Blog

Weekly digest November 8 – 14, 2021 “Privacy, DP, and Compliance news in focus”

TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress The EU commission warned Belgium about failing to ensure full independence of its data protection authority. The Commission considers that Belgium violates Art. 52 of the GDPR, which states that the data protection supervisory authority shall perform its tasks and […]

Weekly digest November 1 – 7, 2021 “Privacy, DP, and Compliance news in focus”

TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes China’s Personal Information Protection Law, PIPL, came into effect on November 1. It largely blends the EU (GDPR) and California (CCPA) privacy rules for the handling of personal and sensitive information, including different legal bases, as well as general principles for data processors, […]

Weekly digest October 25 – 31, 2021 “Privacy, DP, and Compliance news in focus”

TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress The Administrative Court of Dusseldorf clarified a non-retroactive applicability of the GDPR. In 2016, charges were brought against the plaintiff, a decades-long civil servant for the police and secret services, for tax evasion followed by an alleged disclosure by the […]

Bring your own device and data protection

What constitutes “bring your own device” (BYOD) and what risks to GDPR compliance does it introduce? Bring your own device allows employees to use their own devices (smartphones, tablets, laptops) in the workplace but also allows them to access corporate tools from these devices. This means they are likely to carry corporate information or confidential […]

How to use legitimate interest under the GDPR?

How does the GDPR define legitimate interest? Does the legitimate interest legal base cover company interests only or can it also include third parties interests? There is no precise definition under the GDPR of what constitutes a legitimate interest and this precisely opens the room for a controller to argue that certain business activities, for […]

International Transfers of Personal Data after the Schrems II ruling

On July 16, 2020, the top court of the European Union (CJEU) issued a groundbreaking ruling on the so-called “Schrems II” case concerning  international transfers of personal data from the European Union. It was meant to deal mostly with transfers to the main EU commercial partner – the United States – but turned out to […]

A Comparison of POPIA and GDPR in Key Areas

South Africa’s Protection of Personal Information Act (POPIA) will see its final sections go into effect on 30 June 2021. Furthermore, parties subject to POPIA must be fully compliant with the guidelines by 1 July 2021. A number of them may have a head start if they already adhere to established data protection guidelines such […]

HIPAA, the GDPR and MedTech

There are different regulations on how medical data can be processed and stored in different nations. If your company operates in the MedTech sector in the Western world most likely you have at least heard of HIPAA or the GDPR. This article aims at analysing how both legislations relate to healthcare. The article is particularly […]

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Request your free consultation