Website Legal Requirements – Cookies – New Guidelines

From the 26th of May 2012 the UK Information Commissioners Office (ICO) will start prosecuting companies for breaches of the Privacy and Electronic Communications (Amendment) Regulations. These set out the obligations of website operators to provide users with information about cookies and obtain their consent when using cookies. Failure to comply with the rules can result in a fine of up to £500,000.

Continue reading

SaaS Agreements – Data Protection – New Proposed EU Rules – Part 2

On the 25th of January 2012 the European Commission published a proposal for a new Data Protection Regulation to replace the existing EU Data Protection Directive. The proposal sets out a general data protection framework aimed at unifying the current differing data protection rules in the EU. Following on from my first article – part 1, I have summarised the remainder of the major changes this will make to EU data protection law below.

Continue reading

SaaS Agreements – Data Protection – New Proposed EU Rules – Part 1

On the 25th of January 2012 the European Commission published a proposal for a new Data Protection Regulation to replace the existing EU Data Protection Directive. The proposal sets out a general data protection framework aimed at unifying the current differing data protection rules in the EU. I have summarised the major changes this will make to EU data protection law in two articles, part 1 of which is set out below.

Continue reading

Website Legal Requirements – Data Commissioner Fines for Unsolicited E-mails

As a result of an amendment to the Privacy and Electronic Communications Regulations 2003 (PECR), from the 25th of May 2011 the Information Commissioner’s Office (ICO) will have the power to impose fines of up to £500,000 on companies, if they send unwanted marketing e-mails or text messages to consumers.

Continue reading

SaaS Agreements – Data Protection – Liability for Loss of Backup Tapes

A SaaS supplier can be liable for the loss of backup tapes, not just under the terms of its SaaS agreement but also the Data Protection Act 1998, the Financial Services Authority regulations or other UK rules or regulations regardless of whether the SaaS supplier, its data centre or a third party losses the backups of customer data.

Continue reading

SaaS, ASP Agreements – Data Protection Issues with Sub-contractors – Model Clauses

Using a sub-contractor to process your SaaS customer data is a problem under data protection law, where the sub-processor is based outside of the European Economic Area (EEA). Incorporating EU model clauses into your SaaS agreement is NOT the solution to this common problem. EU Model Clauses Under data protection

Continue reading
Bodle Law