More
    A data processing agreement (“DPA”) needs to be in place when a data controller engages a data processor. The DPA sets out the relationship between the two parties and the data being processed. Reading time: 1,5 minutes. Data processing agreement (DPA) introduction Data controllers have to make sure that the processor is...
    The principle of accountability in the GDPR requires you to take responsibility for how you process personal data. You must also make sure that your company complies with other principles. Furthermore, the principle includes an obligation to demonstrate compliance, meaning that companies must have documented procedures and routines in...
    A public school in Sweden filmed the students to register class attendance. The school is fined with EUR 20 000. The use of facial recognition violated the GDPR since the use was too intrusive and did not have a valid reason.Reading time: 4...
    Learn what you need to know about GDPR fines, as it is one of the most talked about aspects of the GDPR. Below is a short explanation of what triggers the GDPR fines and who awards them. This article will also discuss what you can do to mitigate the...
    This article sets out the data processing agreement basics of responsibilities between two parties that share personal data as a by-product of their collaboration, e.g. purchaser-supplier relationship.Reading time: 1,5 minutes. Who is responsible and for what? Data controllers are organisations that collect personal data and decide what happens with it. For this...
    According to the GDPR, some companies need to appoint a data protection officer (DPO). A DPO has the task of assisting the company in monitoring and reviewing compliance – for example, by advising and informing about the company’s data protection obligations.Reading time: 1,5 minutes. Data protection officer basics First of all,...
    Individuals right to information is about how to collect and use their personal data. This right has led to several information-related obligations that companies need to fulfil. In particular, the main goal of these obligations is to be clear and open about your processing activities.Reading time: 1,5 minutes. Principle of...