EU Commission Sets Timeline for New SCCs after the “Schrems” Judgement
In a meeting of the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs held in Brussels today, EU Commissioner Didier Reynders delivered remarks on what to expect for the future of international data transfers after the European Court of Justice has ruled the EU-US Privacy...
Data Mapping & the GDPR: "Records of Processing Activities"
Any privacy law implementation program is based a proper data mapping. But is it even a legal obligation? Under the GDPR, the answer is a clear "yes" for most of modern businesses. Article 30 requires companies to maintain so-called "records of processing activities" (also known as RPA or ROPA) with...
GDPR如何影响位于中国的公司
欧盟《通用数据保护条例》(GDPR)是欧盟于2018年5月推出的一项重大隐私法规,这部法规不仅撼动了由数据驱动的数字服务提供商的业务,而且继续影响着全球所有行业、任何规模的公司。许多欧盟以外的高管、IT经理和合规专业人员对于GDPR的合规要求是否以及在多大程度上影响自己的业务不甚确定。
GDPR Enforcement: The Real Risks of Non-Compliance
Whereas public supervisory authorities granted an informal grace period to implement the new provisions of the EU General Data Protection Regulation (GDPR) and allocated many resources to awareness-raising campaigns in 2018, their focus clearly shifted towards enforcement in 2019. The risk of...
GDPR Compliance in Email Marketing
“Don’t miss out on the latest deals”, “subscribe to our newsletter”, “get exclusive offers and personalized tips for shopping” – for many businesses, e-mail marketing is still the primary and most effective customer acquisition channel. Collecting email addresses and sending direct marketing...
Understanding and Managing Privacy Impact Assessments
Under the GDPR, companies must not only comply with the high privacy standards but are also required to document compliance efforts and internal implementation of the legal requirements. In case of complaints by EU customers or official investigations by EU data protection authorities, a...
How the GDPR Affects Companies Outside the EU
The EU General Data Protection Regulation (GDPR), a major privacy law introduced by the European Union in May 2018, not only shook up the business of data-driven digital service providers but keeps affecting companies of any size and any industry all over the world. Many executives, IT managers and...
Brexit: Implications on Privacy Compliance
Almost four years after the citizens of the United Kingdom have voted in favor of leaving the European Union in a referendum, Brexit is finally approaching on 31 January 2020. Since the General Data Protection Regulation (GDPR) is part of the EU legal framework which will, in principle, cease to...
Complying with Access Requests under the GDPR
So-called "data subjects", including consumers and employees of B2B business partners, have several rights under the EU Data Protection Regulation (GDPR). In practice, one of the most relevant of these is the right to access under Art. 15 GDPR. It entitles natural persons in the EU to request...
