The General Data Protection Regulation (GDPR) has been in place for several years, yet many businesses still struggle to understand whether they can process personal data. While the GDPR provides six lawful bases for data processing, there is a lack of understanding among businesses on which basis they can rely to process data. As a result, companies often add unnecessary consent requests to all their documents, which can cause confusion and frustration for their customers.
Data Protection – GDPR
Data processing has become an integral part of business operations. With the increased use of cloud-based services and outsourcing, companies must understand the roles of data controllers and data processors and the legal agreement between them, known as a Data Processing Agreement (DPA).
Earlier in our Data Protection Series, we shared some tips on how to obtain valid consent in accordance with the General Data Protection Regulation (GDPR). Today, we want to explore cookies consent banners in light of the latest Report issued by Cookie Banner Taskforce.
Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.
Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.
Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.
As the world recovers from COVID-19, international travel has picked up again causing airport havoc across the globe. However, some international transfers have continued without interruption –invisible, but significant flows. These are the cross-border personal data transfers that happen every day …
Shortly after Brexit, the UK Government re-evaluated its data protection regime and cross-border data processing. The Government concluded that the EU General Data Protection Regulation (EU-GDPR) was incompatible with the UK and represented an unreasonable administrative burden on businesses, particularly small businesses, including start-ups.
Any company doing business in California (regardless of where it is located) that meets certain thresholds with respect to its gross revenue or revenue from personal information it sells or the amounts of personal information that it buys/receives/sells or shares for commercial purposes must comply with the CCPA.
The CCPA and GDPR both aim to increase consumers’/data subject’s knowledge about the use of their personal information and their rights with respect to that personal data.
Consumers/ data subjects have certain rights regarding their personal data/information under both the GDPR and the CCPA.
The increasing role of technology, data, and sharing of personal information has heightened consumers’ risk of the unauthorized use or disclosure of their personal information. Governments have passed legislation to protect consumers from these risks. In the European Union, the General Data Protection Regulation (GDPR) protects data subjects. In California, the California Consumer Privacy Act (CCPA) provides protection for consumers.
If you are operating a business in the European Economic Area (EEA) or if your business is outside the EEA but offers goods or services to customers in the EEA, you are no doubt aware of the General Data Protection Regulation (GDPR).
Email marketing campaigns need to be addressed to recipients who have previously given their express consent to receive promotional messages from you.
Bernie is a successful sports entrepreneur with a hit product he wants to take online… but he does not have a clue about email marketing! Read his story. Can you help???
On May 25 the General Data Protection Regulation comes into effect. The GDPR, as it’s known, aims to protect the fundamental privacy rights of data subjects in a world increasingly driven by data.