GDPR

Adatvédelem mindenkinek / Data protection for everyone


GDPR fining policy issued by the Dutch Data Protection Authority

2019. március 18. 09:00 - poklaszlo

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) was the first data protection authority in the EU that has published a fining policy detailing the principles for setting administrative fines in specific cases. The impact of the fining policy issued by the Dutch Data Protection…

Tovább

E-mail encryption - How to meet GDPR requirements?

2019. március 04. 09:30 - poklaszlo

One of the biggest challenges in meeting data protection requirements is to translate the general principles and rules into concrete actions and daily routines. How much and what data is needed to achieve a particular purpose? How can we obtain the necessary consent? How can we provide proper…

Tovább

Mandatory data protection impact assessments

2018. április 11. 11:00 - poklaszlo

The General Data Protection Regulation (GDPR) is applicable from May 25, 2018 and, for this purpose, many data controllers must perform a data protection impact assessment (DPIA).  The obligation to perform a data protection impact assessment connects closely to the principles of data protection…

Tovább

Best practice recommendations from WP29 to comply with the GDPR

2018. március 19. 11:00 - poklaszlo

Article 29 Working Party (WP29) has published several guidelines under the GDPR and such guidelines contain recommendations regarding best practices that are regarded by the authorities as compliant with the requirements of the GDPR. In this post, I have collected such recommendations. 

Tovább

Pseudonymisation and anonymisation in the GDPR

2018. február 26. 13:00 - poklaszlo

Data protection rules such as the EU's new General Data Protection Regulation (GDPR) apply to personal data. But what does personal data mean? According to the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable…

Tovább

Setting of administrative fines based on the General Data Protection Regulation II

2017. december 15. 14:30 - poklaszlo

Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679 (GDPR) were published at the end of October by the Article 29 Working Party (WP 29). In my previous post, I have outlined the principles set out in the Guidelines. In this post, I give a…

Tovább

Setting of administrative fines based on the General Data Protection Regulation I.

2017. november 17. 14:00 - poklaszlo

Overview of the WP29 Guidelines on Administrative Fines

The high amount of the administrative fine, which can reach a maximum amount of EUR 20 million or, in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, makes it extremely important for data controllers and data processors to be prepared for…

Tovább