21.06.2019

The Internal Privacy Guideline - Tips for the setup

An internal data protection guideline should be established by each controller who processes personal data. The policy is an important part of the data protection management system and must meet some criteria. We give a brief overview of the most important points.

Read more

21.06.2019

How to use the common recruiting tools privacy compliant?

Many companies use recruiting tools in their employee selection process. However, these tools are often not used in compliance with data protection regulations. We briefly summarize what is important to consider when using recruiting tools.

Read more

21.06.2019

Email marketing under GDPR: the so-called "spam prohibition"

Email marketing has been a strongly discussed topic since the entry of the GDPR. Surprisingly, the GDPR has essentially no changes to the old law for email marketing and is overlaid by other legislation. This field is covered by the ePrivacy Directive from 2002 and the national legislation based on...

Read more

21.06.2019

Recommendation on the handling of identity cards issued by the State Commissioner for Data Protection of North Rhine-Westphalia

There is great uncertainty among companies as to when the identity card may be copied. The State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI NRW in German) has issued a recommendation on the use of the identity card (available only in German) with case...

Read more

17.05.2019

Data protection conference position paper - Legitime Interest Assessment when processing data under Art. 6 Abs. 1 lit. f GDPR

At the end of March 2019, the German Data Protection Conference published a supplement to the position statement on the applicability of the Telemedia Act for non-public bodies as from 25 May 2018 (available only in German). At the same time, the supplement serves as an orientation guidance for the...

Read more

17.05.2019

Poland: First GDPR fine triggers controversial discussions

The first GDPR fine was imposed in Poland on the Polish subsidiary of Bisnode AB, a joint-stock company operating throughout the EU. This fine triggered many controversies, with expert opinions and press reports diverging widely. 

Read more

17.05.2019

Data protection conference: Facebook Fanpage operation violates the data protection law

The data protection conference has again published a position paper (available only in German) that declares the operation of Fanpages illegal. The Fanpage operators therefore share responsibility for Facebook pages. For this reason, special agreements have been concluded with Facebook.

Read more

17.05.2019

TOMs - the new password guideline: expiring passwords no longer recommended

Password security is one of the central topics of technical and organizational measures. Login with user name and password is the most common method for authentication. 

Read more

29.03.2019

Facebook Custom Audience - Possibilities of use and notice for the privacy policy

One possibility to use Facebook as a company is the Custom Audience function. A distinction must be made between two possible implementations of Facebook Custom Audience

Read more

29.03.2019

Brexit & data protection

New Brexit decision: The European Union and Great Britain recently agreed to postpone Brexit until at least 12 April. It is still unclear how it will continue with regards to the data protection law. Here is a summary of the possible developments.

Read more

Avez-vous des questions ou des recommandations pour nous?

Nous sommes ravis de recevoir vos commentaires.