![Blog 16 dpf-blogpost-bg-image](https://www.gdprregister.eu/wp-content/uploads/2023/09/dpf-blogpost-bg-image-300x225.jpg)
The EU-U.S. Data Privacy Framework: A Transatlantic honeymoon for data flows, but for how long?
The European Commission concluded that the United States ensures adequate protection for personal data transferred from the EU to U.S. companies under the EU-U.S. Data Privacy
![Blog 17 A Guide to Personal Data Mapping](https://www.gdprregister.eu/wp-content/uploads/2023/04/Personal-Data-Mapping-300x173.webp)
A Comprehensive Guide to Personal Data Mapping
Introduction Data privacy and security are of utmost concern in the digital era of today, especially when it comes to data protection regulations like the
![Blog 18 Data processing Agreement (DPA)](https://www.gdprregister.eu/wp-content/uploads/2020/09/data-processing-agreement-300x200.jpg)
Data Processing Agreement (DPA)
What is a Data Processing Agreement (DPA)? A Data Processing Agreement (DPA) is a legally binding document to be entered into between the controller and the
![Blog 19 direct-marketing-gdpr](https://www.gdprregister.eu/wp-content/uploads/2018/09/direct-marketing-gdpr-300x200.jpg)
Direct marketing rules and exceptions under the GDPR
Direct marketing includes text messages (SMS) and emails that a customer receives from a product or service provider. But activities of direct marketing may include
![Blog 20 GDPR Transfer to third countries](https://www.gdprregister.eu/wp-content/uploads/2018/07/gdpr-transfer-third-countries-300x163.jpg)
Transmitting personal data to third countries
The GDPR has put strict rules in place, when it comes to data transfer to third countries or international organizations. Which countries are third countries? Third
![Blog 21 GDPR Article 30](https://www.gdprregister.eu/wp-content/uploads/2020/10/Article-30-3-300x180.png)
Records of processing activities in GDPR Article 30
What are the records of processing activities (ROPA)? Article 30 of the EU General Data Protection Regulation (GDPR) requires organisations to maintain internal records, which
![Blog 22 GDPR Software Tools](https://www.gdprregister.eu/wp-content/uploads/2022/02/GDPR-Register-tools-front-page-wide-300x138.jpg)
10 Great GDPR Software Tools for Compliance in 2023 (Review + Pricing)
In this article, we will introduce you to some useful GDPR software tools which may help you reach GDPR compliance and maintain it. We will
![Blog 23 data breach gdpr](https://www.gdprregister.eu/wp-content/uploads/2018/09/1200x600-Webp.net-resizeimage-1-300x150.jpg)
Personal Data Breach Reporting Requirements Under the GDPR
What is Data Breach? According to General Data Protection Regulation (GDPR), a personal data breach is a security incident that results in the accidental or
![Blog 24 dpa gdpr](https://www.gdprregister.eu/wp-content/uploads/2020/10/data-protection-authorities-dpa-300x230.jpg)
Data Protection Authorities (DPA)
Data Protection Authorities (DPA) Data Protection Authorities (DPA) are independent public authorities that supervise, through investigative and corrective powers, the application of the GDPR. They
![Blog 25 gdpr compliance checklist](https://www.gdprregister.eu/wp-content/uploads/2020/09/gdpr-compliance-checklist-300x200.jpg)
GDPR compliance checklist for controllers
This is a simple GDPR compliance checklist for data controllers that you can use to ensure you have considered most important aspects of the General Data
![Blog 26 controller or processor](https://www.gdprregister.eu/wp-content/uploads/2020/09/controller-or-processor-300x200.jpg)
GDPR Basics: Are you a Controller or a Processor?
What are ‘controllers’ and ‘processors’? With this short and simple article, we will try to explain the basics of controllers and processors. Controllers are the
![Blog 27 Spreadsheet1](https://www.gdprregister.eu/wp-content/uploads/2019/08/Spreadsheet1-300x86.png)
Templates for Records of Processing Activities
As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our experience, we have seen a
![Blog 28 facebook 1084449 640](https://www.gdprregister.eu/wp-content/uploads/2019/08/facebook-1084449_640-300x225.jpg)
Web plug-in requires visitor’s consent
In the light of the recent ruling of the European Court of Justice, website owners have to bear in mind their data protection responsibilities when
![Blog 29 first fine in Lithuania](https://www.gdprregister.eu/wp-content/uploads/2019/05/jeshoots-com-632498-unsplash-300x200.jpg)
First GDPR fine issued in Lithuania
A year after GDPR came into force, the Lithuanian Data Protection Authority (VDAI) has issued its first administrative fine. UAB ‘Mister Tango’, a company that provides financial
![Blog 30 Finnish Data Protection Authority started investigation upon a data subject's complaint](https://www.gdprregister.eu/wp-content/uploads/2019/05/tapio-haaja-1220264-unsplash-300x225.jpg)
Finnish DPA ordered a company to change their data processing practises
An article was published recently in the Helsingin Salomat about the Finnish Data Protection Authority who had ordered a payment and financing solution company to correct
![Blog 31 data protection officer dpo](https://www.gdprregister.eu/wp-content/uploads/2019/04/data-protection-officer-dpo-300x200.jpg)
Data Protection Officer’s role and responsibilities
In light of the latest survey conducted by the CPO Magazine, we are looking into the role of the Data Protection Officer (DPO). In this
![Blog 32 helloquence 61189 unsplash](https://www.gdprregister.eu/wp-content/uploads/2019/04/helloquence-61189-unsplash-300x200.jpg)
GDPR Compliance Checklist for 2020
Just recently, a report was published based on a survey of 252 global privacy professionals working for a wide range of organizations across 14 different
![Blog 33 GDPR in B2B Marketing](https://www.gdprregister.eu/wp-content/uploads/2019/03/rawpixel-651365-unsplash-300x200.jpg)
GDPR in B2B Marketing
There are two separate EU level regulations to follow when processing personal data for direct marketing in B2B and B2C activities. Privacy and Electronic Communication
![Blog 34 beatriz perez moya 111685 unsplash](https://www.gdprregister.eu/wp-content/uploads/2019/01/beatriz-perez-moya-111685-unsplash-300x163.jpg)
Data Protection Impact Assessment Guide
The General Data Protection Regulation (GDPR) has introduced a new obligation, which requires companies and organizations to carry out data protection impact assessments if the personal
![Blog 35 nahel abdul hadi 1226210 unsplash](https://www.gdprregister.eu/wp-content/uploads/2018/12/nahel-abdul-hadi-1226210-unsplash-300x240.jpg)
Cyber Attacks from the Perspective of GDPR: Ransomware
Nowadays almost every business sector integrates digital technologies. IT infrastructure and practice, if not updated regularly, ages and becomes weaker. Therefore, because of the amount and
![Blog 36 6months GDPR.](https://www.gdprregister.eu/wp-content/uploads/2018/12/6months-GDPR.-300x146.png)
Six Months With GDPR in Force. What Happened?
The GDPR, that came into force on the 25th of May, 2018, expanded the EU‘s data protection area coverage, introduced innovations that have an effect
![Blog 37 healthcare sector](https://www.gdprregister.eu/wp-content/uploads/2018/11/healthcare-sector-300x188.jpg)
Healthcare sector: How to Comply With GDPR?
Since GDPR entered into force, the personal data protection has become more challenging to the Healthcare sector. Meaning that data must be managed with more
![Blog 38 sarah gotze 22372 unsplash](https://www.gdprregister.eu/wp-content/uploads/2018/11/sarah-gotze-22372-unsplash-300x200.jpg)
Hospitality Sector: How to Comply With GDPR?
Hospitality sector (accommodation, restaurants & bars, travel & tourism and leisure) has one of the largest shares of personal data collected by sector. Therefore, necessary
![Blog 39 GDPR: IP Anonymization on Google Analytics](https://www.gdprregister.eu/wp-content/uploads/2018/11/fancycrave-329196-unsplash-1-200x300.jpg)
IP Anonymisation on Google Analytics
Many companies use Google Analytics as their assistive tool in order to collect valuable information about customer behaviour on websites, mobile apps etc. By default, Analytics
![Blog 40 joao silas 74207 unsplash](https://www.gdprregister.eu/wp-content/uploads/2018/11/joao-silas-74207-unsplash-300x200.jpg)
GDPR Compliance Investigation in Finland and Sweden
After GDPR regulation coming into force on the 25th of May, the Finnish Data Protection Authority’s office was flooded with complaints about possible infringements. This
![Blog 41 rebecca aldama 660180 unsplash](https://www.gdprregister.eu/wp-content/uploads/2018/10/rebecca-aldama-660180-unsplash-300x200.jpg)
Loyalty Programs Under the Radar of GDPR
Lithuanian Data Protection Authority recently completed the investigation on proper personal data processing for direct marketing purposes. The target was the major food, household goods,
![Blog 42 legitimate interest under the GDPR](https://www.gdprregister.eu/wp-content/uploads/2018/09/writing-1149962_640-300x200.jpg)
Legitimate Interest Guide Under the GDPR
GDPR lists six lawful bases for processing of personal data, and legitimate interest is one of them. There is no particular purpose defined, therefore, it
![Blog 43 igor miske 207639 unsplash](https://www.gdprregister.eu/wp-content/uploads/2018/09/igor-miske-207639-unsplash-300x173.jpg)
How does GDPR affect Direct Marketing and Profiling
How does GDPR affect Direct Marketing and Profiling Direct marketing and consumer behavioral habits (profiling) are the key tools a company uses to sell their
![Blog 44 GDPR expertise](https://www.gdprregister.eu/wp-content/uploads/2018/08/sarune-300x200.jpg)
Sharing Our GDPR Expertise in Lithuania = Mission Success
Hi, I am Sarune – Country Manager (Lithuania) for GDPR Register. I know that GDPR compliance can be a headache sometimes, which is why I
![Blog 45 inaki del olmo 602632 unsplash](https://www.gdprregister.eu/wp-content/uploads/2018/04/inaki-del-olmo-602632-unsplash-300x200.jpg)
The lawful basis for Data Processing under the GDPR
A lawful (or legal) basis for processing data must be satisfied before a business can process any personal data. Article 6 of the GDPR describes six
![Blog 46 GDPR Fines](https://www.gdprregister.eu/wp-content/uploads/2018/04/gdpr-fines-300x210.jpg)
What are the GDPR fines for non-compliance?
Multi-tiered approach to GDPR fines and penalties General Data Protection Regulation has introduced a tiered approach to fines, meaning that the severity of the breach will
![Blog 47 GDPR Cookies](https://www.gdprregister.eu/wp-content/uploads/2018/04/gdpr-register-cookies-300x190.jpg)
Would you like some cookies – Why websites ask this?
This is the question that many computer users are receiving daily. What does it mean and why is it being asked? It is a part
![Blog 48 adtech](https://www.gdprregister.eu/wp-content/uploads/2017/11/adtech-300x187.png)
Data Rules for AdTech Under the GDPR
For those living in blissful ignorance: starting from May 25th 2018 a new General Data Protection Regulation (GDPR) will enter into force, which sets forth