This year in May, the General Data Protection Regulation (GDPR) celebrates its fourth year of entry into force. Widely recognized as an ambitious European Union Privacy Regulation, the GDPR applies to the processing of personal data. Why does this legal framework exist and how can SMEs determine whether said privacy regulations are applicable to them?
Records of Processing Activities: Why the RoPA should be at the center of your privacy management efforts. As a GDPR compliant company, you should record every piece of personal data that is being processed. Processing personal data means not only collecting it, but also – amongst others - aggregating, analyzing, sorting, distributing, storing, viewing,… Continue reading Why the RoPA should be at the center of your privacy management efforts
Cybersecurity:A tale of Protecting your Castle Every week, we bump into new threats in our loved and indispensable digital world. Digitalization has taken over the world, which has many advantages, but also a lot of challenges. Sometimes it’s a big cyber-incident that causes a whole industry to be attacked and shut down. Other times,… Continue reading Cybersecurity: A Tale of Protecting Your Castle
A lot of organizations are struggling with international data transfers. Rules are strict, and companies can’t just transfer personal data from EEA data subjects outside of this region. Look at Google. Even they are in a tight spot with Google Analytics and Google Fonts after the Austrian Data Protection Authority (Datenschutzbehörde or DSB)… Continue reading How to: International Data Transfers
A Guide to Data Subject Right Requests (DSRR) Under the General Data Protection Regulation (GDPR), data subjects receive exercisable rights, giving them control over the processing of their personal data. These rights must be upheld by organizations that process personal data. For example, data subjects have a right to request rectification or erasure of their… Continue reading A Guide to Data Subject Right Requests (DSRR)
Records of Processing Activities: What is it and how to approach its development? What is a RoPA (or Record of Processing Activities)? Article 30 of the General Data Protection Regulation (GDPR) states that controllers and processors are required to maintain Records of Processing Activities, in short RoPA or “Records”. This obligation helps your company achieve… Continue reading RoPa: What is it and how to approach its development?