ICO (@ICOnews )


Bio The ICO upholds information rights in the public interest, promotes openness by public bodies & data privacy for individuals. ico.org.uk
Location Wilmslow, Cheshire
Tweets 16,9K
Followers 76,3K
Following 802
Account created 01-07-2009 15:21:30
ID 52753292

Hootsuite Inc. : You must tell people if you set cookies, and clearly explain what the cookies do and why. You must also get the user’s consent. Consent must be actively and clearly given.

More cookies guidance here:


#fintech #ukbizlunch

Hootsuite Inc. : Does the GDPR apply to business-to-business marketing? ow.ly/jUbP50xxdfg #ukbizlunch

Hootsuite Inc. : Faye Lipson Hi Faye. The individual mentioned in the article would able to raise this matter as a complaint with John Lewis, and refer it to us if John Lewis were unable to resolve the complaint. More information can be found here: ow.ly/PcSH30qfx0Y

Hootsuite Inc. : Steve Smith Hi Steve. An organisation is required to notify affected individuals of a data breach if there is a high risk to their rights and freedoms. However, you may be able to access this information from your bank by submitting a SAR. More info here:ow.ly/SVOT30qfx5f

Hootsuite Inc. : A DPIA should:

⚪ describe the nature, scope, context & purpose of your processing;
⚪ assess necessity, proportionality & compliance measures;
⚪ identify & assess risks to individuals;
⚪ identify any additional measures to mitigate those risks.


Hootsuite Inc. : Work in direct marketing? Wed like your views on our direct marketing code of practice which is currently out for consultation. Please submit your views to us before the closing data of 4 March: ow.ly/KzjR50y8VKh #earlybiz #business

Hootsuite Inc. : Lady Catherine Swanson Hi, Please could you provide further information about the nature of your data protection concern so that we are able to offer some guidance?

Hootsuite Inc. : Mark Sabino Hi Mark, ID checks for SARs are usually required for security in order to protect your data from unauthorised access. However, they should only request proportionate information which is necessary to confirm your identity. Further info here: ow.ly/akTM30qfvlg

Hootsuite Inc. : We’ve developed a five step introduction to help businesses conform with the Children’s Code.

Read more here: ow.ly/MUY450y2dmO


Hootsuite Inc. : Our SME web hub is a one stop shop to help businesses understand their data protection obligations. There are a number of tools, checklists, hot topics and advice.

Hootsuite Inc. : 🤔Does my organisation need to appoint a Data Protection Officer (DPO)?

The GDPR introduces a duty for you to appoint a DPO if you are a public authority or body, or if you carry out certain types of processing activities:



Hootsuite Inc. : Jim Mc̮̑̑̑͒G Papa Johns UK Hi, organisations generally require an opt-in for marketing, but can sometimes rely on a 'soft opt-in'. There are three conditions to this which can be found in our marketing guidance: ow.ly/FUmg30qfhif.

Hootsuite Inc. : Need to check your compliance with data protection law?
Our data protection self assessment checklists cover areas such as
⚫Information security
⚫Direct marketing
⚫Data Sharing

Twitter Web App : Our guide on dealing with vexatious requests looks at topics such as:
- identifying potentially vexatious requests
- burdensome requests
- vexatious requests when viewed in context

Read here: ico.org.uk/media/for-orga…

Hootsuite Inc. : Weve upheld a recent complaint against Development Bank Wales for incorrectly labelling a request as vexatious. A vexatious request is one that is “manifestly unjustified, inappropriate or improper use of a formal procedure.’

Decision Notice: ow.ly/pPgv50ye9Fj

Hootsuite Inc. : Whenever a controller uses a processor, there must be a written contract (or other legal act) in place.
The contract is important so that both parties understand their responsibilities and liabilities.
Learn more here: ow.ly/Wbks50ye4bv #ukbizlunch

Hootsuite Inc. : In this blog, we highlighted three top issues for town and parish councils when dealing with personal data: ow.ly/gHyJ50y8UUY #localgov

Hootsuite Inc. : Each week we’re focussing on one project from our Grants Programme. This week, it’s Open Rights Group and their Data Rights Finder tool. They’ve also produced two reports about perceived challenges relating to rights under GDPR. Find them here: ow.ly/WHds50ybWPe

Hootsuite Inc. : Luke Briner Hi Luke, generally organisations require consent to send electronic marketing however, if relying on the soft opt-in, they must give individuals the opportunity to opt-out of receiving marketing. More information here: ow.ly/flOk30qf8av

Hootsuite Inc. : Christian Elsdon Hi Christian, it is difficult to imagine why an organisation would require you to call a premium rate number to submit a SAR, as they can also be submitted in writing. If you are struggling to submit a SAR to them, I'd advise emailing us at casework@ico.org.uk