Tag: DPIA

A Data Protection Impact Assessment (DPIA) is a mandatory requirement under Article 35 of the GDPR for controllers engaging in processing activities involving new technologies like AI, automated processing including profiling, large-scale processing of special categories of personal data, or systematic monitoring of publicly accessible areas (e.g., CCTV). DPIAs describe the processing activities, assess their necessity and proportionality, evaluate risks to the rights and freedoms of data subjects, and outline measures to mitigate those risks. As experienced a Data Protection Officer (DPO), TechGDPR can help to conduct comprehensive DPIAs using the ICO template and our proprietary risk matrix. Our services include full DPIA execution or support with reviews, typically requiring 10-15 hours.

Please contact TechGDPR directly to figure out how we can help with your DPIA needs.

Difference between Fundamental Rights Impact Assessment & Data Protection Impact Assessment

Through the AI Act, the EU seeks to ensure that AI systems used within the Union are safe and transparent. The EU AI Act provides a regulatory framework focusing on safeguarding fundamental rights, in relation to high-risk AI systems. Companies making use of AI, regardless of their size or industry, must now comply with the […]

Weekly digest 30 May – 6 June 2022:  secure multiparty computation, public procurement, voiceprints & privacy

TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: secure multiparty computation, public procurement, risk analysis, DPIAs The Spanish privacy regulator AEPD has published a tech-savvy blog post on Privacy by Design: Secure Multiparty Computation. It is possible to create federated data spaces, which avoid the communication and exposure of data […]

Weekly digest April 25 – May 1, 2022: class actions authorised in EU data protection cases

TechGDPR’s review of international data-related stories from the press and analytical reports. Legal processes and redress: consumer data class actions, digital content and services, CCPA & CPRA The ECJ ruled that consumer protection associations may bring representative actions against infringements of personal data protection. Such class actions may be brought independently of the specific infringement […]

Weekly digest March 14 – 20, 2022: smart contracts, AI bias, password managers & privacy

TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: smart contracts, DPOs, AI risk management, GDPR cooperation The Spanish data protection authority AEPD analyzed smart contracts. Smart contracts are algorithms that are stored in a blockchain and that execute automated decisions. The very nature of the smart contract, when applied to […]

Weekly digest February 21 – 27, 2022: the EU Data Act to facilitate use of digital economic data

TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: draft EU Data Act, AI liability rules The Commission proposed new rules on who can use and access data generated in the EU across all economic sectors. The EU Data Act will “ensure fairness in the digital environment, stimulate a competitive data […]

Weekly digest February 14 – 20, 2022: regulating the cloud in the EU, GDPR as a trusted asset

TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: cloud in the EU, cookie consent, AI standards, children’s data protection in California The EDPB has announced a coordinated investigation and enforcement probe on the use of the cloud in the EU by the public sector. Reportedly, the cloud uptake by enterprises […]

Weekly digest December 6 – 12, 2021: whistleblowers, gig-workers, cookiebots, software flows, DPIA for AI

TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress The EU Whistleblowing Directive is due to be implemented into national law by 17 December. It requires all EU Member States to implement legislation obliging all companies with 50 or more workers to put in place appropriate reporting channels to […]

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Request your free consultation