What is Data Breach? A personal data breach is security incident that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. Personal data breaches can include: access
Direct marketing includes text messages (SMS) and emails that a customer receives from a product or service provider. But activities of direct marketing may include multiple steps: collecting personal data from potential customers, creating profiles
What do companies have to include in the records of processing activities? GDPR Article 30 requires companies to keep an internal record, which contains the information of all personal data processing activities carried out by
Data Protection Authorities (DPA) Data Protection Authorities (DPA) are independent public authorities that supervise, through investigative and corrective powers, the application of the GDPR. They provide expert advice on data protection issues and handle complaints
What is a DPA? A Data Processing Agreement (DPA) is a legally binding document to be entered into between the controller and the processor in writing or in electronic form. It regulates the scope and purpose of
This is a simple GDPR compliance checklist for controllers that you can use to ensure you have considered most important aspects of the GDPR. Before starting, you should first determine whether you process personal data
What are ‘controllers’ and ‘processors’? With this short and simple article, we will try to explain the basics of controllers and processors. Controllers are the main decision-makers – they exercise overall control over the purposes
As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our experience, we have seen a lot of different formats and approaches. Often such spreadsheets don’t
In the light of the recent ruling of the European Court of Justice, website owners have to bear in mind their data protection responsibilities when using plugins on their websites. This case concerns the German
A year after GDPR came into force, the Lithuanian Data Protection Authority (VDAI) has issued its first administrative fine. UAB ‘Mister Tango’, a company that provides financial operation services globally, was fined 61,500 EUR in respect of
Your e-mail address is only used to send you our newsletter and information about the activities of GDPR Register. You can always use the unsubscribe link included in the mail.
