Free Trial

    THE PRIVACYPERFECT BLOG

    All you need to know about Data Processing Agreements

    Mar 19, 2020 4:04:37 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, DPO, Data Protection Officer, GDPR Controller, GDPR Processor, GDPR Reputation, gdpr, DPA, gdpr2020

    One way or another, almost all organisations rely on third parties for processing personal data in today’s digital world, creating a direct need for data processing agreements (DPA). Even the tools that are considered to be the basic necessities in business, such as email clients, CMS systems, data storage servers, or website analytics, all process personal data on behalf of organisations. With the introduction of the GDPR, there are strict requirements and guidelines on how this can be done in a compliant manner, through signed DPAs between the organisation (the data controller) and any party that acts as a data processor on their behalf. But what are Data Processing Agreements (DPAs), are they really necessary for you, what do they look like, and who needs to be involved from within your organisation? 

    Read More

    How to overcome the challenges of responding to DSARs

    Mar 5, 2020 3:43:52 PM / by PrivacyPerfect posted in DPO, Data Protection Officer, GDPR Reputation, gdpr, Netherlands, gdpr2020, DSAR

    Since the enforcement of the GDPR back in May 2018, organisations that process personal data within the EU & EEA are obligated to respond to a Data Subject Access Request (DSAR). DSARs are not new, however, the GDPR enforced a new set of new rules for the process. For instance, organisations today are required to respond within 30 days upon receiving a request. The tight time-frame and the process itself often poses challenges for organisations when responding to DSARs.

    Read More

    Companies and the Race for Compliance

    Dec 11, 2019 1:51:05 PM / by PrivacyPerfect posted in EU, GDPR Compliance, US, GDPR for SMEs, Small business GDPR, Medium business GDPR, DPO, Data Protection Officer, International GDPR, Reputation under GDPR, GDPR Reputation, GDPR For Tech Companies, gdpr 2019, Europe

    As we slowly enter 2020, during the year of 2019, numerous studies have been conducted with the objective to see just how far companies fare in regards to their GDPR compliance efforts. As fines and penalties are still being issued from various data protection regulators in their respectful countries, it may be suggested that companies, ranging from multinational corporations to SMEs, are still struggling to be fully compliant with the GDPR. In this blogpost, we take a look at several key studies done by various types of organisations, the numbers in their findings, and how it all shapes the race for compliance.

    Read More

    Brexit Postponed, Not Cancelled - How to Keep Sharing Data After Brexit?

    Nov 15, 2019 10:07:16 AM / by Timelex posted in EU, DPO, Data Protection Officer, Data Transfer, International Data Transfer, International GDPR, GDPR Reputation, GDPR For Tech Companies, gdpr, gdpr 2019, Europe, Brexit, Britain

    The EU agreed to further postpone Brexit until 31 January 2020, the so-called “withdrawal date”. Before such date there will be parliamentary elections in the UK on 12 December 2019.

    In terms of data protection, the UK will eventually become a third country in case of a Brexit, meaning that an organisation established in the EEA should implement an adequate data transfer mechanism to share personal data with other organisations in the UK, such as other group offices or service providers. The new postponement gives companies some extra time to look at the possible data transfer mechanisms for implementation after the withdrawal date. Even in case of yet another postponement thereof, sooner or later the UK will become a third country.

    In this blog, Timelex will explain the data transfer possibilities in more detail.

    Read More

    Data Transfers: In & Out of the EU

    Nov 1, 2019 10:22:06 AM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, DPO, Data Protection Officer, Data Transfer, International Data Transfer, Reputation under GDPR, GDPR For Tech Companies, GDPR for Marketers, GDPR Summary, gdpr 2019

    International data transfers play a vital role for data driven businesses and organisations. As processes have become but a few clicks away and the digital world continues advancing, organisations must take the appropriate measures to ensure protection over their data and the data subjects. The EU’s GDPR aims to protect personal data, and provides strict obligations and standards that every organisation should take when dealing with international data transfers. Below are key points for organisations to consider upon doing international data transfers from and to the EU.

    Read More

    A Cautionary Tale: The Brief Look Into the Future of Personalisation

    Oct 24, 2019 5:26:39 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Data Processing, Data Security, DPO, Data Protection Officer, GDPR Reputation, GDPR For Tech Companies, Data Consent, Consent, Cookies, Marketing under GDPR, gdpr, gdpr 2019

    It’s a rainy Thursday morning and I’ve just got into my driverless cab. I’d usually miss it, but because the cab now knows the average time I take to get ready, there is no actual way I could miss one. It knows where I need to go, what time I need to be there and also the preferred route I want, all through a 0.2 second scan of my thumb’s fingerprint. During my ride, I listen to the playlist made for me specially for this Thursday. It was made instantly as I typed in the first two words that came to my mind this morning. It can be any literally any word, isn’t that fun? It knows what music I want to listen to, the length of the songs I like, the mix of genres I prefer, and it also predicts the exact moments I would get bored of the song and automatically removes it from the playlist - only to replace it with an absolute banger of a song I was thinking about giving a listen to. 

    Read More

    Discounts & Data: GDPR for Retailers

    Oct 17, 2019 6:07:01 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, GDPR Software, DPO, Data Protection Officer, Personal Data, International GDPR, Data Controlling, GDPR Reputation, Data Consent, Cookie, Consent, Marketing, Marketing under GDPR, GDPR Summary, DPIA, gdpr 2019, Europe, DPA, Netherlands

    What does the GDPR really mean for you as a retailer? Well, as is often the case with a subject like privacy: it depends. After you’ve determined that the GDPR is applicable because personal (identifying) data is involved, let’s take a look at today’s retail business operations and what it entails. We will go through specific aspects of direct marketing, e-commerce habits, and even efforts made for compliance offline, to get a better understanding of what the GDPR means for retail.

    Read More

    How to overcome the challenges of conducting a DPIA

    Sep 19, 2019 10:39:46 AM / by PrivacyPerfect posted in EU, GDPR Compliance, Compliance, Data Processing, Data Security, DPO, Data Protection Officer, Personal Data, Data Controlling, GDPR Reputation, Data Consent, Data Assessment, gdpr, DPIA, gdpr 2019, Europe, DPA

    Conducting a DPIA is often seen as a rather challenging task. But, there are ways still to make it a little easier.  We have highlighted the steps to get through conducting a DPIA in the least painless way possible. We’ve put down aspects from pre-assessment elements, through overcoming the struggles of getting support and involving key players, to how you can cut through the edges and simplify processes.         

    Read More

    11 DPIA-triggers explained by Hollywood blockbuster movies

    Aug 1, 2019 4:31:46 PM / by PrivacyPerfect posted in Data Privacy, Data Protection, DPO, Data Protection Officer, GDPR Compliance Program, gdpr, DPIA

    We have now introduced a new DPIA module within our software. Besides all the serious stuff in and around it, we wanted to do something more in line with the time of year: summer, vacation, relaxation and fun. So we matched movie fragments with each of the eleven DPIA triggers that were issued by the European Data Protection Board. Seen all these movies? Relive the excitement. Never seen any of them? Check out the fragments and see if they’re worth a search on Netflix.

    Read More

    Comparing CMS’s from a privacy perspective: WordPress vs Drupal vs Joomla vs HubSpot

    Jul 25, 2019 11:57:06 AM / by PrivacyPerfect posted in EU, DPO, Data Protection Officer, Data Consent, GDPR Compliance Program, Consent, Cookies, Marketing, Marketing under GDPR, GDPR for Marketers, CMS, gdpr, joomla, hubspot, wordpress

    You, or your company, want to build a website. Maybe you already have one, but want to start using a Content Management System (CMS), or switch to another from your current one. Here’s a refresher on what a CMS is: it’s a software content system that enables you to create and modify digital content, such as website pages. A few well-known CMS examples that we will touch on in this post are Wordpress, Joomla, Drupal, and HubSpot.

    Read More
      harmas_Rajztábla 1-1
      Keep informed!
      Sign up to the Weekly GDPR Digest now.