06.12.2019

Supervisory authorities against Google Analytics & Co.

Google Analytics and similar services only lawful with consent? In the press release of November 14, the State Commissioner for Data Protection of Lower Saxony points out the necessary consent of users to the integration of third-party providers of tracking tools who process personal data of users...

Lire la suite

06.12.2019

EDPS Guidelines on the concepts of controller, processor and joint controllership

On 7 November, the EDPS published a series of guidelines to help businesses determine whether they are controllers, processors or joint controllers. The guidelines also include easy-to-use checklists and a flowchart.

Lire la suite

06.12.2019

14.5 million Euro fine in Berlin due to missing deletion periods

In Berlin, the highest fine imposed to date in Germany since the GDPR came into force was imposed on Deutsche Wohnen SE - the largest private real estate owner in Berlin. The reason for the high fine is the lack of deletion periods for some sensitive tenant data. The following collected data, such...

Lire la suite

06.12.2019

DSK (German data protection conference) concept for setting fines in proceedings against companies

In June 2019, the Conference of Independent Federal and State Data Protection Supervisory Authorities (DSK) drew up a concept for the calculation of fines in proceedings against companies.

Lire la suite

06.12.2019

Data protection fine in Spain - over 30.000 Euro for an incorrect use of a cookie banner

The Spanish data protection authority has recently imposed a fine of 30,000 euro on the low-cost airline Vueling for a cookie banner that violates Spanish data protection law.

Lire la suite

07.10.2019

Fine proceedings of the Bavarian data protection authority against the use of website tracking?

The Bavarian data protection authority is apparently planning a fine proceeding against the use of website tracking and similar technologies on the basis of legitimate interest. In the opinion of the Bavarian data protection authority, in certain cases these tools may not be used on the legal basis...

Lire la suite

07.10.2019

Data protectors can demand the deactivation of Facebook fanpages

According to the ruling of the ECJ, fanpage operators and Facebook are jointly responsible for data processing of personal data. Data protectors can now demand the deactivation of Facebook fanpages, if data protection deficits are identified, according to a recent decision by the Federal...

Lire la suite

07.10.2019

Legal uncertainty with regard to online tracking: website operators receive warning notices

In August, an Austrian law firm began sending dozens of warnings to website operators on behalf of an Internet user. The letters claim that the prior consent of the user required for the use of tracking tools has not been obtained. In addition to the submission of a declaration of discontinuance,...

Lire la suite

07.10.2019

RIGHT TO BE FORGOTTEN: links don't have to be removed by Google worldwide

The right to be forgotten (Art. 17 GDPR) does not have to be implemented worldwide by search engine operators. The European Court of Justice has ruled that Google does not have to remove the links to websites worldwide that EU data subjects wished to be deleted.

Lire la suite

07.10.2019

Current CNIL recommendations on No-Deal Brexit

On 10th of September the French data protection authority CNIL published information on the effects of a no deal Brexit on the transfer of data from EU to Great Britain.

Lire la suite

Avez-vous des questions ou des recommandations pour nous?

Nous sommes ravis de recevoir vos commentaires.