• Category Archives: IP/IT Law

GDPR privacy notice

A privacy notice is a public document from an organization that explains how that organization processes personal data and how it applies data protection principles. GDPR provides detailed instructions on how to create a privacy notice, placing an emphasis on making them easy to understand and accessible. ( Articles 12, 13, and 14 ) According… Read the full article

Right of access art.15 GDPR

What is the right of access? The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data as well as other supplementary information. It helps individuals to understand how and why you are using their data, and check you are doing it lawfully. How… Read the full article

GDPR. You have six options to process your personal data legally. Which one do you choose?

GDPR brings six grounds on which you can process your legal data. One is consent, but it must be accompanied by information, can be withdrawn at any time, and in some cases may be invalid (for example in working relationships). At the same time, you are required to demonstrate at any time that you have… Read the full article

What is a Data Protection Impact Assesment? (DPIA)

Data Protection Impact Assessments are used to identify and protect against any data protection related risks arising from a new project. Under the new GDPR these impact assessments will be mandatory for any high-risk processing projects. Benefits Will allow you to make informed decisions about the acceptability of data protection risks and communicate it with… Read the full article

Online shopping: EU remedies against defective digital products

The first EU rules that protect shoppers who face defective services or digital content If the issue can not be resolved, the price must be reduced or the contract concluded and the consumer’s payment refunded Digital content includes music, movies, applications, games and computer software People who buy or download music, apps, games, or cloud… Read the full article

Preparing for GDPR: Announce authorities about compromising personal data security

Notification of the Supervisory Authority in case the personal data security system has been compromised is an important step in preparation for the implementation of the General Data Protection Regulation (GDPR). The document will apply to all states of the European Union on 25 May 2018. If the technical and organizational measures have failed and… Read the full article

Huge fines for the Companies that break the new data protection rules

Companies that will violate, as of May 25, 2018, the new rules on personal data protection will face fines of up to 4% of total annual turnover. Specifically, it is the General European Data Protection Regulation (GDPR), which will apply directly to all EU Member States, including Romania. “This Regulation shall apply from 25 May… Read the full article

Checking the age of visitors under GDPR

Not any site that processes personal data will have to verify the age of visitors based on the future data protection legislation. Starting with May 2018, the processing of personal data of children under the age of 16 will be possible only on the basis of the parental agreement. Requesting a parental agreement to use online… Read the full article

Fewer imperfections in the GDPR, more success protecting personal data I

As stated before, the new piece of legislation that has everyone talking about, provides protection for individuals for their personal data, ensuring a consistent rule of law throughout the Union. It has been a titanic work to put together the new GDPR, but as in any law, are exceptions, as not everything is perfect. Some… Read the full article

GDPR Art. 14(2) f) si g)

“Where personal data have not been obtained from the data subject, the controller shall provide the data subject with the following information: (f) from which source the personal data originate, and if applicable, whether it came from publicly accessible sources; (g) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4)… Read the full article