Data Protecton

FireShot Capture 048 - Free Vector - General data security. Personal information protection,_ - www.freepik.com

07 Oct: Data Protection Compliance Is Not Just for Big Tech

When we think about data protection and GDPR compliance, it’s easy to focus on Big Tech giants like Google and Meta. However, the GDPR applies to all organisations, regardless of size or industry. Businesses across sectors – from healthcare providers to energy firms – are increasingly subject to investigations and penalties. Here, we explore five recent cases where companies outside of Big Tech were fined for breaches of GDPR, showing that no one is immune from investigations and fines.

6538623

04 Sep: Transfer Impact Assessment under the GDPR

In an age where data flows seamlessly across borders, safeguarding personal information has become a pivotal concern for businesses worldwide. The General Data Protection Regulation (GDPR), a beacon of data protection laws, casts a wide net to safeguard personal data within and beyond the European Economic Area (EEA). A critical tool in this endeavour is the Transfer Impact Assessment (TIA), a process that scrutinises data transfers to ensure they meet GDPR’s standards.

FireShot Capture 021 - Free Vector - Global distribution, international cargo freight compan_ - www.freepik.com

25 Jul: Essentials of GDPR Compliance for US Businesses

If your US-based business handles data from European customers, you need to be aware of the General Data Protection Regulation (GDPR). This regulation extends beyond Europe and has practical implications for businesses worldwide. Here’s a guide to help you understand two crucial aspects of GDPR compliance: privacy notices and the requirement for a data protection representative in the European Union (EU).

Voice Assistant Composition

20 May: AI and Data Protection: Latest Guidance from Germany

AI technologies, especially Large Language Models (LLMs), are becoming integral to various applications, from customer service chatbots to complex analytical tools. However, their use raises significant data protection concerns. The Conference of Independent Federal and State Data Protection Supervisory Authorities in Germany recently released a guide on AI and data protection, providing a detailed framework for using AI in compliance with data protection laws.

Voice Assistant Composition

29 Apr: International Data Transfers from Switzerland

In Switzerland, personal data may not be transferred to countries lacking adequate levels of data protection unless specific protections are ensured. The Federal Act on Data Protection (FADP) stipulates that personal data originating from Switzerland must receive comparable levels of protection when it crosses borders as it does within the country.

Screenshot 2024-04-11 at 17.51.49

11 Apr: Fair Play in the Marketplace: A Guide to Pricing Regulations

The world of commerce thrives on competition, and at the heart of this competition lies pricing.
But what happens when pricing practices become deceptive or prevent healthy competition? This is where pricing bans and rules come into play. These regulations aim to protect consumers and ensure a fair marketplace, but navigating this maze can be complex for both businesses and consumers.

Science Article Writing Composition

07 Apr: The Swiss Data Protection Act: Records of Data Processing

The new Swiss Data Protection Act introduces several key provisions, including the requirement for entities processing personal data to maintain detailed records of their data processing activities. The regulation outlines specific elements that must be included in the records of data processing, such as the objectives behind data processing, the varieties of personal data processed, and particulars of data transfers to foreign territories, among other requirements.

Screen Shot 2024-02-02 at 15.57.29

01 Apr: Data Protection Impact Assessment in Switzerland

A data protection impact assessment is about foresight. It’s about spotting data protection issues early on, simplifying solutions, and cutting costs. Think of it as the planning stage of your hike, where you assess the path for potential hazards. Just as you’d want to know about a washed-out bridge on your hiking route in advance, data protection impact assessments help catch problems before they become complex and expensive.

20550

10 Mar: What is new about data protection officers in Europe?

In January 2024, the European Data Protection Board (EDPB) released a significant report following an extensive review of Data Protection Officers’ (DPOs) roles across the EU. This article aims to break down the report’s findings and offer straightforward advice for DPOs and businesses looking to improve their data protection efforts.

Voice Assistant Composition

03 Mar: Data Scraping in Europe: A Legal Compass

In today’s fast-paced digital world, the hunt for information drives businesses to adopt innovative techniques like data scraping. This method, which automates the extraction of vast amounts of information from digital platforms, is a game-changer for anyone looking to gain insights, generate leads, or simply stay ahead in the market. However, as handy as data scraping can be, it treads a fine line within the complex web of European legal standards, particularly when it comes to privacy and intellectual property rights. Let’s dive into the world of data scraping, understand its legal challenges, and explore how businesses can operate within the bounds of European law.

7569068

23 Feb: Class Action under the GDPR

The General Data Protection Regulation (GDPR) has reshaped the way businesses handle personal data, introducing stricter rules and giving individuals more control over their information. A significant aspect of the GDPR is its provision for class actions, allowing groups of individuals to seek compensation for breaches of their data rights. This development is crucial for businesses to understand, as it brings new challenges and responsibilities.

20550

28 Jan: Legitimate Interest Assessment under the GDPR

Legitimate interest is one of the six lawful bases under the GDPR that businesses can use to process personal data. It’s the most flexible basis but comes with an added responsibility to protect the rights and interests of data subjects. This basis is often appropriate when data is used in ways that individuals would reasonably expect and with minimal privacy impact.

Screen Shot 2024-02-02 at 15.55.47

21 Jan: Understanding Data Protection Impact Assessments under the GDPR

In the labyrinth of data protection, a Data Protection Impact Assessment (DPIA) stands out as a vital navigational tool. Think of a DPIA as your GPS through the intricate world of data processing – it doesn’t just keep you on the right side of the law but also steers you towards a more trustworthy and transparent relationship with your users. By performing DPIAs, you’re not just ticking a compliance box; you’re heading to smarter data handling, reducing risks, and dodging those hefty non-compliance GDPR fines.

Screen Shot 2024-02-02 at 15.57.29

18 Jan: Navigating the Landscape of GDPR Assessments: DPIA, TIA, and LIA

The General Data Protection Regulation (GDPR) has revolutionised the way personal data is handled across the European Union and beyond. A crucial aspect of GDPR compliance is the implementation of various assessments to ensure data protection and privacy. These assessments include the Data Protection Impact Assessment (DPIA), Transfer Impact Assessment (TIA), and Legitimate Interest Impact Assessment (LIA). Each of these plays an important role in safeguarding personal data and ensuring that businesses comply with GDPR requirements.

Screen Shot 2024-02-02 at 16.06.00

08 Jan: The European Data Act and Its Impact on Businesses

In an age where data shapes our daily lives, understanding the new European Data Act is crucial for everyone, from business leaders to everyday consumers. This landmark legislation, introduced by the European Union, is set to transform how data is managed, shared, and protected. In this clear and concise guide, we’ll explore what the European Data Act is, why it matters, and how it impacts you.

2110.i301.005.S.m004.c13.Banks scammers isometric composition-min

14 Dec: Overview of the ICO’s Guidance on Recruitment and Selection

In the digital age, data protection is a critical aspect of every business operation, especially in recruitment. The UK Information Commissioner’s Office (ICO) has issued detailed guidance on recruitment and selection, focusing on compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). This article delves into these guidelines, offering key insights and pragmatic advice for businesses to navigate the complexities of data protection in recruitment.

7569068

01 Dec: Fines and Penalties for Non-Compliance: DSA, GDPR, and CRD

In the digital age, regulations and directives have been established to protect consumers and ensure a level playing field for businesses. Three significant pieces of legislation in this realm are the Digital Services Act (DSA), the General Data Protection Regulation (GDPR), and the Consumer Rights Directive (CRD). This article provides a brief overview of each and outlines the fines and penalties associated with non-compliance.

6076520

09 Oct: Retargeting in Personalised Ads: Balancing E-commerce Strategies with Data Protection

In the digital space, e-commerce platforms are leveraging personalised advertising to enhance customer experiences and boost sales. Retargeting, a form of personalised advertising, has become a game changer, enabling businesses to re-engage potential customers by displaying ads based on their previous online activities. While this approach can significantly uplift conversion rates, it also entails critical considerations regarding data protection and privacy compliance, notably in the light of the General Data Protection Regulation (GDPR).

Personal Data Protection Concept

30 May: Navigating the New Swiss Data Protection Act: A Checklist for Compliance and Key Differences from GDPR

Are you aware of the recent changes affecting Swiss data protection regulations? In this article, we explore the revised Swiss Federal Data Protection Act (revFADP), delve into the key changes and explain the main differences between the revFA and the GDPR. Mark your calendars, as the deadline for compliance is fast approaching, on September 1, 2023.

Remote Data Access Composition

01 May: Records of Processing Activities: A Key GDPR Compliance Requirement

The General Data Protection Regulation (GDPR) is a comprehensive data protection regulation implemented in the European Union (EU) in May 2018. It aims to protect the personal data of EU citizens and residents and ensure that businesses and organisations are held accountable for the way they collect, process, and store this data. It sets out strict requirements for data protection and privacy, and failure to comply can result in significant fines and other penalties – up to €20 million, or up to 4% of the annual global turnover of the preceding fiscal year, whichever is higher – a valid reason to check your data processing practices.

lawful data protection

26 Mar: Lawful Personal Data Processing

The General Data Protection Regulation (GDPR) has been in place for several years, yet many businesses still struggle to understand whether they can process personal data. While the GDPR provides six lawful bases for data processing, there is a lack of understanding among businesses on which basis they can rely to process data. As a result, companies often add unnecessary consent requests to all their documents, which can cause confusion and frustration for their customers.

Sign in page abstract concept vector illustration.

13 Jan: Consent to personal data processing under the GDPR: what it is, why you need it and how to obtain it

Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.

Tiny people protecting business data and legal information

23 Nov: GDPR: benefits and compliance

Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.

device-5400442_1280

26 Oct: Understanding GDPR Technical and Organisational Measures

Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.

vw-beetle-1031513

24 Feb: California Privacy Law vs GDPR

The increasing role of technology, data, and sharing of personal information has heightened consumers’ risk of the unauthorized use or disclosure of their personal information. Governments have passed legislation to protect consumers from these risks.  In the European Union, the General Data Protection Regulation (GDPR) protects data subjects. In California, the California Consumer Privacy Act (CCPA) provides protection for consumers.