THE PRIVACYPERFECT BLOG

DSRs: practical challenges and guidance for process optimisation

May 29, 2020 9:33:29 AM / by PrivacyPerfect posted in Data Protection, GDPR Software, Data Protection Officer, Data Controlling, GDPR Compliance Program, DSAR

While Data Subject Requests (DSRs) are not a new concept, with the enforcement of the GDPR back in 2018 May, further guidelines have been introduced. With obligations becoming stricter and wider, as several additional requirements and exemptions were laid out by the EU privacy regulation, organisations often seem to be facing challenges in handling DSRs, primarily due to the complexity and time-consuming nature of the process. In this blog post, our privacy experts discuss the typical challenges organisations may face in addressing a request under each right, and provide guidance in finding solutions to these challenges.

Read More

How can your organisation recover after a personal data breach?

Apr 30, 2020 1:00:00 PM / by PrivacyPerfect posted in EU, Data Breach, DPO, Data Protection Officer, Data Controlling, Reputation, gdpr, gdpr2020

Since the enforcement of the GDPR approximately two years ago, over 160,000 breaches have been reported from across the EU. In the Netherlands alone, almost 27,000 data breaches were reported in 2019 - a 29% increase compared to the year before. Personal data breaches happen both due to external threats and internal security incidents, and both are on the rise. Given these figures and the large amount of personal data collected by organisations, even if the necessary safeguards are in place, the odds of a data breach happening within your organisation is quite high. So, what if a personal data breach does happen, how can you make sure that your organisation recovers from it quickly and well?

Read More

What are Some Key Differences Between Consent & Legitimate Interest?

Jan 9, 2020 2:11:47 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Processing, Data Protection Officer, GDPR Controller, GDPR Processor, Data Controlling, GDPR Reputation, Data Consent, Consent, Marketing under GDPR, GDPR for Marketers, gdpr, DPIA

Legitimate interest and consent are two of the six lawful bases that data processors can choose from when gathering and processing data subject personal data. Both of the mentioned lawful bases are the most commonly used reasoning among organisations for their data gathering. But what are some of the key differences between the two? 

differences_consent_legitimate_interest_lawful_basis

Read More

Discounts & Data: GDPR for Retailers

Oct 17, 2019 6:07:01 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, GDPR Software, DPO, Data Protection Officer, Personal Data, International GDPR, Data Controlling, GDPR Reputation, Data Consent, Cookie, Consent, Marketing, Marketing under GDPR, GDPR Summary, DPIA, gdpr 2019, Europe, DPA, Netherlands

What does the GDPR really mean for you as a retailer? Well, as is often the case with a subject like privacy: it depends. After you’ve determined that the GDPR is applicable because personal (identifying) data is involved, let’s take a look at today’s retail business operations and what it entails. We will go through specific aspects of direct marketing, e-commerce habits, and even efforts made for compliance offline, to get a better understanding of what the GDPR means for retail.

Read More

Could Personal Data be the New Cost for Health Progression?

Sep 13, 2019 12:16:39 PM / by PrivacyPerfect posted in USA, EU, GDPR Compliance, US, Data Privacy, Data Protection, Processing, Data Processing, Data Breach, Data Security, Personal Data, Data Controlling, Data Consent, GDPR Predictions, hubspot, gdpr 2019, Europe, Britain

The age old question we ask ourselves on what we receive, is to what we have to give up in order to have it. Will data become the new aspect we give up in order for tech in the health field progress? With new ways to help improve the lives of millions of people who potentially can be at their most vulnerable, personal data continues to be of major importance in health progression. At the same time, it begs the question: what will happen if business and ethics clash as a result of bettering healthcare?   

Read More

Flying back home - Catch up on data privacy happenings on your flight back home (2/3)

Aug 29, 2019 2:06:59 PM / by PrivacyPerfect posted in USA, EU, Data Privacy, Data Protection, Compliance, Data Breach, Data Security, Personal Data, Data Controlling, Data Consent, Consent, Cookies, gdpr, Europe, DPA, Brexit, Twitter, Instagram, FaceApp, Hyp3r, Netherlands, Britain, Germany, Facebook, Libra, Cryptocurrency, FashionID, Boris Johnson, DUO, Windows, Microsoft

New cookie guidance, joint controllership status due to social media plugins, and tech companies spying on you through their digital assistants - they might be listening when you ask Google or Siri for the route back home from France. The weeks from the 20th of July to the 10th of August were hectic. Instead of going through piles of news around data privacy from the summer months, get quickly caught up by looking at a summary of the most important happenings in this short blog post, the second of a three piece series, focusing on the last two summer months. 

Read More

The future of data processing in driverless cars: the shift from connected to autonomous

Jun 26, 2019 11:00:00 AM / by PrivacyPerfect posted in USA, EU, Processing, GDPR Controller, GDPR Processor, Data Controlling, Connected Automobiles

The shift from ‘connected cars’ (cars communicating with their manufacturers, traffic lights, surrounding vehicles etc.) to ‘self-driving’, ‘driverless’ or ‘autonomous cars’, will impose new challenges to GDPR compliance. Business models and use cases of such cars will change, as will controllership, processors, purposes, and types of data being processed. In this article, we will discuss the repercussions and challenges to GDPR compliance in this paradigm shift.

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.