Blog

Data protection digest 18 Apr – 2 May 2025: data controller obligation to monitor deletion or return of personal data held by the processor

Posted on May 5, 2025May 5, 2025 by Olya Vasylyk Category:Data Protection Digest

Data controller obligation Upon termination of a processing agreement, the controller is obliged to monitor the deletion of personal data held by the processor. Such was a ruling by the Higher Regional Court of Dresden, Germany, closely looked at by a DLA Piper analysis. The plaintiff was a user of the online music streaming service […]

Preparing for the CIPP/E Exam: Tips and Best Practices

Posted on April 29, 2025April 29, 2025 by Edda Pernice Category:CIPP/E

As data protection compliance remains an area of importance across industries, the CIPP/E credential is one of the most recognized benchmarks for privacy professionals working with European data protection laws, in particular the General Data Protection Regulation (GDPR). In order to gain the qualification, the International Association of Privacy Professionals (IAPP), requires one to first […]

Data protection digest 3 – 17 Apr 2025: Meta AI training restarts in Europe, virtual assistants vs data privacy

Posted on April 18, 2025April 18, 2025 by Olya Vasylyk Category:Data Protection Digest

Meta AI training in EEA According to the Norwegian regulator Datatilsynet, Meta will start training its AI service on photos, posts and comments from Facebook and Instagram users in the EEA at the end of May 2025. The purpose of the training is to develop and improve Meta’s generative AI services, based on users’ content […]

What to Expect When Taking the CIPP/E Certification Exam

Posted on April 9, 2025April 9, 2025 by Edda Pernice Category:CIPP/E, GDPR

If you’re exploring a career in data protection or want to deepen your understanding of the EU’s General Data Protection Regulation (GDPR), you’ve likely heard of the CIPP/E certification exam. Offered by the International Association of Privacy Professionals (IAPP), this certification is a recognized benchmark for professionals in European data protection law. It is highly […]

Data protection digest 18 Mar – 2 Apr 2025: 23andMe bankruptcy case, digital spring cleaning

Posted on April 4, 2025April 8, 2025 by Olya Vasylyk Category:Data Protection Digest

23andMe genetic data The 23andMe genetic company filed for bankruptcy in the US after struggling with weak demand for its ancestry testing kits and a 2023 data breach that damaged its reputation, Reuters reports. US officials had questioned what would happen to the genetic data collected by 23andMe, although the company’s privacy policies state that […]

How does the GDPR govern retention periods for businesses?

Posted on April 1, 2025April 1, 2025 by AJ Richter Category:GDPR

The General Data Protection Regulation (GDPR) establishes clear guidelines to prevent unnecessary data storage and ensure that personal information is retained only for as long as it serves a legitimate purpose. Storage limitation requires that companies justify and set our data retention periods while considering all legal obligations. Navigating legal requirements and transforming them into […]

AI Age Verification: Big Tech’s Risky Fix for GDPR Violations

Posted on March 25, 2025March 25, 2025 by Edda Pernice Category:Artificial Intelligence, GDPR

One-third of GDPR fines being related to the misuse of children’s data. Big tech companies are yet to implement appropriate measures to safeguard them. In response, major platforms like Google and TikTok are planning to use AI age verification to deduce the age of their users. This is done by deducing their age based on […]

Data protection digest 3-17 Mar 2025: Combining FRIA with DPIA is possible, but not once the development of an AI system has begun

Posted on March 19, 2025March 19, 2025 by Olya Vasylyk Category:Data Protection Digest

FRIA and DPIA: Before deploying a high-risk AI system, the organisations shall assess the impact that the use of such a system may have on fundamental rights, explains the Croatian data protection regulator AZOP. For this purpose, private and public entities shall carry out an assessment containing: If both a FRIA and a DPIA need […]

Self-Hosting AI: For Privacy, Compliance, and Cost Efficiency

Posted on March 12, 2025March 12, 2025 by AJ Richter Category:Artificial Intelligence, Technical

Self-hosting AI models is the future of privacy and compliance. By hosting AI models on personal hardware, individuals and businesses can improve data security while meeting strict regulations like the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). Most people use hosted artificial intelligence (AI) services such as ChatGPT […]

Data protection digest 16 Feb – 2 Mar 2025: Data Act to strengthen EU digital market, vigilance over US data transfers

Posted on March 4, 2025June 11, 2025 by Olya Vasylyk Category:Data Protection Digest

The Data Act is almost here In February, the European Commission published a set of updated technical FAQs on the implementation of the legal provisions of the Data Act, applicable as soon as of 12 September 2025. It enhances data sharing and enables a fair distribution of data value by establishing clear rules related to […]

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Contact Us

Thank You!

Thank You!