Resources

Keeping track of how your company uses personal data may sound complicated, but under the GDPR it’s required for most […]

Data Protection Agreement What is a Data Processing Agreement (DPA)? A DPA is a contract between a controller and a […]

Privacy certification is one of the most effective ways for professionals and DPOs to strengthen their skills, build credibility, and […]

Is Pseudonymised Data Personal Data? Understanding the fine line between pseudonymised data and personal data is more crucial than ever. […]

The European Union is taking a bold step to protect minors online. From 2025, EU children’s data protection rules will […]

Press release The European Commission’s latest guidelines introduce additional restrictions for developers of online platforms and services that are used […]

Top 5 Myths About the EU AI Act — Expert Advice from GDPR Register’s CEO EU AI Act – Top […]

EU AI Act – Top 5 Myths Starting August 2, general-purpose AI systems must comply with the transparency obligations of […]

GDPR Fines in 2025: In the first half of the year, companies were hit with record-breaking fines for violations of […]

GDPR fines hit €3 billion in 2025. Learn what went wrong at Meta, Amazon & TikTok—and what every DPO must […]

Lesson 1: Privacy Isn’t Optional — It’s a Safety Issue In the SportAdmin breach, attackers gained access to a database […]

Key Takeaways on AI Compliance and the Role of Privacy Professionals The GDPR Register webinar brought together privacy professionals and […]

The General Data Protection Regulation (GDPR) establishes the requirement for certain organizations to appoint a Data Protection Officer (DPO). The […]

Environmental, Social, and Governance (ESG) compliance has evolved into a critical factor in corporate sustainability. Investors, regulators, and customers now […]

In today’s globalized business environment, data flows across borders are essential—but they must be secure and compliant with the General […]

Google reCAPTCHA is a popular tool that protects websites from spam and abuse by distinguishing between humans and bots. But […]

The General Data Protection Regulation (GDPR) places significant emphasis on securing personal data, particularly in Articles 32-34, which outline requirements […]

Biometric data is classified by the GDPR as a special category of personal data, subject to enhanced protection. This means […]

Every so often, viral posts resurface on Facebook and Instagram declaring: “I do not allow Meta to use my data, […]

Netflix is at the centre of a data privacy cliffhanger as the Dutch DPA indicates it is likely to be […]

Lessons for Legal Teams: Avoiding Costly Mistakes in Data Privacy Compliance Data privacy is no longer a secondary concern for […]

Six years since GDPR came into force, the promise of stronger data protection is being undermined by the rise of […]

LinkedIn Ireland was recently fined a record-breaking €310 million by the Irish Data Protection Commission for GDPR violations, underscoring the […]

The General Data Protection Regulation (GDPR) is a European Union law that protects the privacy and personal data of individuals […]

The General Data Protection Regulation (GDPR) is a European regulation establishing the framework for personal data protection of individuals in […]

Since General Data Protection Regulation (GDPR) entered into force, the personal data protection has become more challenging to the Healthcare […]

In this article, we will introduce you to some useful GDPR software tools which may help you reach GDPR compliance […]

A lawful (or legal) basis for processing data must be satisfied before a business can process any personal data. Article 6 […]

An Estonian startup operating in the data protection field, GDPR Register, is developing an AI-based solution that helps companies escape […]

Data protection requirements are becoming more complex in the European Union once again, and the European Court has begun to […]

28th of January was International Data Protection Day, which reminds us that data protection is a daily responsibility in every company processing […]

We are excited to welcome Marit Kesa as the newest member of the GDPR Register team. As our new Sales […]

Data protection authorities in Europe are gaining confidence and competence, which is reflected in the statistics of penalties for violators. […]

GDPR Register appointment ex-Veriff leader Krete Paal as its Chief Executive Officer (CEO), effective October 1, 2023. She will spearhead the company’s next stage of growth as it prepares for a crucial 2024 funding round and expansion into other European markets. 

The European Commission concluded that the United States ensures adequate protection for personal data transferred from the EU to U.S. […]

Introduction Data privacy and security are of utmost concern in the digital era of today, especially when it comes to […]

What is a Data Processing Agreement (DPA)? A Data Processing Agreement (DPA) is a legally binding document to be entered […]

Direct marketing includes text messages (SMS) and emails that a customer receives from a product or service provider. But activities […]

The GDPR has put strict rules in place, when it comes to data transfer to third countries or international organizations. Which […]

What are the records of processing activities (ROPA)? Article 30 of the EU General Data Protection Regulation (GDPR) requires organisations […]

What is Data Breach? According to General Data Protection Regulation (GDPR), a personal data breach is a security incident that […]

Germany’s largest consumer protection organisation calls on Clubhouse operator Alpha Exploration Co. to cease and desist from illegal business practices […]

Personal information of more than 243 million Brazilians was exposed for more than six months thanks to weakly encoded credentials […]

Ubiquiti, one of the biggest sellers of networking gear, including routers, webcams and mesh networks, has alerted its customers to […]

Hackers accessed systems at the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile. The Energy Department and […]

Commissioner Helen Dixon will have an active week with her office’s first potential big tech fine under GDPR and a […]

Commission proposes measures to boost data sharing and support European data spaces To better exploit the potential of ever-growing data […]

EU Parliament today endorsed a new law that will allow groups of consumers to join forces and launch collective action […]

In an unprecedented move, the Privacy Campaigners at the Open Rights Group (ORG) have today announced that they are taking […]

The data breach report is based on a survey conducted by Kaspersky and B2B International on September 30, 2020. Researchers […]

Cork hospital fined €65k after patients’ personal data found in public recycling facility The Data Protection Commission (DPC) has handed […]

DPC ordered to pick up most of the legal bill of EU-US data transfer case Today, the Irish High Court […]

The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure. Marriott estimates that […]

Despite the free right to rectification under the GDPR, the airline charged € 35 in phone charges to update a […]

Data Protection Authorities (DPA) Data Protection Authorities (DPA) are independent public authorities that supervise, through investigative and corrective powers, the […]

The right of access is a fundamental right under data protection law. And it has never been more necessary. In […]

IAB Europe’s ad tracking consent framework found to fail GDPR standard A flagship framework for gathering Internet users’ consent for […]

Instagram is being investigated by Ireland’s Data Protection Commissioner (DPC) over its handling of children’s personal data on the platform. […]

A pan-European alliance for cloud technology will be set up by the end of the year to for purpose of […]

The Information Commissioner’s Office (ICO) has fined British Airways (BA) £20m for failing to protect the personal and financial details […]

Google is revamping Google Analytics for a world in which privacy plays center stage and identifiers are exiting stage left. […]

Irish Data Protection Commission has had a ten-fold increase in funding since 2014 Irish Data Protection Commission is getting more […]

The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank’s failure to properly oversee […]

The lawsuit takes issue with Amazon’s transatlantic data transfers Amazon faces a lawsuit in Germany over claims it has continued […]

Amazon has been caught snooping on the private Facebook groups of its EU-based delivery workers The revelations have been accumulating […]

Announcing Global Privacy Control: Making it Possible for Consumers to Easily Exercise Their “Do Not Sell” Rights Under CCPA With […]

Due to several hundred employees of the H&M service centre in Nuremberg were monitored by the centre management, the Hamburg […]

The new Swiss Data Protection Act (nFADP) has finally been completed. Following the resolution of the last differences on “profiling” […]

On Thursday in the Northern District of California, Brittany Conditi filed a class-action complaint against Instagram and its parent company Facebook for […]

The creators of the data protection market standard for cloud, the EU Cloud Code of Conduct (CoC), today announced work […]

Data protection officers (DPOs) working in central government departments, agencies and associated public bodies across the UK say they have […]

The Irish regulator is expected to stop the social media giant from moving data to the US because of privacy […]

This is a simple GDPR compliance checklist for data controllers that you can use to ensure you have considered most important […]

What are ‘controllers’ and ‘processors’? With this short and simple article, we will try to explain the basics of controllers […]

The data protection authority of the German state of Baden-Wurttemberg issued a guidance for European Union data exporters in the wake of the Schrems […]

Businesses operating within the European Union have been hit with a total of €68 million (£61.5m) in fines relating to […]

As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our […]

In the light of the recent ruling of the European Court of Justice, website owners have to bear in mind […]

A year after GDPR came into force, the Lithuanian Data Protection Authority (VDAI) has issued its first administrative fine. UAB ‘Mister Tango’, […]

An article was published recently in the Helsingin Salomat about the Finnish Data Protection Authority who had ordered a payment and […]

In light of the latest survey conducted by the CPO Magazine, we are looking into the role of the Data […]

Just recently, a report was published based on a survey of 252 global privacy professionals working for a wide range […]

There are two separate EU level regulations to follow when processing personal data for direct marketing in B2B and B2C […]

The referendum campaign Leave.EU and Eldon Insurance Group were announced to receive GDPR fines for a total of £120,000. This […]

As the General Data Protection Regulation came into force, companies that process personal data of EU citizens, are expected to […]

Australian data protection expert Troy Hunt has exposed the biggest single data breach known so far. During the recent data breach, nearly […]

You would think that of all the companies and organizations, NASA – an independent agency, responsible for the civilian space program, as well […]

Right after the start of the New Year, the message spread that Angela Merkel’s personal details leaked on Twitter.  According […]

The General Data Protection Regulation (GDPR) has introduced a new obligation, which requires companies and organizations to carry out data […]

The French Data Protection Authority (the “CNIL”) was not in a festive mood when right after Christmas, on the 27th […]

Nowadays almost every business sector integrates digital technologies. IT infrastructure and practice, if not updated regularly, ages and becomes weaker. Therefore, […]

At the beginning of June 2018, the Finnish Transport Safety Agency (TRAFI) presented an online service that enables a search […]

The GDPR, that came into force on the 25th of May, 2018, expanded the EU‘s data protection area coverage, introduced […]

Portuguese Supervisory Authority (“CNPD”) imposed a fine of 400.000 € on a hospital for the GDPR infringement. The hospital publicly […]

The Radisson Hotel Group has experienced a data breach impacting members of the firm’s loyalty and rewards scheme in over […]

Hospitality sector (accommodation, restaurants & bars, travel & tourism and leisure) has one of the largest shares of personal data […]

Many companies use Google Analytics as their assistive tool in order to collect valuable information about customer behaviour on websites, […]

After GDPR coming into force, it was assumed the big players – multinational companies were the first to receive sanctions. […]

From the 3rd of October, 2018, Privacy Policy becomes mandatory for apps in an Apple Store. Likewise, Google Play also […]