Free Trial

    THE PRIVACYPERFECT BLOG

    Brexit Postponed, Not Cancelled - How to Keep Sharing Data After Brexit?

    Nov 15, 2019 10:07:16 AM / by Timelex posted in EU, DPO, Data Protection Officer, Data Transfer, International Data Transfer, International GDPR, GDPR Reputation, GDPR For Tech Companies, gdpr, gdpr 2019, Europe, Brexit, Britain

    The EU agreed to further postpone Brexit until 31 January 2020, the so-called “withdrawal date”. Before such date there will be parliamentary elections in the UK on 12 December 2019.

    In terms of data protection, the UK will eventually become a third country in case of a Brexit, meaning that an organisation established in the EEA should implement an adequate data transfer mechanism to share personal data with other organisations in the UK, such as other group offices or service providers. The new postponement gives companies some extra time to look at the possible data transfer mechanisms for implementation after the withdrawal date. Even in case of yet another postponement thereof, sooner or later the UK will become a third country.

    In this blog, Timelex will explain the data transfer possibilities in more detail.

    Read More

    Data Transfers: In & Out of the EU

    Nov 1, 2019 10:22:06 AM / by Brodie Bavidge posted in EU, GDPR Compliance, Data Privacy, DPO, Data Protection Officer, Data Transfer, International Data Transfer, Reputation under GDPR, GDPR For Tech Companies, GDPR for Marketers, GDPR Summary, gdpr 2019

    International data transfers play a vital role for data driven businesses and organisations. As processes have become but a few clicks away and the digital world continues advancing, organisations must take the appropriate measures to ensure protection over their data and the data subjects. The EU’s GDPR aims to protect personal data, and provides strict obligations and standards that every organisation should take when dealing with international data transfers. Below are key points for organisations to consider upon doing international data transfers from and to the EU.

    Read More

    The beginner's guide to cookies - use, necessity and compliance

    Jan 17, 2019 10:00:00 AM / by Elif Kaya | Legal Department | PrivacyPerfect posted in Data Privacy, Data Protection, Data Transfer, Personal Data, Data Consent, Cookie, Consent, Cookies

    Read More

    How can I transfer personal data across EEA borders under the GDPR?

    Oct 8, 2018 10:00:00 AM / by Elif Kaya | Legal Department | PrivacyPerfect posted in Data Protection, Data Transfer, International Data Transfer, International GDPR, EEA

    Before conducting an international data transfer, organisations need to check the GDPR very carefully. International data transfers should not only be compliant with Chapter 5 but also with all other requirements of the GDPR (following from Article 44 GDPR). Also, in order to transfer personal data outside the EU, organisations need to follow the layered approach of the European Data Protection Board.

    Read More

    Extending the GDPR across the borders of the EU: data protection in the EEA

    Sep 26, 2018 10:00:00 AM / by Soumya Patnaik | Data protection Consultant | PrivacyPerfect posted in Data Protection, Data Transfer, International Data Transfer, EEA

    The European Economic Area (EEA) is the combination of European Union (EU) and European Free Trade Association (EFTA) states, except for Switzerland. The EEA has now incorporated the GDPR into the EEA agreement. This was done by an EEA Joint Committee Decision dated 6th July 2018, which came into force on 20th July, 2018. 

    Read More

    International data transfers in a nutshell

    Aug 23, 2018 10:00:00 AM / by Elif Kaya | Legal Department | PrivacyPerfect posted in EU, GDPR Explained, Data Processing, Data Transfer, International Data Transfer, International GDPR, EEA

    International data transfers are unavoidable for most of the businesses and organisations in today’s digital world. The GDPR takes a balanced approach between the necessity of cross-border data flows for the purposes of international trade and the level of protection provided to natural persons. Although the Regulation allows the free flow of personal data between Member States, it restricts data transfers to countries

    Read More

    What should a data breach notification contain?

    Jul 9, 2018 10:00:00 AM / by Laurens Mommers | COO | PrivacyPerfect posted in GDPR Compliance, Data Breach, Data Security, Data Transfer, Personal Data

    Previously, I wrote a blog post (see here) on data breaches and where to report them, focusing on the notion of ‘lead supervisory authority’. In this blog post, I focus on the contents of data breach notifications in relation to the GDPR. It is important to notice that notifications might be to either of two stakeholders: the supervisory authority and/or the data subjects concerned (the ‘victims’ of the data breach). Using GDPR compliance

    Read More

    Debunking Seven Major Myths about the GDPR

    Jun 14, 2018 10:00:00 AM / by Laurens Mommers | COO | PrivacyPerfect posted in GDPR Compliance, Data Privacy, Data Protection, GDPR Explained, GDPR Guideline, Data Processing, Data Security, Data Transfer

    Read More

    What is a data breach, and where do I have to report it under the GDPR?

    Jun 4, 2018 10:00:00 AM / by Laurens Mommers | COO | PrivacyPerfect posted in Data Privacy, Data Protection, Data Breach, Data Security, Data Transfer

    Under the GDPR, a personal data breach has to be notified to the relevant supervisory authority in most circumstances, most notably when there is a risk for the rights and freedoms of the data subject because of the occurrence of the breach.  What is a breach, and which supervisory authority does it have to be notified to? In this blog post, we briefly discuss the answers to these questions.

    Read More