Tag: GDPR

An awaited new ECJ preliminary ruling on data privacy in the case C-210/16 Wirtschaftsakademie Schleswig-Holstein

On June 5, the European Court of Justice (ECJ) released its preliminary ruling in the case Wirtschaftsakademie Schleswig-Holstein. The ECJ found that the administrator of a fan page on Facebook is jointly responsible with Facebook for the processing of data of visitors to the page. By creating a fan page on Facebook and defining the criteria […]

GDPR implications on the global M&A process

A recent GDPR seminar attended by members of our team inspired us to share our thoughts on how the new European legislation on data protection would affect the M&A transactions. The GDPR implications on M&A deals would certainly go beyond the borders of the EU given the extraterritorial application of the Regulation. Privacy “by design” […]

Mandatory data protection officers under the GDPR

Data protection officers (“DPO”) will become key figures within organisations striving to ensure compliance with the stricter requirements of the GDPR as from May 2018. In the end of 2016, a conservative estimate by the International Association of Privacy Professionals suggested that 75,000 DPO positions will be created globally in response to the adoption of […]

How to define the most relevant legal basis for personal data processing under the GDPR

On its entry into force, the GDPR would make reliance on data subjects’ consents inappropriate for many personal data processing activities. A practical tip to self-test current consents: if it seems difficult for a controller to obtain a valid consent, perhaps there is another legal ground that should apply. When implementing a GDPR compliance strategy, […]

Consent of data subjects under the GDPR

One of the most common grounds for lawful processing of personal data is obtaining the data subject’s consent. As from 25 May 2018 when the GDPR shall enter into force, the requirements for obtaining lawfully such consent will be significantly amended. Despite being more burdensome for companies, the new requirements may serve as a competitive […]

Principles of personal data processing under the new EU data protection rules

The newly revised EU legal framework in the field of personal data protection has already made the processing of personal data an increasingly important topic for businesses operating in the territories of EU member states. As from 25 May 2018, the General Data Protection Regulation (“GDPR”) will become directly applicable in all EU states. With […]