Loading

Category: Privacy

UK GDPR reform: Update on Data Protection and Digital Information Bill

The UK Government has provided an update on the Data Protection and Digital Information (No. 2) Bill.   The UK Government has provided an update on the Data Protection and Digital Information (No. 2) Bill. The Data Protection and Digital Information (No. 2) Bill is a proposed law that aims to strengthen data protection rules

Cookie consent violations lead to sanctions for TV2 Média Csoport Zrt

Cookie consent violations lead to sanctions for TV2 Média Csoport Zrt from the Hungarian supervisory authority.   The Hungarian Supervisory Authority (SA) has issued a fine to TV2 Média Csoport Zrt for cookie consent violations. The company operates the websites “tenyek.hu” and “tv2play.hu” which make media content available to the public. The two websites also

Tips for game designers from the ICO on Children’s code compliance

The ICO has published tips for game designers on how to comply with the children’s code.   In the UK, the Children’s code governs all online services that are likely to be accessed by children. This code was put in place to protect the UK’s minor population within the digital world. As games are one

Previous Standard Contractual Clauses can no longer be used: CNIL issues reminder

CNIL of France recently issued a reminder that the previous Standard Contractual Clauses can no longer be used for the transfer of data outside of the EU. CNIL of France has recently issued a reminder that the old Standard Contractual Clauses (SCCs) can no longer be used, as of 27th December. Data exporters and importers

Controller Binding Corporate Rules: New recommendations from the EDPB

The EDPB recently published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules.   The European Data Protection Board (EDPB) has recently adopted recommendations for the Controller Binding Corporate Rules (BCR-Cs) during their November plenary. The document includes recommendations on the Application for

Processor Code of Conduct published by LfDI of Baden-Württemberg, Germany

Baden-Württemberg DPA, LfDI has published a Processor Code of Conduct to aid data processors with self regulation.    The DPA of Baden-Württemberg, Germany has published a code of conduct for processors, providing more legal certainty with regard to data processing under the GDPR. Businesses and organisations within Germany and in general within the EU, who

Guidance on international transfers from the ICO

The UK’s ICO has published guidance on international transfers for businesses and organisations which process personal data.   In the aftermath of the publishing of the International Data Transfer Agreement (IDTA) and the Addendum to the European Union Standard Contractual Clauses (SCCs), the ICO has published guidance on international data transfers. This guidance includes a

Processing of health data by complementary health insurance providers: CNIL calls for further clarification

CNIL calls for clarification regarding the processing of health data by complementary health insurance providers in the face of several complaints.   CNIL calls for clarification regarding which conditions under which complementary health insurance providers are allowed to collect health data, after receiving several complaints regarding the legality of these insurance providers receiving data generated

GPS tracking must be appropriate and necessary

Slovenia SA rules that while the security of property can be a legitimate interest for GPS tracking, it must be appropriate and necessary.    The Slovenian Supervisory Authority (SA) determined that a data controller which engaged in GPS tracking of eight company vehicles, did not have a legal basis to do so, according to this

UK Department for Education reprimanded by the ICO

The ICO has issued a reprimand to the UK Department for Education, relating to the misuse of personal information of children.   Following an investigation into the use of a database of pupils’ learning records by Trust Systems Software UK Limited, the ICO believes this to be a case of poor diligence on the part