Regulation Area

HomeRegulation Area

NIS2 summary

This is a summary of what the NIS 2 Directive is about and a high-level overview of the law and its implications for businesses. What...

Personal data breach – the essential guide

A personal data breach is a breach of security leading to accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of, or access to,...

― Advertisement ―

NIS2 summary

This is a summary of what the NIS 2 Directive is about and a high-level overview of the law and its implications for businesses. What...

More News

NIS2 summary

This is a summary of what the NIS 2 Directive is about and a high-level overview of the law and its implications for businesses. What...

NIS2 Supply Chain Security

A NIS2-covered entity must implement appropriate and proportional technical, operational and organizational measures to ensure supply chain security. NIS2 establishes standards for assessing NIS2...

Personal data breach – the essential guide

A personal data breach is a breach of security leading to accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of, or access to,...

Explore more

Supplemental protection to Standard Contracting clauses

Supplemental protection of the Standard Contracting clauses is an additional form of appropriate safeguards. They are important for being compliant with the GDPR in...

What does transparency in the GDPR mean?

The principle of transparency in the GDPR lays the foundation for a business’ communication with data subjects. The principle steers both which information you...

Audit Powers of the Data Protection Authority: How to Prepare

The Data Protection Authorities (“DPA”) in the EU Member States have the mission to work for the protection of human rights regarding the processing...

How GDPR Affects Recruitment

GDPR affects recruitment by changing how personal data can be collected, stored and used. It will be more difficult to process large volumes of...

Anonymization and GDPR compliance; an overview

Anonymization of personal data is the process of encrypting or removing personally identifiable data from data sets so that the person can no longer...

Necessary under the GDPR

Use of personal data is necessary for the performance of a contract, and/or for the performance of a public task when used in a...

Facial recognition in school fined

A public school in Sweden filmed the students to register class attendance. The school is fined with EUR 20 000. The use of facial...

Cookie consent must be an active choice (5 requirements from CJEU)

A new ruling in the Planet49 case by the EU Court of Justice (CJEU) states that internet users must actively give their consent to...

Retention Policy – An overview

A retention policy is a guide to personnel on how to manage the lifecycle of information from collecting to destroying data. Therefore, the policy...

What You Need to Know About GDPR Fines

Learn what you need to know about GDPR fines, as it is one of the most talked-about aspects of the GDPR. Below is a...

Security of Personal Data

Security of Personal Data can be achieved when the data is protected by the appropriate controls in relation to the sensitivity of the data....

Data Processing Agreement Basics

This article sets out the data processing agreement basics of responsibilities between two parties that share personal data as a by-product of their collaboration,...