Posts

Identifying people through anonymous web browsing patterns
Of interest to youAnonymous web browsing data can identify people when URLs, habits and clickstream patterns are combined. GDPR lessons for data brokers and analytics.

Twitter metadata is a privacy nightmare
Of interest to youTwitter/X metadata can reveal behavioural patterns and identify users even when the content of a post appears anonymous.

Data Processing Agreement under GDPR: when it is required and what it must include
Of interest to youLearn when a Data Processing Agreement is required under GDPR, what clauses it must include, and how to review processors, subprocessors, security, AI and international transfers.

Special Categories of Data Under the GDPR: Practical Guide
Of interest to youPractical guide to special categories of data under the GDPR: health, biometric, political, religious and sexual orientation data, Article 9 exceptions and safeguards.

Photographing Customer ID Documents: GDPR Risks and Data Minimisation
Of interest to youWhy photographing or copying customer ID documents may breach the GDPR and what less intrusive alternatives companies should assess.

Transborder data transfers
Of interest to youThe scope of transborder data transfers
The publication of the General Data Protection Regulation (GDPR) on May 25, 2016 in the European Union, served as inspiration worldwide for the implementation of data privacy laws.
Many countries,…

Sanction for recording underage soccer match
Of interest to youIn procedure PS/00313/2021, the Spanish Data Protection Agency (AEPD) has imposed a fine of €3,000 on a company specialized in recording soccer matches for capturing images of minors without prior consent from their parents.
Sanction for…

Lack of information on the processing of personal data
Of interest to youThe AEPD imposes penalties to real estate companies of up to 5,000 € for not informing the interested party of the processing of their personal data.
Several affected parties have filed complaints to the AEPD, in relation to the use of their…

Microsoft 365 in Schools: Privacy, Cloud Services and GDPR Lessons
Of interest to youLessons from the Microsoft 365 schools debate: cloud platforms, minors, contracts, international transfers and GDPR compliance.

Digital Markets Act DMA: key obligations
Of interest to youThe Digital Markets Act DMA regulates gatekeepers and core platform services. Key obligations and practical effects for digital businesses in the EU.

Digital Services Act DSA: key obligations
Of interest to youThe Digital Services Act DSA is now applicable, setting obligations for online platforms, marketplaces, search engines and intermediary services in the EU.

