It is nearly five months since the General Data Protection Regulation (“GDPR”) came into force but whether any business could achieve full compliance is still uncertain. Is it possible that efforts to comply are being drowned in a sea of Data...
This article is directed particularly to those “fortunate” individuals responsible for GDPR compliance in their organisations. It is anticipated that in answer to the question are you ready for GDPR, many would answer no—in common with most UK businesses.
As we edge nearer and nearer to GDPR-Day (25 May 2018) more businesses are questioning their data protection policies and are attempting to overhaul their data protection practices.
It is now only three months until the General Data Protection Regulation goes live and local law firm, Warner Goodman are seeing an increasing number of requests for assistance in making businesses compliant.
Articles 13 and 14 of the General Data Protection Regulation set out the requirement to send data subjects information about their personal data and how is it being processed.
Article 30 of the General Data Protection Regulation (“GDPR”) states that each controller and processor of a data subject’s personal data shall maintain a record of processing activities that are its responsibility. It goes on to set out what should be contained in each of the controller’s and processor’s records.
On 7th August the Digital Minister of the UK Government announced the imminent publication of a “Data Protection Bill” and released a “Statement of Intent” in which the Department for Digital, Culture, Media and Sport sets out its plans for the future regulation of personal data usage by business and its enforcement.
On 25th May 2018 the EU’s General Data Protection Regulation (GDPR) comes into effect across all the EU and EFTA member states, replacing the Data Protection Act in the UK (DPA), the Federal Data Protection Act in Germany (BDSG) and similar data privacy laws in all those states. It will be enforced by local data protection agencies and courts and provides for fines for defaulters of up to 4% of global turnover or, if higher, EUR 20m. It makes substantial changes to data protection rules in the UK. The UK Government has announced that it will continue in effect post Brexit.
Outside specialist lawyer/IP practitioner circles the risks or benefits of legal action against unjustified threats are little known. This cause of action is only applicable to intellectual property infringements and even specialists have had difficulty analysing what is, or is not, a threat.
Geoffrey Sturgess, Consultant Solicitor within the Commercial department of Warner Goodman, has been named as one of 20 Legal Eagles according to Global Franchise Magazine.
The sending of electronic marketing (emails, SMS etc) to consumers is governed by the Data Protection Act (DPA), The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) and the Code of Advertising Practice (CAP).
GDPR was adopted by the European Parliament on 25th May 2016 and comes into effect on 25th May 2018. Geoffrey Sturgess explains what this means for businesses and what action you need to be taking.
The Competition and Markets Authority (previously the Office of Fair Trading) has carried out a survey and discovered that over half the businesses questioned did not understand the meaning or significance of unfair contract terms.
The use of personal data in the United Kingdom (UK) is currently governed by the Data Protection Act 1998 (DPA) which was implemented in order to comply with the European Union’s (EU) Data Protection Directive (DPD). The General Data Protection Regulation (GDPR) replaces this current legislation and is in force with effect from the 25th May 2018, in a bid to harmonise practices across all member states.
On 23rd June the UK voted to leave the European Union, a decision that will have substantial effect on a number of legal issues which are very relevant to UK businesses even if they do not trade with other EU states. At present it is not easy to predict those effects as they all depend, in large part, on decisions which are yet to be made by UK and EU politicians and bureaucrats as part of the two year disconnection process.
From 1st July 2016 the Company Annual Return that needs to be made to Companies House has been replaced by the Confirmation Statement. The change was made by the Small Business, Enterprise and Employment Act 2015. The Confirmation Statement will be due on the date that the Annual Return would have been due.
Where parties enter into a contract and there remain provisions to be agreed in the future then the contract may lack certainty and be considered a mere agreement to agree. It has long been held that if such a contract lacks sufficient certainty then it may be unenforceable.
It is very likely that a significant number of UK unlisted companies and their directors, have since 6th April 2006 unwittingly been committing a number of new criminal offences for which the humans amongst them could be imprisoned.
As reported in our Autumn 2015 Commercial Brief, the (“the Act”) received Royal Assent on 26 March 2015.
One of the aims of the Act is to enhance the transparency of UK private companies and from 6th April 2016 most companies have to start maintaining a register of people with significant control (“PSC register”), although the obligation to file this information at Companies House will not come into effect until three months later.
In late 2015 the Supreme Court gave its judgment on the joint cases of Cavendish Square Holding BV v Talal El Makdessi (“El Makdessi”) and ParkingEye Ltd v Beavis (“ParkingEye”)  UKSC 67. In these cases the Court considered the long standing rules and principles in relation to penalty clauses contained in commercial contracts.
The General Data Protection Regulation, GDPR, will replace the Data Protection Act in 2018 following its adoption by the European Parliament on 14th April. It is much tougher on businesses.
Reports on the so-called Panama Papers have focused on the tax affairs of wealthy individuals and the businesses that help them avoid tax, but the hacking of client files at law firm Mossack Fonseca should sound a warning for every business.
From 15 February 2016 the EU’s new online dispute resolution (ODR) platform became operational.
Under EU Regulation 524/2013 (“the Regulation”) consumers and traders within the EU can use the ODR platform to refer contractual disputes between a consumer and a trader in relation to goods and/or services purchased online to an agreed alternative dispute resolution (“ADR”) provider.
There is currently much debate and uncertainty over the status of the UK’s membership in the European Union. If the UK does remain in the EU following the referendum on 23rd June 2016, then along with the much talked about changes to its membership, the UK will also face significant changes to data protection law as a result of the new General Data Protection Regulation (“GDPR”).
After substantial discussions in the corridors of Brussels a nearly final form of the General Data Processing Regulation “GDPR” has been published. Announced by Brussels as creating a “single market for data processing across the EU” it will in fact create substantial new compliance obligations for most businesses in the UK when, as anticipated, it comes into effect in 2017.
After building up a successful business and reaping the rewards, it may be time to think about how else your brand can work for you. Apart from the typical route of employing more staff in new locations, and taking on new premises, an alternative and often overlooked option is franchising.
The Small Business, Enterprise and Employment Act 2015 (“the Act”) received Royal Assent on 26 March 2015. The aim of the Act is to enhance the transparency of UK companies. The Act introduces new filing requirements for companies, and will impact upon most businesses of all sizes.
The release of the hacked data from an extramarital dating site will have given its customers more than the usual worry that accompanies news of cyber-crime. Geoffrey Sturgess, Company Commercial Consultant Solicitor, explains the different ways in which cyber-crime can occur and advises businesses to carefully review their information risk management regime, assessing their processes with the same rigour as legal, regulatory, financial or operational risk.
If you are trading and you have a brand either for you or for a particular type of good or service that you supply you should consider getting it registered as a trademark. The fact that it is your company name is NOT sufficient to prevent others using it or a similar mark as a trading name or a brand.
Doing business overseas (unless on the Isle of Wight) will always involve issues of international law – even in Northern Ireland. It doesn’t need to be overseas either, consider Scotland which has Scottish law, not English. Doing business always involves contracts, even if they are unwritten and so here Geoffrey Sturgess, Consultant Solicitor, highlights the potential pitfalls you must be aware of when doing business overseas.
The British Franchise Association has again been concerning itself with the question of self-regulation v Regulation. Regulation with a capital “R” in this context means regulation by the State—laws governing the way in which the relationship between franchisor and franchisee has to work; laws that might, for example prohibit “no reliance” (on anything said by the franchisor to the franchisee prior to the contract) clauses; or proscribe formal, pre-contract, disclosure by franchisor to franchisee (on which the franchisee can rely); or cooling off periods.
Commercial parties to a contract will always be concerned about any exclusion of liability contained in the contracts they enter into. The service or goods provider will be concerned about the liability they may incur in fulfilling their obligations under the contract, whilst the recipient of said services or goods will be concerned as to what extent their right to recover any loss suffered under the contract is restricted. Geoffrey Sturgess, Company Commercial Consultant, here explains the reasons behind exclusion clauses and reviews recent case law.
Barry Spencer, a private investigator and director of ICU Investigations Ltd has been found guilty of conspiring to unlawfully obtain personal data under section 55 of the Data Protection Act 1998 (DPA). Geoffrey Sturgess, Company Commercial Consultant, here reviews the case and the possible ramifications that lie ahead for those who use private investigators to retrieve personal data.
Commercial landlords will have been following the case of Games Station Ltd, which reached the Court of Appeal recently (February 2014), but it is of interest to all who supply goods and/or services to companies that then go into administration.
The globalisation of data processing and the increasing value of that information are key factors behind the planned changes to data protection legislation in European countries. In offering greater safeguards for the rights of individuals in how their data is handled by companies, this is set to create new challenges for business.
The Court of Appeal has recently ruled that a contract clause denying one party the right to rescind the contract or seek damages for the other’s pre-contract mis-representation (false information given which induced the innocent party to enter into the contract) was enforceable in the circumstances of the case, explains Geoffrey Sturgess, Commercial Consultant.
In late September, just as the rest of us may have started to consider packing away our cycling gear, a group of 4 young people were preparing to take part in the Rad Vlaanderen Stuttgart Challenge, an event which involves participants cycling around 500 miles from Bruges in Belgium to Stuttgart in Germany over three days, in relay.
Television company Sky has succeeded in forcing software giant Microsoft to drop its SkyDrive name for “cloud” digital storage services. The case highlights the need for businesses to be cautious when it comes to new brand or service names, warns Geoffrey Sturgess, IP and commercial contracts solicitor at Hampshire based law firm Warner Goodman Commercial.
The surprising decision of the High Court (discussed below) has been overturned by the Court of Appeal, which found in favour of Fairstar and ordered Adkins to hand over the emails. The judges in the Court of Appeal believed that it was “unnecessary” to consider whether the emails were the property of Fairstar, as the High Court had done.
The term “contracting with monsters” is not the subject of a procurement manager’s nightmares but in fact a description of the common experience of entering into a commercial agreement with another entity that is much, much, bigger than you.
If you’re looking to set up your own business, it may be worth considering becoming a franchisee. In the current economic climate, this may be a path worth exploring, explains Geoffrey Sturgess, a commercial lawyer at Hampshire based law firm Warner Goodman Commercial.
The European Commission has published an easy to read summary of the rights of consumers when accessing digital and communications services including on-line purchasing says Geoffrey Sturgess of Hampshire based law firm Warner Goodman Commercial.
The post-Christmas and January sales are the busiest time of year for the retail industry, with record numbers of us recently taking to the shops on Boxing Day. However, businesses should think carefully before using promotions involving free offers warns Geoffrey Sturgess, commercial solicitor from Hampshire based law firm Warner Goodman Commercial.
The Court of Appeal has recently ruled against the US brewer, Anheuser-Busch Inc, in its attempt to prevent its Czech rival, Budejovicky Budvar Natodni Podnik, of its right to use the ‘Budweiser’ name in the UK.
A recent decision of the Advertising Standards Authority shows just how far advertisers must go to avoid their advertisements being held to be misleading says Geoffrey Sturgess of Solent law firm Warner Goodman Commercial.
The Court of Appeal has ruled that a series of emails between shipping professionals were a “document” and that their email sign-offs were signatures so that the contract of guarantee created by the emails was enforceable says Geoffrey Sturgess an IT lawyer with Southampton firm Warner Goodman Commercial.
A court has declined to hold Google liable for potentially libellous comments posted on its site, leaving an individual to pursue the posters.
Website owners will need to comply with the new law on cookie consent by 25th May 2012. By that date they will need to be able to demonstrate that they have audited the cookies used by their sites and implemented procedures preventing the “setting” of most cookies on users’ computers unless those users have given educated consent.
Websites, whether they be .uk or .com or under any other country domain are effectively accessible from anywhere in world. As a result if they contain material offensive to any jurisdiction in the world the website proprietor could face legal action anywhere in the world. It is, however, obvious that no one, other than a global business, would have the resource or desire to ensure that its website complies with all legal requirements worldwide.
The use by internet advertisers of competitor names to draw traffic has been declared unlawful at the end of a high profile battle between Marks & Spencer and Interflora.