Adatvédelem mindenkinek / Data protection for everyone

Drones and data protection

2019. június 28. 13:00 - poklaszlo

There are several legal aspects related to the use of drones, including a number of data protection issues. Although no comprehensive legislation has been enacted so far in Hungary, the Hungarian Data Protection Authority (Hungarian DPA) has, similarly to other data protection authorities,…


Data processing in the course of providing online services

2019. április 25. 09:00 - poklaszlo

Important new guidelines became available

Online services became part of our everyday life. The provision of online services, in almost all cases, goes hand in hand with data processing. On the one hand, we provide our data intentionally to the service providers when we decide to use services online but in other cases, data are collected…


GDPR fining policy issued by the Dutch Data Protection Authority

2019. március 18. 09:00 - poklaszlo

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) was the first data protection authority in the EU that has published a fining policy detailing the principles for setting administrative fines in specific cases. The impact of the fining policy issued by the Dutch Data Protection…


E-mail encryption - How to meet GDPR requirements?

2019. március 04. 09:30 - poklaszlo

One of the biggest challenges in meeting data protection requirements is to translate the general principles and rules into concrete actions and daily routines. How much and what data is needed to achieve a particular purpose? How can we obtain the necessary consent? How can we provide proper…


Mandatory data protection impact assessments

2018. április 11. 11:00 - poklaszlo

The General Data Protection Regulation (GDPR) is applicable from May 25, 2018 and, for this purpose, many data controllers must perform a data protection impact assessment (DPIA).  The obligation to perform a data protection impact assessment connects closely to the principles of data protection…


Best practice recommendations from WP29 to comply with the GDPR

2018. március 19. 11:00 - poklaszlo

Article 29 Working Party (WP29) has published several guidelines under the GDPR and such guidelines contain recommendations regarding best practices that are regarded by the authorities as compliant with the requirements of the GDPR. In this post, I have collected such recommendations. 


Pseudonymisation and anonymisation in the GDPR

2018. február 26. 13:00 - poklaszlo

Data protection rules such as the EU's new General Data Protection Regulation (GDPR) apply to personal data. But what does personal data mean? According to the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable…


Setting of administrative fines based on the General Data Protection Regulation II

2017. december 15. 14:30 - poklaszlo

Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679 (GDPR) were published at the end of October by the Article 29 Working Party (WP 29). In my previous post, I have outlined the principles set out in the Guidelines. In this post, I give a…


Setting of administrative fines based on the General Data Protection Regulation I.

2017. november 17. 14:00 - poklaszlo

Overview of the WP29 Guidelines on Administrative Fines

The high amount of the administrative fine, which can reach a maximum amount of EUR 20 million or, in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, makes it extremely important for data controllers and data processors to be prepared for…