Implementing the new GDPR: what does it mean for Universities?
|
|
- Sharleen Barnett
- 5 years ago
- Views:
Transcription
1 Implementing the new GDPR: what does it mean for Universities? Case study Alumni Portal Cosimo Monda Director - European Centre on Privacy and Cybersecurity Maastricht University
2 European Centre on Privacy and Cybersecurity (ECPC) Focus: Research & Professional Training and Education in the fields of privacy, cybersecurity, data protection, fundamental rights, transparency and confidentiality, IT, data security, and more
3 Training & Professional ECPC ECPC-A Jump and Start Certificate ECPC-B DPO Certificate Professional University Diploma Professional Master Degree
4 SPECIAL OFFER SURF CONFERENCE SPECIAL OFFER SURF CONFERENCE REGISTER BEFORE 17 FEBRUARY TO BENEFIT FROM AN ADDITIONAL 50 EUR DISCOUNT Reduction code: UM92739
5 SPECIAL OFFER SURF CONFERENCE REGISTER BEFORE 1 MARCH TO BENEFIT FROM AN ADDITIONAL 75 EUR DISCOUNT Reduction code: UM92739
6
7 The Reform of the EU data protection framework: Key changes and what to expect
8 General Data Protection Regulation (GDPR) 2012 April May May 2018 Start of reform process to replace Directive 95/46/EC GDPR negotiations are finalized GDPR is published in the Official Journal of the EU start of countdown GDPR enters into force (after 2 years + 20 days of publication) applicable in 2018 the GDPR is set to replace the Wet bescherming persoonsgegevens (Wbp), which implemented Directive 95/46/EC in The Netherlands
9 Applicable Law Rules Broader territorial reach than the current regime - GDPR applies where processing takes place in the context of the activities of an establishment of a controller or processor in the EU - GDPR applies to controllers outside the EU when processing activities relate to: - offering goods or services to data subjects in the EU - monitoring the behavior of data subjects in the EU - No longer apply making use of equipment 9
10 E-Privacy Regulation 14 December January / May 2018 (?) Leak of the Commission draft for the e-priv. Reg. to replace e-priv. Directive Official publication of the Commission draft for the e-priv. Reg. (differs from previous leak) Trilogues/ formal reading by EP/Council e-priv. Reg. applies (Art. 29(2) official COM draft) The E-Priv. Reg. will replace the Telecommunicatiewet, which implemented the e-priv. Dir. in The Netherlands
11 What will change with the GDPR?
12 Key terms & concepts in the GDPR Term Controller Processor Consent Main establishment of the Controller Personal data Data subject Special/sensitive data Pseudonymization Definition in GDPR retained retained amended new retained new amended new
13 Substantive Principles Lawfulness, fairness, and transparency Purpose limitation - incompatible further processing still prohibited - criteria for assessing compatibility identified - further non-consensual uses allowed in certain cases - where required by law; or - scientific or historical research or statistical purposes Data minimization Accuracy - including erasure and rectification without delay Storage limitation
14 Lawfulness of processing Legitimate interest - still a valid legal basis to process non-sensitive data - balanced against the interests and fundamental rights and freedoms of the individual extra protection for children - reasonable expectations of the individual concerned - no legal basis for public authorities
15 Lawfulness of processing Valid CONSENT - specific and informed, - Unambiguous, statement or clear affirmative action opt-in - freely given; Other available grounds for lawfulness
16 Profiling Restrictions where profiling has: - legal consequences; or - significantly affects the individual Only allowed in exceptional cases - necessary for the performance of a contract - authorized by EU or Member State law - explicit consent Profiling with special data prohibited unless explicit consent or substantial public interest backed by EU or Member State law
17 Accountability (I) Responsibility of controllers Ability to demonstrate GDPR compliance Implement data protection by design and by default - restrictive privacy settings: e.g. data must not be made public by default Appointment of DPO with significant powers and independence - mandatory for public bodies - national law may specify more situations for mandatory DPO appointment
18 Accountability (II) Data protection impact assessment prior to processing - mandatory for controllers for high risk processing Data Security - enhanced obligations for controllers and processors Data Breach Notification to the competent SA without undue delay
19 Data Subjects Rights General points Controllers must facilitate the exercise of rights No undue costs for data subjects Set time to respond to data subjects requests Right to fair processing of information Right to access Right to rectify Right to restrict processing Right to object to processing Right to erasure ( right to be forgotten ) Right to data portability
20 Enforcement Substantially higher fines Supervisory Authorities have more powers - investigative powers (audits, access to data, and premises) - authorization and advisory powers (Codes of Conduct, BCRs) - corrective powers (order to comply, ban on processing, suspension of data flows, fines)
21 Case Study: Alumni Database Christopher Mondschein
22 Frequently Asked Questions 1. Is the university allowed to keep the data of its alumni in a database without having gathered their consent? 2. Is the university allowed to contact alumni via electronic means to inform them of activities, news, etc.? 3. Is the university allowed to create an Alumni Portal with the data it has on its alumni? What is the applicable legal basis for the processing of this data? 4. Must the university remove the alumni s personal data form the database/alumni Portal after a certain period of time?
23 1. Storing Alumni Data Legitimate interest: - Art. 8(f) Wet bescherming persoonsgegevens - Art. 29 WP Opinion 6/2014 on the notion of legitimate interests of the data controller under Article 7 of Directive 95/46/EC - In future: Article 6(1)(f) GDPR & Recital 47 GDPR Balancing Test
24 1. Storing Alumni Data Balancing Test: processing is necessary for the purposes of legitimate interest of the controller or third party unless these interests are overridden by the interests or fundamental rights and freedoms of the data subject (esp. right to privacy)
25 1. Storing Alumni Data Reasoning: - University should know who its former students are, when they graduated, etc. - Part of public task to maintain records of graduates - The data is not publicly accessible Remember: data subject rights applicable
26 2. Communication with Alumni Communication via electronic means (e.g. ) falls under Telecommunicatiewet and Wbp sending s requires prior specific consent; opt-in + clear and specific consent cannot be assumed by failure to act consent can be withdrawn at any time GDPR and e-priv. Reg. applicable in future
27 3. Alumni Portal Legal basis: - unambiguous consent - Legitimate interest Opt-in In practice: - Alumni enter the portal and receive the terms & conditions and the privacy policy; they must tick a box to agree (box is not pre-ticked) - Alumni agree and then publish the information they wish to be available on them in the portal only this information is available (privacy by default) - Periodic reminder to check if data is accurate
28 4. Removal of Personal Data from the Database/Alumni Portal Database - Legal requirement to store minimum information regarding the graduation assess what the minimum data is (in line with data minimization principle) - Remove from mailing list upon request Alumni Portal - Remove all personal data upon request
29 Do s When contacting alumni, clearly identify the university, provide a contact point and provide information how to opt out in every mailing Gather consent - Consent must be recorded - Opt-in consent, e.g. via unchecked box along with all relevant information Keep up-to-date records Respond to objections by updating the database; unsubscribe individuals if they request it Respond within 30 days to requests by data subjects
30 Don ts X Do not send s without having obtained specific prior consent X Do not send s asking for consent X Do not ignore data subjects requests to be removed from the mailing list X Do not ignore data subjects requests to access their information
31 Be Prepared Allocate sufficient budget to tackle the data protection reform in your organization Appoint a DPO Review your governance structure Review privacy policies Prepare response mechanism for data subject requests Start implementing privacy by design and by default Revise informed consent form & have up-to-date information for data subjects requests for information
32 Accountability Rights of the data subject Data protection by design & by default Simplified Data Processing Cycle Legitimate basis Data protection impact assessment Information to the data subject
33 Thank You! EUROPEAN CENTRE ON PRIVACY AND CYBERSECURITY Website: Cosimo Monda Director Christopher Mondschein Cosimo.
General Data Protection Regulation (GDPR) Key Facts & FAQ s
General Data Protection Regulation (GDPR) Key Facts & FAQ s GDPR comes into force on 25 May 2018 GDPR replaces the Data Protection Act 1998. The main principles are much the same as those in the current
More informationTechnical Requirements of the GDPR
Technical Requirements of the GDPR Purpose The purpose of this white paper is to list in detail all the technological requirements mandated by the new General Data Protection Regulation (GDPR) laws with
More informationEU GDPR: The General Data Protection Regulation
EU GDPR: The General Data Protection Regulation A Brief Overview Duke Privacy The General Data Protection Regulation Became effective May 25, 2018. Formally codifies privacy as a fundamental right and
More informationACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION
ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION Document Control Owner: Distribution List: Data Protection Officer Relevant individuals who access, use, store or
More informationData Processing Clauses
Data Processing Clauses The examples of processing clauses below are proposed pending the adoption of standard contractual clauses within the meaning of Article 28.8 of general data protection regulation.
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationGeneral Data Protection Regulation (GDPR) NEW RULES
General Data Protection Regulation (GDPR) NEW RULES AGENDA A. GDPR : general overview B. Sectorial topics and concerns GDPR GENERAL OVERVIEW 1. GDPR : WHAT IS IT AND WHY CARE? 27 April 2016 : Approval
More informationPrivacy by Design, Security by Design
Privacy by Design, Security by Design Dai Davis Chartered Engineer and Solicitor Percy Crow Davis & Co Session ID: PNG 302 Session Classification: General Interest Privacy by Design Original data protection
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationRights of Individuals under the General Data Protection Regulation
Rights of Individuals under the General Data Protection Regulation 2018 Contents Introduction... 2 Glossary... 3 Personal data... 3 Processing... 3 Data Protection Commission... 3 Data Controller... 3
More informationData Protection Policy
Data Protection Policy Data Protection Policy Version 3.00 May 2018 For more information, please contact: Technical Team T: 01903 228100 / 01903 550242 E: info@24x.com Page 1 The Data Protection Law...
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More informationThis guide is for informational purposes only. Please do not treat it as a substitute of a professional legal
What is GDPR? GDPR (General Data Protection Regulation) is Europe s new privacy law. Adopted in April 2016, it replaces the 1995 Data Protection Directive and marks the biggest change in data protection
More informationGDPR is coming in less than 2 months Are you ready?
GDPR is coming in less than 2 months Are you ready? Charles-Albert Helleputte Partner, Brussels +32 2 551 5982 chelleputte@mayerbrown.com 30 March 2018 2 GDPR is everywhere... You were invited by UNICEO
More informationElement Finance Solutions Ltd Data Protection Policy
Element Finance Solutions Ltd Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationTHE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES. Forum financier du Brabant wallon
THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES Forum financier du Brabant wallon 14.12.2017 Data Protection should be part of every company s or organisation s DNA Do you process
More informationEU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know
EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive
More informationImpacts of the GDPR in Afnic - Registrar relations: FAQ
Impacts of the GDPR in Afnic - Registrar relations: FAQ Background The adoption of Regulation (Eu) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural
More informationPrivacy Policy. Data Controller - the entity that determines the purposes, conditions and means of the processing of personal data
Privacy Policy Datacenter.com (referred to as we, us, our, Datacenter or the Company ) is committed to protecting your privacy and handling your data in an open and transparent manner. The personal data
More informationCOMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2
COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September 2018 Table of Contents 1. Scope, Purpose and Application to Employees 2 2. Reference Documents 2 3. Definitions 3 4. Data Protection Principles
More informationIslam21c.com Data Protection and Privacy Policy
Islam21c.com Data Protection and Privacy Policy Purpose of this policy The purpose of this policy is to communicate to staff, volunteers, donors, non-donors, supporters and clients of Islam21c the approach
More informationTHE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE
THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE EU DATA PROTECTION REGULATION Kalliopi Spyridaki Chief Privacy Strategist,
More informationCreative Funding Solutions Limited Data Protection Policy
Creative Funding Solutions Limited Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments
More informationGDPR Data Protection Policy
GDPR Data Protection Policy Volleyball England 2018 VE Data Protection Policy May 2018 Page 1 GDPR Data Protection Policy 1. Introduction This Policy sets how the English Volleyball Association Limited
More information1. Right of access. Last Approval Date: May 2018
Page 1 of 5 I. PURPOSE The European Union s General Data Protection Regulation (GDPR) provides greater data protection for individuals in the European Union (EU). This comprehensive regulation, effective
More informationPreparing for the GDPR
Preparing for the GDPR 1 February 2018 EXPECT EXCELLENCE DUBLIN BELFAST LONDON NEW YORK SILICON VALLEY arthurcox.com The EU General Data Protection Regulation (known as the GDPR ) will replace the current
More informationMotorola Mobility Binding Corporate Rules (BCRs)
Motorola Mobility Binding Corporate Rules (BCRs) Introduction These Binding Privacy Rules ( Rules ) explain how the Motorola Mobility group ( Motorola Mobility ) respects the privacy rights of its customers,
More informationBHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationGDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY. A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018
GDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY 25 2018 A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018 A 7-step practical guide to achieving and maintaining
More informationDEPARTMENT OF JUSTICE AND EQUALITY. Data Protection Policy
DEPARTMENT OF JUSTICE AND EQUALITY Data Protection Policy May 2018 Contents Page 1. Introduction 3 2. Scope 3 3. Data Protection Principles 4 4. GDPR - Rights of data subjects 6 5. Responsibilities of
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Michael Eva, London Grid for Learning What is GDPR? General Data Protection Regulation (GDPR) protects the personal data of EU citizens regardless of where the
More informationGeneral Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant
General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall
More informationGDPR - Are you ready?
GDPR - Are you ready? Anne-Marie Bohan and Michael Finn 24 March 2018 Matheson Ranked Ireland s Most Innovative Law Firm Financial Times 2017 International Firm in the Americas International Tax Review
More informationGDPR effects on Gift Aid. Presented by Keren Caird Business Development Gift Aid Manager Sue Ryder
GDPR effects on Gift Aid Presented by Keren Caird Business Development Gift Aid Manager Sue Ryder Accountability Processed lawfully, fairly and in a transparent manner Collected for specified, explicit
More informationHow the GDPR will impact your software delivery processes
How the GDPR will impact your software delivery processes About Redgate 230 17 202,000 2m Redgaters and counting years old customers SQL Server Central and Simple Talk users 91% of the Fortune 100 use
More informationWhat is GDPR? https://www.eugdpr.org/ Editorial: The Guardian: August 7th, EU Charter of Fundamental Rights, 2000
GDPR: The basics What is GDPR? The EU General Data Protection Regulation (GDPR) is the biggest European shake-up of data protection in a generation. It s the culmination of two decades of experience of
More informationData Processing Agreement
Data Processing Agreement between The Data Controller Name Address Postcode and city Country and The Data Processor Idha Sweden AB Norra vägen 28 856 50 Sundsvall Sweden] Page 1 of 15 1 Content 2 Data
More informationOur agenda. The basics
GDPR - AVG - RGPD. Our agenda The basics Key actions Responsibilities The basics Key actions Responsibilities Who cares? Why? From directive to regulation 24 Oct 1995: a Directive 95/46/EC is adopted partially
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationGeneral Data Protection Regulation BT s amendments to the proposed Regulation on the protection of individuals with regard to the processing of
General Data Protection Regulation BT s amendments to the proposed Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General
More informationThis Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ).
PRIVACY POLICY Data Protection Policy 1. Introduction This Data Protection Policy (this Policy ) sets out how Brital Foods Limited ( we, us, our ) handle the Personal Data we Process in the course of our
More informationGDPR data subject rights
data subject rights Date: February 2018 Author: Information compliance team (EP) Version: 0.1 (draft, awaiting final version of Data Protection Bill) Classification: Open gives people certain rights in
More informationDISCLOSURE ON THE PROCESSING OF PERSONAL DATA LAST REVISION DATE: 25 MAY 2018
DISCLOSURE ON THE PROCESSING OF PERSONAL DATA LAST REVISION DATE: 25 MAY 2018 Introduction This disclosure on the processing of personal data (hereinafter, the "Disclosure") is provided pursuant to Art.
More informationRoyal Mail Consultation: Changes to Postal Schemes to reflect new data protection legislation
Royal Mail Consultation: Changes to Postal Schemes to reflect new data protection legislation Published: 27 February 2018 Responses required by: 26 March 2018 Summary 1. Postal Schemes set out the terms
More information- GDPR (General Data Protection Regulation) is the new Data Protection Regulation of the European Union;
PRIVACY NOTICE INTRODUCTION During the operation of the website data controller processes the data of persons registered on the website in order to be able to provide them with adequate services. Service
More informationYou will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to
Suzanne Dibble 2018. Copyright in this document belongs to Suzanne Dibble. You may not copy or use it for any purpose unless you have purchased this template document from Suzanne Dibble. You may not allow
More informationContract Services Europe
Contract Services Europe Procedure for Handling of Page 1 of 10 1. INTRODUCTION This procedure document supplements the data request and subject access request (SAR) provisions set out in DPS Contract
More informationData Subject Access Request Form
Please read the Guidance Notes which accompany this form before completing the form. Please complete the form in block capitals. Please submit your completed request form as a secure email attachment to
More informationLatest version, please translate and adapt accordingly!
Latest version, please translate and adapt accordingly! EDM Website Privacy Notice template Ford.xx Short Website Privacy Notice This Short Website Privacy Notice summarizes the terms and conditions of
More informationPROJECT BACKGROUND AND RATIONALE
PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter
More informationPrivacy Notice and Consent Form
Privacy Notice and Consent Form CGT Commit Global Translations Ltd. ( Commit ) is committed to protecting and respecting your privacy. We want to tell you how we use and protect your personal information.
More informationKnowing and Implementing the GDPR Part 3
Knowing and Implementing the GDPR Part 3 11 a.m. ET, 16:00 GMT March 29, 2017 Welcome & Introductions Panelists Your Host Dave Cohen IAPP Knowledge Manager Omer Tene Vice President Research & Education
More informationBIOEVENTS PRIVACY POLICY
BIOEVENTS PRIVACY POLICY At Bioevents, your privacy is important. Below you will find our privacy policy, which covers all personally identifiable data shared through Bioevents websites. Our privacy policy
More informationGDPR compliance. GDPR preparedness with OpenText InfoArchive. White paper
White paper GDPR preparedness with OpenText InfoArchive The new EU privacy law, GDPR, will be in effect in less than a year. OpenText has the solutions to help you prepare and comply to this new law. Contents
More informationthe processing of personal data relating to him or her.
Privacy Policy We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the Hotel & Pensionat Björkelund. The use of
More informationRequirements for a Managed System
GDPR Essentials Requirements for a Managed System QG Publication 6 th July 17 Document No. QG 0201/4.3 Requirements for a Managed GDPR System The General Data Protection Regulation GDPR will apply in the
More informationData Protection Policy
The Worshipful Company of Framework Knitters Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act 1998 (DPA) [UK] For information on this
More informationData Protection Policy
Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act (DPA) 2018 [UK] For information on this Policy or to request Subject Access please
More informationSCHOOL SUPPLIERS. What schools should be asking!
SCHOOL SUPPLIERS What schools should be asking! Page:1 School supplier compliance The General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and will be applied into UK law via the updated
More informationFAQ about the General Data Protection Regulation (GDPR)
FAQ about the General Data Protection Regulation (GDPR) 1. When does the GDPR come into force? The GDPR was promulgated 25 May 2016 and comes into effect 25 May 2018. 2. Is there a transition period? We
More informationDATA PROTECTION ISACA MALTA CHAPTER BIENNIAL CONFERENCE Saviour Cachia Commissioner for Information and Data Protection
DATA PROTECTION ISACA MALTA CHAPTER BIENNIAL CONFERENCE 2016 Saviour Cachia Commissioner for Information and Data Protection Conception of DPA Council of Europe ETS 108 Convention on the protection of
More informationPrivacy Policy Hafliger Films SpA
Hafliger Films SpA, with registered office at Via B. Buozzi no. 14-20089 Rozzano (MI), has for many years considered it of fundamental importance to protect the personal details of customers and suppliers,
More informationOur Privacy Statement
Our Privacy Statement This Privacy Statement tells you about the information Elizabeth McGuinness & Co Solicitors collect from you when you use our website. In collecting this information, we are acting
More informationMembership Privacy Notice. 31 August 2018
Membership Privacy Notice 31 August 2018 HOW WE USE YOUR INFORMATION Why we use your personal data: We typically use your personal information to comply with our legal obligations (such as checking your
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationBreach Notification in the GDPR Era. Speakers: Sam Pfeifle, IAPP Dennis Holmes, PwC
Breach Notification in the GDPR Era Speakers: Sam Pfeifle, IAPP Dennis Holmes, PwC Welcome Sam Pfeifle, Content Director, IAPP sam@iapp.org Dennis Holmes, Lawyer, Cybersecurity and Data Protection Legal
More informationM T BUCKLEY & Co Chartered Accountants
M T BUCKLEY & Co Chartered Accountants 2 Beulah Walk, Woldingham, Caterham, Surrey CR3 7LL Telephone: 01883 650420 Mobile: 07876 030622 1. PURPOSE OF THIS POLICY PRIVACY POLICY This policy describes how
More informationPREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI
PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI Jarkko Reittu Data Protection Officer and Legal Counsel University of Helsinki, Administrative Services jarkko.reittu@helsinki.fi 1 MY BACKGROUND JARKKO
More informationGDPR Compliance. Clauses
1 Clauses GDPR The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU). It became enforceable from May 25 2018. The
More informationRobert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe
Respecting Privacy, Securing Data and Enabling Trust a view from Europe Robert Bond, Partner & Notary Public Robert Bond Robert Bond has nearly 40 years' experience in advising national and international
More informationMore detailed information, including the information about your rights is available below.
Depending on the content of the correspondence, your data will be processed for the purposes of conclusion and performance of the agreement to which you are a party, to fulfil the legal obligation of the
More informationCybersecurity Considerations for GDPR
Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union
More informationMOBILE.NET PRIVACY POLICY
MOBILE.NET PRIVACY POLICY As the operator of the Mobile.net website (https://mobile.net.ltd/) (Website), ADX Labs, LLC. (Company, we or us) is committed to protecting and respecting your privacy. The data
More information1. Type of personal data that we collect and process?
PRIVACY POLICY Branch of the Walton International Search Associates Limited in the Republic of Serbia, with the registered seat in Belgrade, Bulevar Arsenija Carnojevica 52A, sixth floor, st 17, registration
More informationData subject ( Customer or Data subject ): individual to whom personal data relates.
Privacy Policy 1. Information on the processing of personal data We hereby inform you in this document about the principles and procedures for processing your personal data and your rights, in accordance
More informationArkadin Data protection & privacy white paper. Version May 2018
Arkadin Data protection & privacy white paper Version May 2018 Table of Contents 1- About Arkadin 4 2- Objectives 6 3- What does the GDPR cover? 8 4- What does the GDPR require? 10 5- Who are the data
More informationContributed by Djingov, Gouginski, Kyutchukov & Velichkov
Contributed by Djingov, Gouginski, Kyutchukov & Velichkov General I Data Protection Laws National Legislation General data protection laws The Personal Data Protection Act implemented the Data Protection
More informationG DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know
G DATA Whitepaper The new EU General Data Protection Regulation - What businesses need to know G DATA Software AG September 2017 Introduction Guaranteeing the privacy of personal data requires more than
More informationPrivacy Policy CARGOWAYS Logistik & Transport GmbH
Privacy Policy CARGOWAYS Logistik & Transport GmbH We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the CARGOWAYS
More informationGDPR and the Privacy Shield
GDPR and the Privacy Shield Mark Prinsley Partner +44 20 3130 3900 mprinsley@mayerbrown.com Kendall Burman Counsel + 202 263 3210 kburman@mayerbrown.com Speakers Kendall Burman Counsel Washington DC Mark
More informationData Protection in Switzerland Update Following the Safe Harbor Decision. 21 October 2015 / 6 February 2016 Christian Wyss
Data Protection in Switzerland Update Following the Safe Harbor Decision 21 October 2015 / 6 February 2016 Christian Wyss Agenda Data Protection in Switzerland The Safe Harbor Decision How to Restore Compliance?
More informationGDPR Privacy Webinar. Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018
GDPR Privacy Webinar Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018 Prioritizing Your Path to GDPR Compliance Presented by Half-Day Workshops Online
More informationWhat You Need to Know About Addressing GDPR Data Subject Rights in Pivot
What You Need to Know About Addressing GDPR Data Subject Rights in Pivot Not Legal Advice This document is provided for informational purposes only and must not be interpreted as legal advice or opinion.
More informationData Protection. Code of Conduct for Cloud Infrastructure Service Providers
Data Protection Code of Conduct for Cloud Infrastructure Service Providers 27 JANUARY 2017 Introduction... 3 1 Structure of the Code... 5 2 Purpose... 6 3 Scope... 7 4 Data Protection Requirements... 9
More informationWe may change the privacy notice from time to time by amending this page.
This privacy notice sets out how we will process personal data we collect from or about you, or which you provide to us. Please read this notice carefully to understand why data is being collected and
More informationGDPR Privacy Policy. The data protection policy of AlphaMed Press is based on the terms found in the GDPR.
GDPR Privacy Policy PRIVACY POLICY The privacy and security of data are a priority for AlphaMed Press and our management and staff. While accessing and using our website does not require your submission
More informationGDPR: A technical perspective from Arkivum
GDPR: A technical perspective from Arkivum Under the GDPR, you have a general obligation to implement technical and organisational measures to show that you have considered and integrated data protection
More informationPrivacy Policy Kühnreich & Meixner GmbH Kühnreich & Meixner GmbH Kühnreich & Meixner GmbH Kühnreich & Meixner GmbH 1. Definitions
Privacy Policy We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the Kühnreich & Meixner GmbH. The use of the
More informationData Protection Policy
Introduction In order to; provide education, training, assessment and qualifications to its customers and clients, promote its services, maintain its own accounts and records and support and manage its
More informationWE ARE COMMITTED TO PROTECTING YOUR PERSONAL DATA
WE ARE COMMITTED TO PROTECTING YOUR PERSONAL DATA In accordance with the new Regulation (EU) 2016/679 on the protection of personal data (GDPR), we ask you to give your consent on the use of Cookies, for
More informationTalenom Plc. Description of Data Protection and Descriptions of Registers
Talenom Plc. Description of Data Protection and Descriptions of Registers TALENOM DESCRIPTION OF DATA PROTECTION Last updated 14 March 2018 Scope Limitations Data protection principles Personal data Registers
More informationWebsite Privacy Notice
This privacy notice explains the processing of personal data on the website of Assurity Consulting Ltd (including the entity of Assurity Consulting Holdings Ltd). Assurity Consulting Ltd is committed to
More informationThis article will explain how your club can lawfully process personal data and show steps you can take to ensure that your club is GDPR compliant.
GDPR and BMC Clubs Lawful basis for Processing Personal Data This article will explain how your club can lawfully process personal data and show steps you can take to ensure that your club is GDPR compliant.
More informationForms. GDPR for Zoho Forms
GDPR for Zoho Forms The What The General Data Protection Regulation (GDPR) is a regulation that empowers the residents of the European Union (EU) with better transparency, access and control of their personal
More informationA Homeopath Registered Homeopath
A Homeopath Registered Homeopath DATA PROTECTION POLICY Scope of the policy This policy applies to the work of homeopath A Homeopath (hereafter referred to as AH ). The policy sets out the requirements
More informationThe isalon GDPR Guide Helping you understand and prepare for the legislation
The isalon GDPR Guide Helping you understand and prepare for the legislation 01522 887200 isalonsoftware.co.uk Read our guide today to help you plan for the new legislation.. The General Data Protection
More information1 Who is this guide designed for?
Contents 1 Who is this guide designed for?... 2 2 What does the GDPR change regarding the duty to inform?... 2 3 Who must be informed and when?... 3 4 Where and how to inform?... 4 5 Layered information...
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified Data Protection Officer The objective of the PECB Certified Data Protection Officer examination is to ensure that the candidate has acquired the knowledge and skills
More information