Category Archives: Roles and Liabilities

Controller and Processor standard clauses

The French DPA (CNIL) and Spanish DPA (AGDP) have issued two guides for data processors, namely “Règlement européen sur la protection des données : un guide pour accompagner les sous-traitants” and “Directrices para contratos responsable – encargado” respectively. Furthermore the English DPA (ICO) has published a draft gdpr contracts guidance. These have a positive impact… Read More »

WILL THE CONSENT COLLECTED BEFORE THE EFFECTIVE DATE OF GDPR STILL BE VALID?

The “Guide on the Application of the European Personal Data Protection Regulation” published by the Italian DPA states, in the “Recommendations” at the foot of the consensus form, that: “The consent obtained before May 25, 2018 remains valid if it has all of the above characteristics. Otherwise, it is appropriate to work before that date… Read More »

A checklist to adapt to GDPR

Adapting to GDPR can be a rather complex task: is a substantial Regulation composed of 99 articles and 173 recitals. I thought useful, at least for me, to elaborate a reasoned summary, which directs the mental process to see if and how to adjust business procedures to achieve compliance. As with all summaries, of course,… Read More »

How to prepare to comply to GDPR

The GDPR was born one year ago (on the 27th April, published on GUE on 4th May 2016) and many have not yet outlined an adjustment plan. There is only one year left to comply to (the deadline is established on 25th May 2018). Some data protection authority of each EU Member State have published… Read More »

The new European Regulation gives greater value and facilitation to scientific research.

The Directive 95/46/EC deal with the argument in the following terms: The processing of personal data for scientific research purposes is not considered incompatible with other processing (art. 6) For scientific use, personal data may be stored for longer periods (art. 6) The provision of information to the data subject may not be given when… Read More »

GDPR in practice

Everybody is talking about GDPR in every session at Security Summit this year, whatever the topic, but in practice what companies are doing to get prepared? Alessandro Vallega started from here to introduce the conference dedicated by Europrivacy to the new European Regulation, on the second day of the Summit organized by Clusit in Milan.… Read More »