Adatvédelem mindenkinek / Data protection for everyone

Bill regarding the amendment of the Hungarian Data Protection Act

2018. június 20. 08:00 - poklaszlo

A bill regarding the amendment of the Hungarian Data Protection Act was submitted to the Hungarian Parliament on June 19. The bill aims at the implementation of Directive 2016/680 and the amendment of the Hungarian Data Protection Act regarding the application of the General Data Protection…


Collection of national laws implementing the GDPR

2018. május 28. 11:00 - poklaszlo

Below, you can find a collection of national laws that are necessary for the enforcement of the GDPR. I will continously update this list. Last updated on 08.06.2018. If you need information regarding the status of the implementation in the EU Member States or look for some background information in…


5+1 misbeliefs regarding the application of the GDPR

2018. április 30. 11:00 - poklaszlo

The preparations for the application of the GDPR have come to its final phase, since the Regulation is directly applicable in all EU Member States from May 25. Despite the fact that the Regulation will soon become part of the daily practice, there are still many misunderstandings and myths…


Mandatory data protection impact assessments

2018. április 11. 11:00 - poklaszlo

The General Data Protection Regulation (GDPR) is applicable from May 25, 2018 and, for this purpose, many data controllers must perform a data protection impact assessment (DPIA).  The obligation to perform a data protection impact assessment connects closely to the principles of data protection…


Best practice recommendations from WP29 to comply with the GDPR

2018. március 19. 11:00 - poklaszlo

Article 29 Working Party (WP29) has published several guidelines under the GDPR and such guidelines contain recommendations regarding best practices that are regarded by the authorities as compliant with the requirements of the GDPR. In this post, I have collected such recommendations. 


Pseudonymisation and anonymisation in the GDPR

2018. február 26. 13:00 - poklaszlo

Data protection rules such as the EU's new General Data Protection Regulation (GDPR) apply to personal data. But what does personal data mean? According to the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable…


What are the binding corporate rules (BCRs)?

2018. február 12. 13:30 - poklaszlo

In connection with the operation of a group of companies, there is a very frequent need to transfer personal data within the company group, even when some of the group companies operate outside the EU. In cases where certain members of a group of companies operate in third countries for which there…


Achilles and Data Protection

2018. január 28. 23:00 - poklaszlo

or what does Zéno’s paradox tell us about GDPR compliance?

Each year, on January 28, the Data Protection Day is celebrated. Why on January 28? The reason is that the Council of Europe’s Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data was opened for ratification on that day in 1981. In 2018, data protection…


Transfers of personal data to third countries

2018. január 19. 13:30 - poklaszlo

When designing data processing activities, there is often a need to transfer the personal data to a third country (e.g. in order to carry out processing activities there). What should we do to transfer personal data to third countries lawfully? The GDPR contains relatively detailed rules on the…