recommendations have been adopted to help data exporters, either controller or processor within the European Economic Area (EEA) who transfers personal data to a controller or processor in any country that is not a Member State of the EEA
In its ruling dated 16th July 2020 (C-311/18, Schrems II), the CJEU invalidated the adequacy of the EU-US Privacy Shield. This was the basis of transfers of personal data by controllers in the EU (data exporters) to companies in the US (data importers). This means that such transfers can no longer be possible under this adequacy framework
In its ruling dated 16th July 2020 (C-311/18, Schrems II), the CJEU invalidated the adequacy of the EU-US Privacy Shield. This was the basis of transfers of personal data by controllers in the EU (data exporters) to companies in the US (data importers). This means that such transfers can no longer be possible under this adequacy framework
With regards to the disclosure of medical or health data in the context of occupational medicine and assessments of working capacity, the rule under Article 9 GDPR provides that the processing of special categories of data shall be prohibited unless one of the derogations set out under para. 2 thereof is satisfied.
Whereas many governments and companies around the globe are turning to technology to fight the coronavirus pandemic, the use of personal data is playing a crucial role in creating models to identify trends.
These are challenging times that took us all by surprise. For the safety and well-being of everyone, employees are required to work remotely. Controllers must ensure that all the security measures, both technical and organisational, are in place to safeguard their IT infrastructures and systems.Don’t lower your guard! There are virtual criminals out there waiting to […]
It is well known that public and private organisations are taking the necessary measures to contain and mitigate the dramatic effects of the coronavirus. These measures are likely to require the processing of different types of personal data, including health data, which is a special category of data under the GDPR.
Both the right to privacy and freedom of expression are fundamental human rights enshrined in the European Convention on Human Rights. No right is absolute and, where two rights might potentially lead to a level of conflict, competent authorities have to ensure that a fair and equitable balance is reached. In the case of street photography [..]