Nowadays, most organisations and businesses use web analytics tools. And in fact, the concern is not the use of these tools, is how they work, since they use cookies or similar technologies require consent before any processing takes place. WHAT IS A WEB ANALYTICAL TOOL? “A web analytical tool refers to a combination of (a) […]
Read More
This article explores the use of consent to store information or access to storage of information on an end user’s terminal equipment. However, keep in mind that the last amendments to the ePrivacy Directive analyses other grounds for data processing, other than consent. WHAT IS CONSENT? Consent is a legal base by which a person can agree […]
Read More
All-natural persons whose personal data is processed by a Data Controller (DC) or Data Processor (DP) within the territorial scope of the GDPR, are Data Subjects and hence entitled to these rights. The DC is responsible for allowing data subjects to exercise their rights and to ensure that they can make effective use of them. […]
Read More
The principles are set in article 5 of the GDPR and enshrined thorough all the Regulation, and they apply to every personal data processing activity. As the cornerstone of the Regulation, they should be kept in mind when interpreting the rights and duties established in the GDPR. Lawfully, Fairly and Transparent Lawfully refers to […]
Read More
. The data processor (DP) is the one that processes personal data for the account, on instruction and under the authority of the Data Controller (DC)-other than the employee of the DC. It can be a natural or legal person, public authority, agency or another body.
Read More
The Data Controller (“DC”) is the one who, alone or jointly, determines the purpose and means of the processing of personal data; in other words, is the one who decides why other’s personal data is processed and how it would be processed; therefore, is regulated under the GDPR and it is abided by its rules. […]
Read More
To secure data from internal and external threats, article 32 of the GDPR, provides the following points to be considered in choosing a data protection solution: The state of the art refers to the latest technology available; The cost of implementation refers to the price to use such data security. The best solution will not […]
Read More
Transborder data flow is a transfer of personal data to a recipient who or which is subject to a foreign jurisdiction. For instance, a simple email containing personal data is sent to a group internal email address, which includes addresses located outside the EU*, already forms an international data transfer. (Art.44 GDPR) So, first, it is […]
Read More
Many non-EU jurisdictions are in the process of drafting or updating their data protection regulations. Since, if a third country is considered as offering an adequate level of protection, this will allow the free flow of EU Personal Data without the implementation of additional safeguards.
Read More
Once the GDPR enters into force, the Binding Corporate Rules (BCRs) will be explicitly recognized as mechanism adducing appropriate safeguards to the transfer of personal data outside the EU. This new inclusion, not only recognizes the use of BCRs for the transfer of personal data within a corporate group but also allow it to a […]
Read More