under the GDPR.
Within our firm are two nominated individuals responsible for data under the GDPR. The roles undertaken are twofold, namely; The Data Controller and the Data Processor.
A Controller determines the purposes and means of processing personal data and a Processor is responsible for processing personal data on behalf of a controller.
As of 25th May 2018 the relevant persons within our organisation are:
Simon Freer, 0208 393 0395, Ashley House, 136-138 The Broadway, Tolworth, Surrey, KT6 7LA; and
Clare Steibel, 0208 393 0395, Ashley House, 136-138 The Broadway, Tolworth, Surrey, KT6 7LA
Mark Hargest, 0208 393 0395, Ashley House, 136-138 The Broadway, Tolworth, Surrey, KT6 7LA
Octopusapp Inc. Canada, 1-888-721-1115, 10822 – 82 Avenue NW, Suite 200, Edmonton, AB T6E 2B3, Canada
To control and process data requires one of six recognised legal bases under GDPR to do so. The six bases are as follows:
Consent must be freely given, specific, informed and unambiguous. There must be a positive opt-in – consent cannot be inferred from silence, pre-ticked boxes or inactivity. It must also be separate from other terms and conditions, and simple ways for the withdrawal of consent will be required.
Processing is necessary for a contract with an individual, or because that individual has asked that specific steps be taken before entering into a contract.
3. Legal obligation:
Processing is necessary to comply with the law (not including contractual obligations)
4. Vital interests:
Processing is necessary to protect an individual’s life.