Remove category general
article thumbnail

Europe: CJEU decision – Right of access to individual recipients of personal data

DLA Piper Privacy Matters

On 12 January 2023, the European Court of Justice (“ CJEU ”) delivered its judgment regarding the right of access to personal data under Article 15 GDPR. The CJEU held that when exercising their right of access under the GDPR, data subjects must be provided with the individual data recipients of their personal data.

article thumbnail

Indiana Likely to Become Seventh State to Enact a Comprehensive State Privacy Law

Hunton Privacy

SB 5’s protections would apply to residents of Indiana who act for a personal, family or household purpose, with express exemption for individuals acting in a commercial or employment context.

Privacy 132
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New Hampshire Becomes 15th State to Enact a Comprehensive State Privacy Law

Hunton Privacy

The thresholds are closer to those of, e.g. , Delaware’s Personal Data Privacy Act (H.B. Controller Obligations Similar to most of the comprehensive state privacy laws, SB 255 contains fundamental data minimization, purpose limitation and data protection requirements.

Privacy 120
article thumbnail

Privacy notices – the ICO follows the lead of the EU data protection authorities in their interpretation of Article 13 UK GDPR

Data Protection Report

Whilst a significant part of the MPN is focussed on TikTok’s non compliance with the rules around processing children’s personal data, the MPN also clarifies how the ICO interprets the requirements in Article 13 of the UK GDPR more generally. Where a generic email address (e.g.

Privacy 97
article thumbnail

New Jersey Becomes 14th State to Enact a Comprehensive State Privacy Law

Hunton Privacy

In line with the CCPA and other state privacy laws, the New Jersey law broadly defines “sale” as the disclosure of personal data to a third party for “monetary or other valuable consideration.” The law also requires controllers to specify the express purposes for which personal data is processed.

Privacy 97
article thumbnail

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

Privacy and Cybersecurity Law

On July 5, 2021, the Italian supervisory authority (“ Garante ”) published an injunction against a company operating a food delivery app (“ Company ”) over the processing of riders’ personal data with respect to the use of algorithms for the management of the orders. Retention period. The need for a DPIA.

article thumbnail

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

Hunton Privacy

On April 12, 2022, Colorado Attorney General Phil Weiser made remarks at the International Association of Privacy Professionals Global Privacy Summit in Washington, D.C., where he invited stakeholders to provide informal public comments on the Colorado Privacy Act (“CPA”) rulemaking.

Privacy 110