17.05.2019

Data protection conference position paper - Legitime Interest Assessment when processing data under Art. 6 Abs. 1 lit. f GDPR

At the end of March 2019, the German Data Protection Conference published a supplement to the position statement on the applicability of the Telemedia Act for non-public bodies as from 25 May 2018 (available only in German). At the same time, the supplement serves as an orientation guidance for the...

Read more

17.05.2019

Poland: First GDPR fine triggers controversial discussions

The first GDPR fine was imposed in Poland on the Polish subsidiary of Bisnode AB, a joint-stock company operating throughout the EU. This fine triggered many controversies, with expert opinions and press reports diverging widely. 

Read more

17.05.2019

Data protection conference: Facebook Fanpage operation violates the data protection law

The data protection conference has again published a position paper (available only in German) that declares the operation of Fanpages illegal. The Fanpage operators therefore share responsibility for Facebook pages. For this reason, special agreements have been concluded with Facebook.

Read more

17.05.2019

TOMs - the new password guideline: expiring passwords no longer recommended

Password security is one of the central topics of technical and organizational measures. Login with user name and password is the most common method for authentication. 

Read more

29.03.2019

Facebook Custom Audience - Possibilities of use and notice for the privacy policy

One possibility to use Facebook as a company is the Custom Audience function. A distinction must be made between two possible implementations of Facebook Custom Audience

Read more

29.03.2019

Brexit & data protection

New Brexit decision: The European Union and Great Britain recently agreed to postpone Brexit until at least 12 April. It is still unclear how it will continue with regards to the data protection law. Here is a summary of the possible developments.

Read more

29.03.2019

The ePrivacy Regulation through the back door: tracking only with consent?

Even at the end of the first quarter of 2019, there is no agreement on the ePrivacy Regulation in sight at European level: In the search for a compromise, the European Council has merely submitted new discussion papers. Meanwhile, it cannot be assumed that it will enter into force before 2020 and...

Read more

29.03.2019

European Court of Justice - mandatory opt-in for cookies?

The Advocate General at the European Court of Justice (ECJ) Maciej Szpunar considers an opt-in for cookies when visiting a website for mandatory (Opinion of 21.03.2019 - Ref.: C-637/17). The proceedings are based on a German legal dispute at the Federal Court of Justice (BGH) of Planet49 GmbH...

Read more

29.03.2019

SOS Data Breach - What to do?

Any irregularity in the processing of personal data may constitute a data breach or a data protection incident. The action to be taken will depend on the individual case. You should not hesitate to report this to the responsible supervisory authority, especially as it can even help to save your...

Read more

15.02.2019

Data breach reporting obligations of the processor

In the event of a data breach, the controller has to evaluate the potential risk for the data subjects involved as well as assess the necessity of a report to the data protection authority.  The decision on whether to notify the authority has to be taken by the controller - regardless of whether the...

Read more

Avez-vous des questions ou des recommandations pour nous?

Nous sommes ravis de recevoir vos commentaires.