The Privacy Profit Playbook
5 GDPR Practices That Turn Compliance Into A Competitive Advantage (Even If Management Just Sees It As Red Tape)
Top insights from 100+ interviews I’ve conducted with DPOs, information security experts, and other GRC practitioners.
Written by Kyna Kosling. Privacy notice.
“I collaborated with Kyna on several blogs as an SME, and she was fantastic to work with. She asked thoughtful questions, put me at ease, and was dedicated to fully understanding and accurately representing my views on complex topics. A talented technical writer, she has a great ability to articulate nuanced concepts with clarity and precision.”
Tired of being asked how to ‘get around’ the GDPR?
GDPR compliance has benefits far beyond mitigating the risks of fines and data breaches:
You’ll have a clear overview of who is collecting what data, and why.
Teams will be working together, rather than against each other.
Your processes will be more efficient, improving productivity.
You’ll only store the data you need, reducing storage costs.
You’ll stop duplicating work.
Convince management of the business benefits of GDPR compliance, and you’ll convince them to back your implementation project — making your job as Data Protection Lead significantly easier (and more enjoyable)!
Want to make sure this free email course is ‘worth it’ before you sign up?
Here’s exactly what we’re going to cover:
Day 0: How the GDPR can become a business enabler rather than a business headache.Day 1: Ensure you have a lawful basis (and business purpose) for processing, so you minimise costs and risk while maximising ROI.Day 2: Collect only necessary data, for as little time as possible. If you ask the right probing questions, you can simplify your business processes, while saving storage costs.Day 3: Create ROPAs, then use them as a business tool: a ‘one-stop shop’ that guarantees everyone is working from the same, latest information.Day 4: Review your data processing contracts to make sure your business is protected. The time to get a contract right is before you sign it!Day 5: Demonstrate accountability, so you can be sure that you’re seeing an ROI on the measures you’ve taken and will continue to get management support!
Written by Kyna Kosling. Privacy notice.
The first lesson of The Privacy Profits Playbook is on its way to your inbox!
Within the next minute or two, you’re going to get an email from me (Kyna), which explains how the GDPR can be turned into a business enabler rather than a business headache.So, what are you waiting for? Go check your inbox!
P.S. If you don’t find the email in your inbox in the next couple of minutes, please check your spam folder… Chances are it ended up there.Oh, and please do reply to the email! I’d love to hear why you signed up :)
The next lesson is on its way to you right now!
So, go check your inbox :)
Privacy Notice
The Privacy Profit Playbook (Kyna Kosling)
This privacy notice tells you how your personal data will be used.
Contact details
Kyna Kosling
[email protected]
How and why your data is processed
We collect your email address so we can email you our five-day educational email course, The Privacy Profit Playbook, as well as send relevant follow-up emails for educational and marketing purposes. We collect this personal data directly from you, by you signing up to our email course via our landing page.We rely on the lawful basis of consent to process your data for the above purposes. This means we have your permission after we gave you all the relevant information. All your data subject rights may apply (see below), except the right to object.To be clear, you do have the right to withdraw your consent at any time by clicking unsubscribe in any email footer or using the contact details at the start of this privacy notice.
How long your data is kept for
Unless you withdraw consent, we keep your email address for up to 12 months after your last interaction with our emails, after which we will delete your personal data.
With whom your data is shared
Data processors
Organisation name: MailerLite Limited.
Processing activities for The Privacy Profit Playbook (Kyna Kosling): This data processor manages our email list and automations.
Category of recipient: Provider of email marketing and automation software as a service (SaaS).
Country the personal data is sent to: Ireland.
How the transfer complies with UK data protection law: The country has an adequacy decision.
Sub-processors
Organisation name and processing activities for MailerLite Limited: Google Ireland Limited. Data centre of MailerLite Classic with its location in Germany, and data centre of New MailerLite with its location in the Netherlands. Both Germany and the Netherlands have adequacy decisions.Organisation name and processing activities for MailerLite Limited: Vercom S.A. Managing and improving MailerLite services as a shareholder based in Poland, which has an adequacy decision.
Your rights
Under the UK and EU General Data Protection Regulation (GDPR), you have certain rights as a data subject:
The right of access — You have the right to ask us for a copy of your personal data. You can request other information, such as details about where we get personal data from and who we share personal data with. There are some exemptions, which means you may not receive all the information you ask for. You can learn more about this right here.
The right to rectification — You have the right to ask us to correct or delete personal data you think is inaccurate or incomplete. You can read more about this right here.
The right to erasure — You have the right to ask us to delete your personal data. You can learn more about this right here.
The right to restrict processing — You have the right to ask us to limit how we can use your personal data. You can learn more about this right here.
The right to data portability — You have the right to ask that we transfer the personal data you gave us to another organisation, or to you. You can learn more about this right here.
The right to object — You have the right to object to the processing of your personal data. You can learn more about this right here.
The right to withdraw consent — When we use consent as our lawful basis, you have the right to withdraw your consent at any time. You can learn more about this right here.
How to complain