-
Personal details of 10,200 benefit claimants placed online in France
A file showing dates of birth, addresses and income levels was publicly accessible for 18 months. It had been sent to a training firm which says it thought it was a fictitious list
-
Cordialement, amicalement: the nuances of email sign-offs in French
The Connexion explains which formulas suit different scenarios and how trends are changing
-
French mobile service Free fined €300,000 for data protection breaches
The fine comes after a series of complaints against the company relating to customers’ privacy and unwanted commercial messages
Email lists will need data review
New rules on data protection mean many small businesses will have to rethink their database of contacts before they come into force on May 25
Aiming to give people more say in how personal details are collected and used, plus give more protection from cybercrime, the RGPD rules (called General Data Protection Regulation in the UK) mean businesses need “explicit” consent from people before storing data electronically and must explain how this data will be used.
More importantly, a pre-filled tick box does not count as consent and businesses must ask for consent for each type of data use, whether for emails, newsletters or fraud checks.
Businesses must also keep full documentation on what consents have been given and be able to erase records for anyone who asks for it, or give a complete copy of what is held.
Small businesses do not escape as criminals may see them as having less protection than big firms and perhaps giving details of who is going on holiday and for how long.
French data watchdog CNIL has information at tinyurl.com/y7wffpf2 but UK changes are similar and its watchdog has a helpfile at tinyurl.com/jpwxldl