Gegevens delen buiten de EU is sinds de gerechtelijke Schrems-II uitspraak een grotere uitdaging geworden. Organisaties zijn verplicht om Transfer Impact Assessments (TIA’s) uit te voeren om mogelijke risico’s van data-overdracht uit de EU naar andere landen te beoordelen. Dit was tot voor kort arbeidsintensief en foutgevoelig, maar dankzij onze samenwerking met het internationale advocatenkantoor DLA Piper kan het nu veel efficiënter en op gestandaardiseerde manier. De TIA-tool van DLA Piper, Transfer, is geïntegreerd in de PrivacyPerfect privacy-compliance SaaS-omgeving, en onderdeel van de assessment-module.
Carrying out a Data Protection Impact Assessment (DPIA) is often considered a challenging task by data protection professionals due to the complexity of the process, which often involves big and detailed projects, and relies on the involvement and support of other stakeholders within an organisation. Fortunately, there are several methods that can help make the performing of DPIAs easier, simpler, and more efficient. In this blog post, our privacy experts highlight the key steps that may help make the process painless.
The GDPR applies to organisations and public bodies of all types, that collects and processes personal data belonging to individuals residing in the EU/EEA, charities and NGOs are also obligated to comply with the EU’s privacy regulation. As NGOs and charities handle an abundance of sensitive data, it’s important to take appropriate safeguards in order to avoid GDPR fines and cyberthreats. Numerous research has indicated that the GDPR has helped companies with an increase of consumer trust, but what does this mean for NGOs specifically in terms of potential benefits?
Earlier this week, France announced that it will be the first country within the EU to introduce the use of facial recognition for government services. A decision that has raised a few eyebrows in terms of people’s privacy and the connotation it may imply in regards to the GDPR. Didier Baichere, a lawmaker with French president Emmanuel Macron ́s party, insisted that the general public shouldn't be worried. But, should they? What sort of implications can facial recognition technology make and just how protected are the public’s sensitive data? Let’s take a look.
What does the GDPR really mean for you as a retailer? Well, as is often the case with a subject like privacy: it depends. After you’ve determined that the GDPR is applicable because personal (identifying) data is involved, let’s take a look at today’s retail business operations and what it entails. We will go through specific aspects of direct marketing, e-commerce habits, and even efforts made for compliance offline, to get a better understanding of what the GDPR means for retail.
Data breach. Two words you just don’t want to hear after a long week. It’s finally the Friday afternoon you’d been waiting for. Weekend plans with the family, the clock has just hit 16:00, and the weather isn’t as bad as predicted. Yet, here you are, after conducting a DPIA, finding yourself in a situation where you have a mere 72 hours to handle a whole breach. In this blog post, we will discuss your options, and provide you with support to handle this procedure seamlessly.
We have now introduced a new DPIA module within our software. Besides all the serious stuff in and around it, we wanted to do something more in line with the time of year: summer, vacation, relaxation and fun. So we matched movie fragments with each of the eleven DPIA triggers that were issued by the European Data Protection Board. Seen all these movies? Relive the excitement. Never seen any of them? Check out the fragments and see if they’re worth a search on Netflix.