Exercises, Marketing and Personal data - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. Everything from email addresses to political opinions counts as personal data.

GDPR

GDPR Compliance Personal data Privacy

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

Hunton Privacy

APRIL 25, 2022

Data Protection Assessments (“DPA”) – The Department wants to clarify the form, content and circumstances of data protection assessments required by the CPA, and questions if it should follow any existing model, such as the EU General Data Protection Regulation, and acknowledge interoperability of DPAs conducted for another regime.

Privacy

Privacy Personal data Sales Compliance

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

DLA Piper Privacy Matters

SEPTEMBER 17, 2018

30 of 2018 on the Personal Data Protection Law (PDPL). It will provide individuals with rights in relation to how their personal data can be collected, processed and stored. The PDPL also imposes new obligations upon businesses to ensure that the personal data they collect is kept secure. REGULATION.

Personal data

Personal data GDPR Compliance Risk

EU: EDPB ISSUES GUIDELINES ON PROCESSING OF PERSONAL DATA THROUGH VIDEO DEVICES

DLA Piper Privacy Matters

JULY 23, 2019

The European Data Protection Board ( “EDPB” ) has published guidelines on the processing of personal data through video devices (the “ Guidelines “) (currently subject to a public consultation process). technical and organisational measures required for such data processing.

Personal data

Personal data GDPR Access Marketing

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR

GDPR Compliance Personal data Privacy

Funding for Cybersecurity Startups Plunges – But Some Still Get Deals

eSecurity Planet

JULY 27, 2023

” See the Top Cybersecurity Startups What It Takes To Win in the Current VC Market Venture investors like to say they focus on the long-term, but they tend to turn cautious when markets fall. Here are some of the factors that venture investors are looking for in the current market. This time is no different.

Cybersecurity

Cybersecurity Marketing Cloud Artificial Intelligence

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. Reassuringly, the PDPL does not contain any major divergences from other well-known data protection regimes, including the GDPR. What does the PDPL cover and who does it apply to? Definitions. Territoriality. Exceptions.

Personal data

Personal data Data breaches GDPR Compliance

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

Notification processes in the event of personal data breach. Subject to specific circumstances data controllers and processors may be required to conduct a privacy impact assessment. The Article 29 Working Party provides a very useful criteria for an acceptable data privacy impact assessment.

GDPR

GDPR Compliance Data collection Privacy

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. One key part of this record-keeping activity is to document the category of individuals (employees, customers, etc.) Where to begin with a data flow map? Formats (e.g.

GDPR

GDPR Personal data Risk Cloud

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

An exemption to the requirement to provide further fair processing information where personal data was collected directly from data subjects initially and is repurposed for research purposes later has also been identified, where to do so would involve disproportionate effort. Restrictions on nuisance calls will be tightened.

GDPR

GDPR Government Personal data Risk

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Introduction to Data Protection Laws. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

How to write a GDPR-compliant data subject access request procedure – with template

IT Governance

NOVEMBER 8, 2018

The EU’s GDPR (General Data Protection Regulation) gives data subjects the right to access their personal data from data controllers that are processing it and “to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing”.

GDPR

GDPR Access Personal data Compliance

The GDPR and the right to be forgotten

IT Governance

APRIL 30, 2018

The new data subject right allows, in certain circumstances, individuals to request that all information held about them is permanently erased. You have processed the personal data to offer information society services to a child. For the establishment, exercise or defence of legal claims.

GDPR

GDPR Personal data Archiving Compliance

Irish Data Protection Bill in Final Committee Stage Before the Irish Legislature

Hunton Privacy

MAY 22, 2018

Furthermore, the Bill specifies that processing children’s data for purposes of direct marketing, profiling or micro-targeting is an offense punishable by administrative fines. Sensitive Data : The Bill outlines circumstances additional to those of Article 9 of the GDPR where the processing of special categories of data is permitted.

GDPR

GDPR Personal data Marketing Insurance

BELGIUM: Belgian DPA reveals its strategy for the next 5 years.

DLA Piper Privacy Matters

FEBRUARY 11, 2020

Adequate security and the re-use of data are of special importance to the BDPA; Public authorities , due to the large amount of (sensitive) data they process. Data minimisation and purpose limitation are mentioned specifically. health data, biometric data,…) and, if so, make sure it is processed lawfully.

IT

IT GDPR Compliance Personal data

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The GDPR applies to entities that are established in the EU, as well as entities not established in the EU that process the personal data of persons located in the EU in the context of either (i) offering goods or services to persons in the EU, or (ii) monitoring the behavior of persons in the EU.

GDPR

GDPR Privacy Personal data Sales

EU: Binding Corporate Rules are Generating Greater Interest

DLA Piper Privacy Matters

OCTOBER 16, 2019

Multinationals increasingly turning to BCRs as providing more legal certainty for personal data transfers from the EU. The EU General Data Protection Regulation (“GDPR”) brought about stricter data protection rules, and increased penalties for breaching these rules. Following market leaders.

GDPR

GDPR Personal data Marketing Healthcare

GDPR Italian Implementing Decree Has Been Published

HL Chronicle of Data Protection

SEPTEMBER 14, 2018

The provisions relating to specific processing of personal data (e.g. Until then, previously issued measures will continue to apply, to the extent that such measures are compatible with the GDPR; The processing of judicial data is allowed only when authorized by the law or by a regulation (the Decree indicates some relevant areas).

GDPR

GDPR Personal data Privacy Communications

European Commission Publishes Draft Data Governance Act

Hunton Privacy

DECEMBER 2, 2020

“Data” under the Data Governance Act means any digital representation of acts, facts or information and any compilation of the same, including in the form of sound, visual or audiovisual recording. Below are some key takeaways from the draft Data Governance Act: Re-Use of Protected Data by Public Sector Authorities.

Government

Government Personal data Compliance GDPR

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

Third, it creates a new category of businesses: those that voluntarily agree to be subject to the CCPA. Entities must annually buy sell, or share personal information of 100,000 consumers, not 50,000 as under the CCPA, to qualify as a business under the second prong of the test. New Rights for Sensitive Personal Information.

Privacy

Privacy B2B Sales Data breaches

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The GDPR applies to entities that are established in the EU, as well as entities not established in the EU that process the personal data of persons located in the EU in the context of either (i) offering goods or services to persons in the EU, or (ii) monitoring the behavior of persons in the EU.

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

The GDPR applies to entities that are established in the EU, as well as entities not established in the EU that process the personal data of persons located in the EU in the context of either (i) offering goods or services to persons in the EU, or (ii) monitoring the behavior of persons in the EU.

GDPR

GDPR Privacy Personal data Sales

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

On November 14, 2013, the Minister of the Malaysian Communications and Multimedia Commission (the “Minister”) announced that Malaysia’s Personal Data Protection Act 2010 (the “Act”) would be going into effect as of November 15, marking the end of years of postponements. The law imposes a number of generally applicable principles.

Personal data

Personal data Marketing Communications Insurance

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

sending marketing emails in waves). 1) Category of infringement under Article 83(4) – (6) GDPR. Categories of personal data affected (e.g. Where a subsidiary is directly or indirectly wholly or almost wholly owned by the parent company, the rebuttable presumption is that the parent exercises decisive influence.

GDPR

GDPR Compliance Personal data IT

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

7 key stages of the data protection impact assessment (DPIA)

IT Governance

SEPTEMBER 4, 2019

2 ) Large-scale use of sensitive data : “(b) processing on a large scale of special categories of data referred to in Article 9(1), or of personal data relating to criminal convictions and offences referred to in Article 10”. The nature of the processing is what you plan to do with the personal data.

Personal data

Personal data GDPR Risk Access

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is particularly important and potentially consequential requirement for organizations to undertake given GDPR’s expansive jurisdiction to impose onerous fines and its exercise of corrective powers. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. DPAs have also published guidance around specific local law requirements. Be one step ahead.

Privacy

Privacy GDPR Data breaches Risk

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

The CCPA officially went into effect on January 1, 2020, impacting over 40 million California residents and thousands of businesses who use personal information (PI) around the globe. Consumers can ask businesses what categories of their PI is being collected. Businesses must provide clear notice about categories of PI it collects.

Data Privacy

Data Privacy Privacy Government Compliance

ITALY: New GDPR Guidelines from the Italian data protection authority

DLA Piper Privacy Matters

APRIL 9, 2018

As already provided by the current regime, any type of processing of personal data needs to have a legal basis justifying it. An explicit (but no longer written) consent is required with reference to the processing of sensitive data (e.g. In particular, among others, with reference to.

GDPR

GDPR Personal data Privacy Data breaches

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. DPAs have also published guidance around specific local law requirements. Be one step ahead.

Privacy

Privacy GDPR Data breaches Risk

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The European Commission Fact Sheet and Q&A includes statistics that nine out of ten Europeans have expressed concern about mobile apps collecting their data without their consent, and seven out of ten worry about the potential use that companies may make of the information disclosed. Challenge #1.

GDPR

GDPR Personal data Compliance Data breaches

FRANCE: A new phase in European privacy law enforcement – CNIL fined Google LLC 50 million euros!

DLA Piper Privacy Matters

JANUARY 24, 2019

The scope of the investigation was the processing of personal data by Android as governed by the privacy policy made available to the user when creating an account to configure its mobile equipment. which may reveal sensitive data ( e.g. center of interests, life style, tastes, opinions, etc.)

Privacy

Privacy GDPR Personal data Compliance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Consumers will be permitted to request that a business disclose both the categories and specific pieces of the personal information collected. Consumers will be permitted to request that a business delete personal information it has collected about the consumer, including all data in the possession of the businesses’ vendors.

Privacy

Privacy Sales Compliance Cybersecurity

And then there were five: CCPA amendments pass legislature

Data Protection Report

SEPTEMBER 17, 2019

The way it was phrased in its current form, it could have been read to mean businesses must disclose the specific pieces of personal information that was collected in the privacy policy itself, which did not make sense. – § 1798.115. – § 1798.120. – § 1798.130. – § 1798.140.

B2B

B2B Privacy Communications Encryption

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Consumers will be permitted to request that a business disclose both the categories and specific pieces of the personal information collected. Consumers will be permitted to request that a business delete personal information it has collected about the consumer, including all data in the possession of the businesses’ vendors.

Privacy

Privacy Sales Education Compliance

EU data governance regulation – A wave of digital, regulatory and antitrust reform begins – Part Two

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. In what situations would the DGR apply to data sharing arrangements? Requirement to notify.

Government

Government Personal data GDPR Access

EDPB Published Guidelines on the Targeting of Social Media Users

Hunton Privacy

SEPTEMBER 16, 2020

The EDPB highlights in particular that: Both joint controllers must be able to demonstrate the existence of a legal basis justifying the processing of personal data. Duty to carry out a Data Protection Impact Assessment (“DPIA”) : Joint controllers are both responsible for assessing whether a DPIA is required.

Personal data

Personal data GDPR Compliance Marketing

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

AB-825 : This bill amends California’s (1) data breach notification law (for both government agencies (Cal. Code Section 1798.82))and (2) data security law (Cal. SB-41 : This bill, effective January 1, 2022 , imposes a number of privacy and data security requirements on direct-to-consumer genetic testing companies.

Privacy

Privacy Insurance Security Data breaches

“Dark patterns?” EDPB draft guidance sets out its expectations on subliminal privacy eroding practices

Data Protection Report

MAY 3, 2022

The “dark patterns” highlighted in the Guidelines aim to influence users’ behaviour through content or visual presentation so that users make unintended and potentially harmful decisions regarding their personal data, for example, deciding to disclose more data than they otherwise planned or agreeing to limited protections of their data.

Privacy

Privacy IT GDPR Data collection

European Commission Releases First Report on Evaluation of GDPR

Hunton Privacy

JUNE 24, 2020

In its report, the Commission concludes that generally the GDPR has successfully met its objectives, namely those of strengthening personal data protection and guaranteeing the free flow of personal data within the EU. Data Subject Rights. Extra-Territorial Reach.

GDPR

GDPR Artificial Intelligence Blockchain Personal data

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. What are the objectives of the Data Governance Regulation?

Government

Government Personal data Marketing Artificial Intelligence

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Data is not just a resource for better marketing, better service and delivery. Data is used to build products themselves. It has become a cliché that data is the new oil. The rapid evolution of technology and growth in the digital economy has led to a vast increase in the availability and value of data.

GDPR

GDPR Personal data Government IT

GDPR compliance checklist

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

Trending Sources

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

EU: EDPB ISSUES GUIDELINES ON PROCESSING OF PERSONAL DATA THROUGH VIDEO DEVICES

How to implement the General Data Protection Regulation (GDPR)

Funding for Cybersecurity Startups Plunges – But Some Still Get Deals

UAE: Federal level data protection law enacted

Guest Post - Three Critical Steps for GDPR Compliance

How to comply with Article 30 of the GDPR

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

The Impact of Data Protection Laws on Your Records Retention Schedule

How to write a GDPR-compliant data subject access request procedure – with template

The GDPR and the right to be forgotten

Irish Data Protection Bill in Final Committee Stage Before the Irish Legislature

BELGIUM: Belgian DPA reveals its strategy for the next 5 years.

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

EU: Binding Corporate Rules are Generating Greater Interest

GDPR Italian Implementing Decree Has Been Published

European Commission Publishes Draft Data Governance Act

California Privacy Law Overhaul – Proposition 24 Passes

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Malaysian Data Protection Law Takes Effect

EDPB publishes guidance on calculating GDPR fines

California Enacts Broad Privacy Laws Modeled on GDPR

7 key stages of the data protection impact assessment (DPIA)

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

The Privacy Officers’ New Year’s Resolutions

California Enacts Broad Privacy Protections Modeled on GDPR

5 learnings from the “Meeting the CCPA Challenge” webinar

ITALY: New GDPR Guidelines from the Italian data protection authority

The Privacy Officers’ New Year’s Resolutions

GDPR is upon us: are you ready for what comes next?

FRANCE: A new phase in European privacy law enforcement – CNIL fined Google LLC 50 million euros!

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

And then there were five: CCPA amendments pass legislature

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

EU data governance regulation – A wave of digital, regulatory and antitrust reform begins – Part Two

EDPB Published Guidelines on the Targeting of Social Media Users

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

“Dark patterns?” EDPB draft guidance sets out its expectations on subliminal privacy eroding practices

European Commission Releases First Report on Evaluation of GDPR

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

The debate on the Data Protection Bill in the House of Lords

Stay Connected