Introduction The usual assumption of most US businesses is, “the GDPR is an EU regulation, hence it does not impact my organisation.” This belief results most often in unnecessary risk. The US equivalent of this misconception would be a company registered in Texas thinking its services don’t fall under the scope of the CCPA. The […]
Tag: EU-US data transfer
EU-US data transfer involves moving personal data between the EU and US. GDPR compliance requires safeguards like the EU-US Data Privacy Framework to ensure data protection. We have also written blog articles about the EU-US Data Privacy Framework. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Feel free to reach out to TechGDPR directly to learn more!
EU-US data transfer involves moving personal data between the EU and US. GDPR compliance requires safeguards like the EU-US Data Privacy Framework to ensure data protection. We have also written blog articles about the EU-US Data Privacy Framework. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Feel free to reach out to TechGDPR directly to learn more!
Data protection digest 19 Jan – 2 Feb 2026: New PETs guide, Digital identities ecosystem & employees’ surveillance fine
Privacy Enhancing Technologies (PETs) The Israeli data protection authority published a technical guide to Privacy Enhancing Technologies, available in English. PETs are a diverse family of methods, processes, and digital tools that are appropriate for different stages in the information life cycle: Stay up to date! Sign up to receive our fortnightly digest via email. […]
GDPR Compliance for AI: Managing Cross-Border Data Transfers
Artificial intelligence (AI) is based on large and varied datasets to train models and enhance functionality. Though AI often works across borders, data protection regulations such as the EU General Data Protection Regulation (GDPR) impose stringent controls on transferring personal data abroad. The question is evident: how do businesses employ global AI systems and continue […]
Data protection digest 16 Feb – 2 Mar 2025: Data Act to strengthen EU digital market, vigilance over US data transfers
The Data Act is almost here In February, the European Commission published a set of updated technical FAQs on the implementation of the legal provisions of the Data Act, applicable as soon as of 12 September 2025. It enhances data sharing and enables a fair distribution of data value by establishing clear rules related to […]
Data protection digest 1-15 Jan 2025: mobile app permissions should work in conjunction with consent requirements – CNIL
Mobile app permissions Technical permissions in mobile app are very useful for privacy, explains the French regulator CNIL. They allow users to block access to certain data technically. However, these permissions are not designed to validate users’ consent, within the meaning of the GDPR. Even when consent is required, a simple request for permission does […]
Data protection digest 18 Aug – 2 Sep 2024: Swiss-US data transfers, BCR guide, Clearview AI fine
In this digest issue, we explore the latest Clearview AI fine, the secure Swiss-US data transfers, the data controller’s violation of the GDPR as subject to collective actions, the privacy risks of e-shop apps, and a new privacy policy generator and BCR monitoring tool. Stay up to date! Sign up to receive our fortnightly digest […]
Data protection digest 5-19 Jul 2024: LLMs and personal data, social media monitoring, differential privacy
In this issue we highlight SOCMINT as a new standardised procedure, data processing in LLMs and supported AI systems, an updated standard data protection model, third-party tracking technologies in health and care, and much more. Stay up to date! Sign up to receive our fortnightly digest via email. LLMs and personal data The Hamburg Data […]
Data protection digest 18 Apr – 02 May 2024: EU-US redress mechanism and European Health Data Space taking shape
As part of the new EU-US redress mechanism, data subjects in the EU/EEA will have access to specific complaint forms in the event that they suspect violations regarding their data transferred to the US, whether related to commerce or unlawful access to it by signals intelligence activities. Stay tuned! Sign up to receive our fortnightly […]
Data protection digest 16 Nov – 1 Dec 2023: APIs methodology, customer data minimisation, and digital mobility observatory
In this issue, you will find data protection solutions for complex data-sharing projects for both public and private actors, such as the latest APIs methodology, as well as a variety of official guidance on how to comply with GDPR requirements when it comes to innovation, research, digitisation and digital business development. Official guidance APIs methodology: […]
Data protection digest 2 – 17 October 2023: DPOs duties and methodology should be clarified – latest study
This issue highlights DPOs duties in the context of ongoing compliance with the GDPR, and the continuing saga of the US adequacy decision. Also of note are monitoring and privacy issues in the workplace. Official guidance DPOs duties: The Swedish data protection agency published the results of a coordinated investigation, initiated by the EDPB, on […]
Do you need support on data protection, privacy or GDPR? TechGDPR can help.
Request your free consultation