Skip to main content

Data Mapping & the GDPR: "Records of Processing Activities"

Any privacy law implementation program is based a proper data mapping. But is it even a legal obligation? Under the GDPR, the answer is a clear "yes" for most of modern businesses. Article 30 requires companies to maintain so-called "records of processing activities" (also known as RPA or ROPA) with...

Sigue leyendo

GDPR Enforcement: The Real Risks of Non-Compliance

Whereas public supervisory authorities granted an informal grace period to implement the new provisions of the EU General Data Protection Regulation (GDPR) and allocated many resources to awareness-raising campaigns in 2018, their focus clearly shifted towards enforcement in 2019. The risk of...

Sigue leyendo

GDPR Compliance in Email Marketing

“Don’t miss out on the latest deals”, “subscribe to our newsletter”, “get exclusive offers and personalized tips for shopping” – for many businesses, e-mail marketing is still the primary and most effective customer acquisition channel. Collecting email addresses and sending direct marketing...

Sigue leyendo
International Applicability

Aplicabilidad internacional del RGPD de la UE

El Reglamento General de Protección de Datos de la UE (RGPD), una importante ley de privacidad introducida por la Unión Europea en mayo de 2018, no solo tuvo un gran impacto en el sector de los proveedores de servicios digitales basados en datos, sino que hoy sigue afectando a compañías de todos los...

Sigue leyendo

Understanding and Managing Privacy Impact Assessments

Under the GDPR, companies must not only comply with the high privacy standards but are also required to document compliance efforts and internal implementation of the legal requirements. In case of complaints by EU customers or official investigations by EU data protection authorities, a...

Sigue leyendo
International Applicability

How the GDPR Affects Companies Outside the EU

The EU General Data Protection Regulation (GDPR), a major privacy law introduced by the European Union in May 2018, not only shook up the business of data-driven digital service providers but keeps affecting companies of any size and any industry all over the world. Many executives, IT managers and...

Sigue leyendo

Brexit: Implications on Privacy Compliance

Almost four years after the citizens of the United Kingdom have voted in favor of leaving the European Union in a referendum, Brexit is finally approaching on 31 January 2020. Since the General Data Protection Regulation (GDPR) is part of the EU legal framework which will, in principle, cease to...

Sigue leyendo
Access requests

Complying with Access Requests under the GDPR

So-called "data subjects", including consumers and employees of B2B business partners, have several rights under the EU Data Protection Regulation (GDPR). In practice, one of the most relevant of these is the right to access under Art. 15 GDPR. It entitles natural persons in the EU to request...

Sigue leyendo
Highest GDPR fine

14.5mio. Euro: Highest GDPR Fine in Germany

A German real estate company has been fined 14.5 million Euro for infringing the EU General Data Protection Regulation (GDPR) by the data protection authority of Berlin, who publicly reported on this case in a press release on 5 November 2019. It constitutes the highest fine that has been issued in...

Sigue leyendo

GDPR Updates for non-EU companies

Who is EU-REP.Global?

We are data protection service provider based in Germany, focused on compliance services under the EU General Data Protection Regulation. If you want to know more,

 

go to FAQ