Next Event - 16th May 2019 - Madejski Football Stadium, Reading

GDPR 1 Year On – Has your organisation done enough?

4 Track Conference - IT, Marketing, Security & HR

Europe is now covered by the world's strongest data protection rules. The mutually agreed General Data Protection Regulation (GDPR) came into force on May 25, 2018, and was designed to modernise laws that protect the personal information of individuals. Companies covered by the GDPR are accountable for their handling of people's personal information. This can include having data protection policies, data protection impact assessments and having relevant documents on how data is processed. One of the biggest, and most talked about, elements of the GDPR has been the ability for regulators to fine businesses that don't comply with it. If an organisation doesn't process an individual's data in the correct way, it can be fined. If it requires and doesn't have a data protection officer, it can be fined. If there's a security breach, it can be fined. In the UK, these monetary penalties will be decided upon by Denham's office and the GDPR states smaller offences could result in fines of up to €10 million or two per cent of a firm's global turnover (whichever is greater). Those with more serious consequences can have fines of up to €20 million or four per cent of a firm's global turnover (whichever is greater). These are larger than the £500,000 penalty the ICO could previously issue.

Next Event - 16th May 2019 - Madejski Football Stadium​

Use the below buttons/tags to filter the sessions that are of interest to you


GDPR - One Year On

James Hayward - Information Commissioner's Office (ICO)

It is one year since the implementation of GDPR. This keynote address will present a summary of the Information Commissioner’s work in the past twelve months, share the most up to date advice and take a look ahead to the future.

  • One year of GDPR – a summary of the year in data protection
  • Compliance with data protection – what’s going wrong and what are the success stories?
  • Recent enforcement case studies
  • The ICO’s most up to date policy advice
  • E-privacy and the future of data protection
  • Questions from the audience
  • Presentation

    The view from the front line; embedding GDPR into our business

    Antony Merriman - Performance Insight and Data Science / GDPR Lead at British Gas / Local Heroes

    One year on, reflections on how we embedded GDPR into our BAU business culture. Practical tips on what worked, what didn’t, and our biggest areas of concern going forward. From the point of view of the ‘GDPR lead person / Privacy champion’ in either an agile startup SME and/or a business unit in a FTSE 100 company (we are a bit of both!)”


    Data Protection & Marketing

    Tarun Samtani - DPO at Boden

    Marketing and Data Protection do not generally go along hand in hand because Marketing want to exploit the data as much as possible which is contradictory to Data Protection principles.

    This session will discuss more on the marketing practices that really cause concern for most businesses and tips on what to watch out for when looking at your marketing strategies. How to enable Marketing teams to stay within the law and how to build that culture of privacy into Marketing.

    A) Examples of marketing that can be controversial

    B) How to build a culture of privacy.

    C) Tips to improve marketing practices.


    The main data cleansing challenges for GDPR

    Gary Langrish - DPO at Together Financial Services

    Commonly data is stored across the estate in structured and unstructured formats, usually electronically or sometimes even physically held ‘on site’ or off site’. It is likely that data has been built up in personal drives and not catalogued into a searchable system online which brings huge risk.

    In this session, we discuss the Privacy by Design ethos which will spell the end for this type of issue going forwards, but also dive into the big question on what to do about legacy data? What should be the Target Operation Model (BAU) and how should we maintain and enhance compliance going forwards? This is what Together Money are focussing on during the next phase, should you?


    What’s next? A year after the GDPR came in, where are we going with data protection?

    William Richmond-Coggan - Director at Freeths

    With everything else that’s going on, it is easy to imagine that GDPR and data protection were last year’s problems. But as regulatory decisions start to come through, with the UK’s evolving relationship with Europe and with further reform around the corner, there is still a lot to think about when it comes to data privacy rights and obligations. ExecLN regular Will Richmond-Coggan will take the audience through the high (and low) points of data protection compliance now that the GDPR has had a chance to bed in.


    Using Data Protection compliance as a competitive advantage

    Christoffer Valenta- Head of Legal at FutureLearn

    Want to hear how a business can be positively impacted when Data Protection compliance is put in the front seat? FutureLearn has used Data Protection compliance to drive user trust, customer relationships and the role of Legal & Compliance within the business. This talk will touch upon how Futurelearn has achieved this and the challenges involved.


    HR GDPR? AAA (Ask Anything Anonymously)

    William Richmond-Coggan - Director at Freeths

    From the information that you have to draw to the attention of candidates at the start of a recruitment process, to the identification of suitable retention periods for the data you hold and dealing with data subject access requests from bad leavers, HR is an area that is full of data privacy potholes. Leave your name badges at the door and join this session to ask our GDPR legal expert all of those tricky questions you really need to know the answer to, but have been too afraid to ask.


    GDPR In The Real World – The Devil in the Detail of Consent

    Mike Bohndiek - Portfolio CIO / DPO for sporting organisations

    The sporting world throws up a range of GDPR challenges. From fan consents to the holding of player medical records. From working with minors through the academy structures to the interaction between clubs and their foundations. Mike Bohndiek, Managing Director at PTI Consulting – a specialist sports technology and compliance advisory group – will share insight from their client base which ranges from the Ryder Cup to Premiership Rugby clubs and a wealth of football clubs.


    The impact of GDPR on marketing

    John Mitchison - Director Of Policy and Compliance at DMA

    Discussing how new data laws have changed the way marketers engage customers, how they use data and the channels they utilise. Including the latest insight from the DMA's industry benchmarking reports, Customer engagement series and Data privacy tracker.


    Rachel Aldighieri - Managing Director at DMA

    Our network of more than 1,000 UK companies is privy to industry research, free legal advice, political lobbying and education. Our members connect at regular events that inspire creativity, innovation, responsible marketing and more. Most of them are free. A DMA membership is a badge of accreditation. We give the industry best-practice guidelines, legal updates and a code that puts consumers at the heart. One-to-one-to-millions marketing attracts the brightest minds; individuals that will shape the future. By sharing our knowledge, together, we’ll make it vibrant.