Dutch healthcare organisations and data breaches - a way forward

Feb 4, 2021 5:24:02 PM / by PrivacyPerfect

Throughout the last couple of years, the healthcare sector in the Netherlands has been one of the frontrunners in terms of the amount of data breaches reported to the Dutch Data Protection Authority (2017, 2018, 2019). With the recent data breach of the GGD, exposing the personal data of tens of thousands getting tested for the coronavirus, the crucial issue of data breaches in the sector has received very strong public attention as well. This blog provides insight into how a data breach can be recognised, what practical steps organisations can take to reduce the risk of a breach, and how organisations can respond. 

Read More

Facebook, Google, Whatsapp... what’s up with the tech giants and privacy nowadays?

Jan 21, 2021 5:45:35 PM / by PrivacyPerfect posted in Facebook, Google

The first days of 2021 had news outlets across the world displaying headlines about recent developments in privacy of the American tech giants. If you yourself are using their services, do read on, as these developments can have a big impact on you, the privacy of your company, and your customers.

Read More

Facebook case: the CJEU's AG opinion is out - should international companies worry?

Jan 14, 2021 5:07:00 PM / by PrivacyPerfect posted in Facebook

On the 13th of January, the Advocate General of the Court of Justice of the European Union (CJEU) Michal Bobek delivered his opinion in case between Facebook and the Belgian Data Protection Authority - Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v Gegevensbeschermingsautoriteit (Case C-645/19)

The opinion follows after the Belgian Data Protection Authority went to court against Facebook for collecting information on the surfing behavior of internet users in Belgium through cookies. The Court of Appeal of Brussels decided to question the CJEU whether the Belgian DPA could indeed start legal proceedings against Facebook.

Read More

How to assess privacy risks in regard to your organisation's website

Dec 18, 2020 12:14:22 PM / by PrivacyPerfect

So, you have a website, or maybe you want to have one for yourself or for your company.
Of course you want to make sure you are sticking to the law and protect the privacy of your visitors - you want to make sure your website is GDPR compliant. But you don’t want to read a book (or, god forbid - the Law!) on the matter. We’ve got your back. This is what you need to know.

Read More

Belgian Data Protection Authority able to suspend GDPR non-compliant .be domain names within 14 days of notification

Dec 3, 2020 3:48:27 PM / by PrivacyPerfect posted in Belgium

The Belgian Data Protection Authority (GBA) announced, on 1 December 2020, that it has agreed on a protocol with DNS Belgium, the non-profit organisation responsible for managing the .be top level domain, as well as .brussels and .vlaanderen.

The protocol will allow the parties to make unavailable any .be websites which violate the GDPR, in a quicker and more efficient manner. 

Read More

EDPB Recommendations explained to ensure compliance after Schrems II

Nov 20, 2020 9:22:39 AM / by PrivacyPerfect posted in International Data Transfer, SchremsII

16 July 2020, the Court of Justice of the European Union invalidated the EU-US Privacy Shield in the Schrems II case, making most EU-US data transfers illegal overnight. The Court has also provided clarification on some extensive hurdles for using its most obvious alternative, Standard Contractual Clauses (SCC). Organizations have to:

Read More

Brexit checklist for data protection

Nov 10, 2020 2:59:56 PM / by PrivacyPerfect

On Dec 31st, 2020, the clock strikes zero for the Brexit transition period. Unless the EU and UK can strike a deal on privacy within the limited time that is left, the UK will become a third country for the member states of the European Economic Area. This has several consequences in the area of privacy. To help you during this time of uncertainty, we have compiled a checklist with things you need to check before the deadline. 

Read More

Cookies and other trackers: French supervisor publishes amended guidelines & recommendations

Oct 8, 2020 9:29:59 AM / by PrivacyPerfect posted in Cookies

France's data protection supervisor, the Commission nationale de l'informatique et des libertés, (CNIL) announced on 1 October it’s amended guidelines on cookies and other trackers (‘trackers’) and it’s final non-binding recommendations. The CNIL amended it’s guideline after the French Council of State, the Conseil d’État, determined the ban on cookie walls in the previous version (dated 4 July 2019) was not valid. Publication of the guidelines and recommendations is highly relevant for organisations having an online presence in France, or whose websites are accessible in France.

Read More

First code of conduct approved by Dutch DPA: What is it, and why is it important?

Sep 17, 2020 4:21:48 PM / by PrivacyPerfect posted in SchremsII, CodeOfConduct

The Dutch Data Protection Authority (AP) has recently approved the “Data Pro Code”,  the first code of conduct approved by the Dutch DPA under the GDPR.  The code was drafted by industry trade association of the Dutch digital sector, NLdigital, composed of 600 members, including SMEs and tech giants, and is intended to help companies in the ICT sector to comply with the obligations laid down in the EU privacy regulation.

Read More

A month and a half after the Schrems II ruling

Sep 3, 2020 11:55:26 AM / by PrivacyPerfect posted in SchremsII

In the ground-breaking judgement of DPC v Facebook Ireland & Schrems, also known as Schrems 2.0,  the Court of Justice of the EU declared the European Commission's EU-US Privacy Shield Decision invalid, making the majority of EU-US data transfers in violation of EU Privacy law. The reason? US mass surveillance making the level of protection of personal data to the US not “adequate” to that in the EU. While the CJEU upheld the use of Standard Contractual Clauses ('SCCs'), Privacy Shields most obvious alternative, it clarified some extensive considerations that organisations and authorities should assess when they use these model clauses.

...And now

Since then, a lot has happened, but uncertainty remains. Now that the dust has settled somewhat, this blog post aims to clear up some of the uncertainties through an overview of relevant events.

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.