Contacta con un DPO
Chat to a DPO

Categorie: Data Protection

Home
Data Protection
Page 36
Read More
  Horlane

ICO intents to fine Marriott more than £99 million for data breach

Following an extensive investigation, the ICO has issued a notice of its intention to fine Marriott International £99,200,396 for data breach under the GDPR. The U.S. hotel group is the second firm to face a massive GDPR fine. Marriott notified the ICO of a cyber incident in November 2018. A variety of personal data contained
juli 26, 2019 Comments (0) Share
Read More
  cristinac

ICO new cookies guidance

The new guidance aims to align the ICO’s position on cookies with GDPR. What should I do? There are steps a business must take to ensure compliance with the new guidance: Say what cookies will be set and explain what the cookies do The information provided to the data subject must cover: the cookies intended
juli 24, 2019 Comments (0) Share
Read More
  Horlane

British Airways data breach fine set at £183m based on GDPR

British Airways is facing a record fine of £183m data breach of its security system. The GDPR imposes stiff fines on data controllers and processors for non-compliance. On the one hand a company can either be fined up to €10 million, or 2% of the worldwide annual revenue of the prior financial year. On the
juli 10, 2019 Comments (0) Share
Read More
  Horlane

Greenwich University data breach

The ICO fined Greenwich University  £120,000 for failing to prevent  a serious data breach.  The breach disclosed the data of 19,500 students. This occurred due to a microsite developed by an academic and a student in the then-devolved University’s Computing and Mathematics School, to facilitate a training conference in 2004. The data included names, addresses, dates
juli 5, 2019 Comments (0) Share
Read More
  Horlane

EE fined by ICO for sending unlawful texts

EE has been fined £100,000 by the ICO for sending 2.5 million unconsented direct marketing messages to its customers. We explain what companies should watch out for when sending direct marketing messages.  The messages, sent in early 2018, encouraged customers to access and use the ‘My EE’ app to manage their account and also to
juli 3, 2019 Comment (1) Share
Read More
  bostjanm

Gmail is not telecommunications, rules ECJ

To the relief of Europe’s tech community, European Court of Justice rules that Gmail is not electronic communications service and does not fall under the EU regulatory framework for telecommunications. European regulatory Framework on electronic communications (or telecommunications) imposes a number of public law rights and obligations on the providers of services that consist ‘wholly
juni 21, 2019 Comments (0) Share
Read More
  Horlane

EU cyber-attacks framework

The Council has established a framework (Council Regulation (EU) 2019/796)which allows the EU to impose sanctions in relation to cyber-attacks which constitute an external threat to the EU or its Member States. It also includes cyber-attacks against third States or international organisations where restricted measures are considered necessary to achieve the objectives of the Common
juni 7, 2019 Comment (1) Share
Read More
  cristinac

Practical guidance on how to process mixed datasets

The European Commission has published guidance on the interaction between the Regulation on the free flow of non-personal data and the GDPR. One year after the GDPR started to apply, most controllers are (or at least they should) well aware of the security and privacy requirements that should govern the datasets which contain personal data.
juni 5, 2019 Comments (2) Share
Read More
  cristinac

What data should a controller disclose under a data subject access request?

A recent decision from the Cologne Regional Court addresses whether individuals are entitled to receive emails and personal notes as part of a DSAR. “I want access to all personal data you handle about me”. What should you do as the controller if you receive an email like this? According to GDPR, individuals have the right to obtain:
mei 31, 2019 Comments (0) Share
Read More
  cristinac

Aphaia delivers its first data protection workshop in Madrid

The workshop took place at Aphaia’s premises and it was focus on privacy, cybersecurity and data protection. Taking advantage of the first GDPR anniversary, Aphaia decided to deliver a workshop to share our experience with other businesses that may be struggling with data protection issues. Even though GDPR came into force in 2018, Aphaia has
mei 29, 2019 Comments (0) Share