.png?width=500&name=logo_transparent%20(4).png "logo_transparent (4)"){kind=logo}
Do you sometimes feel that internet works like magic; do certain incidents seem inexplicable to you, such as getting flooded with advertisements about products you may have idly surfed days ago? Whether you are a technical genius or technologically challenged, if you spend any of your time online, you have probably seen pop-up screens while surfing online, that require you to agree to the use of something called “Cookies”. Do
The beginner's guide to cookies - use, necessity and compliance
Jan 17, 2019 10:00:00 AM / by Elif Kaya | Legal Department | PrivacyPerfect posted in Data Privacy, Data Protection, Data Transfer, Personal Data, Data Consent, Cookie, Consent, Cookies
How can I transfer personal data across EEA borders under the GDPR?
Oct 8, 2018 10:00:00 AM / by Elif Kaya | Legal Department | PrivacyPerfect posted in Data Protection, Data Transfer, International Data Transfer, International GDPR, EEA
Before conducting an international data transfer, organisations need to check the GDPR very carefully. International data transfers should not only be compliant with Chapter 5 but also with all other requirements of the GDPR (following from Article 44 GDPR). Also, in order to transfer personal data outside the EU, organisations need to follow the layered approach of the European Data Protection Board.
Extending the GDPR across the borders of the EU: data protection in the EEA
Sep 26, 2018 10:00:00 AM / by Soumya Patnaik | Data protection Consultant | PrivacyPerfect posted in Data Protection, Data Transfer, International Data Transfer, EEA
The European Economic Area (EEA) is the combination of European Union (EU) and European Free Trade Association (EFTA) states, except for Switzerland. The EEA has now incorporated the GDPR into the EEA agreement. This was done by an EEA Joint Committee Decision dated 6th July 2018, which came into force on 20th July, 2018.
International data transfers in a nutshell
Aug 23, 2018 10:00:00 AM / by Elif Kaya | Legal Department | PrivacyPerfect posted in EU, GDPR Explained, Data Processing, Data Transfer, International Data Transfer, International GDPR, EEA
International data transfers are unavoidable for most of the businesses and organisations in today’s digital world. The GDPR takes a balanced approach between the necessity of cross-border data flows for the purposes of international trade and the level of protection provided to natural persons. Although the Regulation allows the free flow of personal data between Member States, it restricts data transfers to countries
What should a data breach notification contain?
Jul 9, 2018 10:00:00 AM / by Laurens Mommers | COO | PrivacyPerfect posted in GDPR Compliance, Data Breach, Data Security, Data Transfer, Personal Data
Previously, I wrote a blog post (see here) on data breaches and where to report them, focusing on the notion of ‘lead supervisory authority’. In this blog post, I focus on the contents of data breach notifications in relation to the GDPR. It is important to notice that notifications might be to either of two stakeholders: the supervisory authority and/or the data subjects concerned (the ‘victims’ of the data breach). Using GDPR compliance
Debunking Seven Major Myths about the GDPR
Jun 14, 2018 10:00:00 AM / by Laurens Mommers | COO | PrivacyPerfect posted in GDPR Compliance, Data Privacy, Data Protection, GDPR Explained, GDPR Guideline, Data Processing, Data Security, Data Transfer
The GDPR is subject to a lot of speculation and ‘fake news’ these days, and therefore we would like to present seven major myths about the GDPR that are just that: myths. Participate in GDPR discussions with more knowledge about what GDPR is not about – you can read it in this blog post.
What is a data breach, and where do I have to report it under the GDPR?
Jun 4, 2018 10:00:00 AM / by Laurens Mommers | COO | PrivacyPerfect posted in Data Privacy, Data Protection, Data Breach, Data Security, Data Transfer
Under the GDPR, a personal data breach has to be notified to the relevant supervisory authority in most circumstances, most notably when there is a risk for the rights and freedoms of the data subject because of the occurrence of the breach. What is a breach, and which supervisory authority does it have to be notified to? In this blog post, we briefly discuss the answers to these questions.
