Germany and the European Union should not come as a surprise. There is a reason why the United States of America is regarded by the EU as an “insecure third country”.

Three Key Compliance progressions for 2019/2020

How is compliance faring in 2019 and what is in store for 2020   2019 has been a complex year for compliance. Regulations are continuing to evolve and meeting those compliance requirements are proving to be a challenge. However, companies that are dealing...

Appointing an Internal Data Protection Officer Could Put Your GDPR Compliance At Risk

Faced with the challenge of appointing a Data Protection Officer (DPO), many businesses' first thought is to look internally, handling data protection responsibilities to an existing employee. Yet doing so could do more harm than good to their GDPR compliance.  ...

Four Key Elements For Baseline GDPR Compliance

Guide To Achieve  Baseline GDPR Compliance Its 2019 and if you are still struggling to meet  GDPR compliance and with the threat of severe penalties in place for those whose failure to comply puts individuals personal data at risk, there really is no time like the...

California Consumer Protection Act How it Affects the Hospitality Sector

CCPA and the Hospitality Sector    An important implication to CCPA California Consumer Protection Act law is that it does not limit itself to companies that are headquartered in California. comparatively  it applies to any company that carries out business in...

Post BREXIT Data Transfers to the UK a Guide for EU Businesses GDPR

Today we discuss the effects of  BREXIT for EU businesses post 31st October 2019.   EU businesses that intend to transfer personal data to the UK after Brexit’s latest deadline 31st October 2019  should document their decisions to do so and notify data subjects...

Post Brexit . Will your business need to appoint an “EU Representative”?

Post Brexit the UK will cease to be part of the European Union on 31st October 2019 in the absence of a “deal” to extend the deadline.  One implication of this is that UK businesses which hold, obtain or use data about EU citizens after the 29th will most likely have...

BREXIT, GDPR AND DATA PROTECTION: IMPLICATIONS IF THE UK BECOMES A THIRD COUNTRY?

The impact of Brexit   Data protection is unlikely to be foremost in people’s minds when considering the impact of Brexit, whether it be soft or hard, deal or no deal. The UK Government has, however, recently issued papers about various topics in a ‘no deal’...
WHAT OUR CLIENTS SAY ABOUT US

WHAT OUR CLIENTS HAVE TO SAY

______________________

, Home, Relentless Data Privacy and Compliance | Birmingham| United Kingdom

James Dixon

Director of Operations at Frontier Developments PLC
Relentless were invaluable in helping us prepare for GRPR. They engaged with our organisation fist to understand how we worked and our needs, before providing a workable plan to compliance and support beyond. We have now engaged with Relentless for our outsourced DPO service.

, Home, Relentless Data Privacy and Compliance | Birmingham| United Kingdom

Jonny Summers

COO Scede.IO

Relentless delivered our GDPR assessment and implementation project to a very high standard. Their expertise in this area allowed them to work with all business units without any interruption of operations . They also provided expert legal services in relation to contracts and privacy policies. We have now engaged with Relentless for their ongoing outsourced GDPR Advisory Service.

FREQUENTLY ASKED QUESTIONS

______________________

Who does GDPR affect ?
The GDPR not only applies to organisations located within the EU but also applies to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.
What are the penalties ?
Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors – meaning ‘clouds’ are not exempt from GDPR enforcement.
How does GDPR affect marketing strategies ?
The EU’s new data protection rules are designed to give your customers more power over how their information is handled. Ready to run because you’re based outside of the EU, or you’re willing to wait for Brexit? Not so fast. Anyone who interacts with any EU citizen will be governed by the GDPR, regardless of where your company is located.
What steps should businesses consider to address this?

There are several steps businesses should consider to address this right and the requirements related to it in the Act, including:

  • identifying and inventorying the categories and specific types of personal information a business collects and shares, which is commonly achieved by data flow mapping;
  • updating privacy policies, disclosures and notices to adequately disclose their personal information collection practices, including the information listed above; and
  • implementing policies and procedures that provide an avenue for a consumer to request the information described above and enable the business to meet those requests, including a process for verifying identity. At a minimum, businesses must provide:
    • (1) a toll free phone number and
    • (2) a contact method provided on the businesses’ website, if the business has a website.
How is the collection of data defined under CCPA ?

Consider the CaCPA, a business’s collection of personal information is defined to include “buying, renting, gathering, obtaining, receiving, or accessing . . . by any means.” CaCPA § 1798.140(e). This includes both:

(1) actively gathering information about a consumer through forms or other means of communication; and

(2) passively gathering information through any means, including “by observing the consumer’s behavior.” These passive collection efforts may comprise, for example, observing consumers’ habits in physical stores or tracking consumers’ online activities through the use of cookies and pixel tags. Essentially, many observations by businesses of consumers could fall under the definition of “collecting.”  

Do companies need to be compliant after Brexit ?
If a company processes data about individuals in the context of selling goods or services to citizens in other EU countries then it will need to comply with the GDPR, irrespective as to whether or not the UK retains the GDPR post-Brexit. If activities are limited to the UK, then the position (after the initial exit period) is much less clear. The UK Government has indicated it will implement an equivalent or alternative legal mechanisms. The expectation is that any such legislation will largely follow the GDPR, given the support previously provided to the GDPR by the ICO and UK Government as an effective privacy standard, together with the fact that the GDPR provides a clear baseline against which UK business can seek continued access to the EU digital market. More information can be found at.

https://ico.org.uk/for-organisations/data-protection-and-brexit/

What is the California Consumer Privacy Act (CCPA) ?
The California Consumer Privacy Protection Act (CCPA) is a new data security law that is set to take effect on January 1, 2020. The law requires businesses transacting in California to cooperate with consumers in requests concerning how their data is being used, prohibiting companies from collecting their data, and requesting the deletion of any already-collected data. It also permits companies to offer financial incentives to consumers for collecting and using their data, and additionally prevents them from selling data belonging to minors under the age of 16 without prior consent. From a security standpoint, businesses must use reasonable security measures and access controls when protecting consumers’ personal data.

Companies with annual gross revenues of more than $25 million are required to comply with the CCPA if they collect consumers’ personally-identifiable data. Business entities of any size and type may also be required to comply if they work with the data of at least 50,000 consumers or derive at least half of their annual revenues from selling consumers’ personal information. Companies could be liable for civil penalties of up to $750 per exposed user or $7,500 per other violation, injunctive or declaratory relief, or other court-approved relief for noncompliance.

Free Privacy Consultation
  • the categories and specific pieces of personal information the business has collected;
  • the sources from which the business collected the personal information;
  • the business or commercial purpose for collecting the personal information; and
  • the categories of third parties with whom the business shares the personal information.

IF YOU WANT TO SPEAK WITH US DIRECTLY

CALL US NOW

+44 (0) 121 582 0192

MEET OUR CLIENTS

______________________

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other