Chat to a DPO
Chat to a DPO

Zandilli Lucien

Home
Author: Zandilli Lucien
Page 11
Read More
  Zandilli Lucien

Cookie consent violations lead to a fine of 60 million euros for Microsoft

Microsoft was recently hit with a fine of 60 million euros from CNIL of France for various cookie consent violations.   Following several investigations into the company regarding cookies deposited via bing.com, CNIL has imposed a fine of €60 million on Microsoft. The investigations were spurred by complaints about the conditions for depositing cookies on
January 12, 2023 Comments (0) Share
Read More
  Zandilli Lucien

Previous Standard Contractual Clauses can no longer be used: CNIL issues reminder

CNIL of France recently issued a reminder that the previous Standard Contractual Clauses can no longer be used for the transfer of data outside of the EU. CNIL of France has recently issued a reminder that the old Standard Contractual Clauses (SCCs) can no longer be used, as of 27th December. Data exporters and importers
January 10, 2023 Comments (0) Share
Read More
  Zandilli Lucien

Adequacy decision for safe data flows with the U.S

European Union starts process to adopt adequacy decision for safe data flows with the U.S.   The European Commission has launched the process to enable continued data transfers from the European Union to the United States, which existed under the EU-U.S. Privacy Shield. In its decision, the European Commission has recognized that the United States
December 22, 2022 Comments (0) Share
Electric company was fined
Read More
  Zandilli Lucien

Electric company was fined by CNIL over commercial prospecting

French electric company EDF was fined by the CNIL for commercial prospecting and other GDPR violations.   The French electric company EDF has recently been fined a total of €600,000 after being found guilty of several GDPR violations. According to this report from the CNIL of France, the company was found guilty of commercial prospecting
December 20, 2022 Comments (0) Share
Read More
  Zandilli Lucien

Controller Binding Corporate Rules: New recommendations from the EDPB

The EDPB recently published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules.   The European Data Protection Board (EDPB) has recently adopted recommendations for the Controller Binding Corporate Rules (BCR-Cs) during their November plenary. The document includes recommendations on the Application for
December 1, 2022 Comments (0) Share
Read More
  Zandilli Lucien

Processor Code of Conduct published by LfDI of Baden-Württemberg, Germany

Baden-Württemberg DPA, LfDI has published a Processor Code of Conduct to aid data processors with self regulation.    The DPA of Baden-Württemberg, Germany has published a code of conduct for processors, providing more legal certainty with regard to data processing under the GDPR. Businesses and organisations within Germany and in general within the EU, who
November 29, 2022 Comments (0) Share
Read More
  Zandilli Lucien

Guidance on international transfers from the ICO

The UK’s ICO has published guidance on international transfers for businesses and organisations which process personal data.   In the aftermath of the publishing of the International Data Transfer Agreement (IDTA) and the Addendum to the European Union Standard Contractual Clauses (SCCs), the ICO has published guidance on international data transfers. This guidance includes a
November 24, 2022 Comments (0) Share
Read More
  Zandilli Lucien

Processing of health data by complementary health insurance providers: CNIL calls for further clarification

CNIL calls for clarification regarding the processing of health data by complementary health insurance providers in the face of several complaints.   CNIL calls for clarification regarding which conditions under which complementary health insurance providers are allowed to collect health data, after receiving several complaints regarding the legality of these insurance providers receiving data generated
November 22, 2022 Comments (0) Share
Read More
  Zandilli Lucien

GPS tracking must be appropriate and necessary

Slovenia SA rules that while the security of property can be a legitimate interest for GPS tracking, it must be appropriate and necessary.    The Slovenian Supervisory Authority (SA) determined that a data controller which engaged in GPS tracking of eight company vehicles, did not have a legal basis to do so, according to this
November 17, 2022 Comments (0) Share
Read More
  Zandilli Lucien

UK Department for Education reprimanded by the ICO

The ICO has issued a reprimand to the UK Department for Education, relating to the misuse of personal information of children.   Following an investigation into the use of a database of pupils’ learning records by Trust Systems Software UK Limited, the ICO believes this to be a case of poor diligence on the part
November 15, 2022 Comments (0) Share