DORA compliance for vendors is now a live requirement, and selling technology to European financial firms is therefore like constructing a new building in a crowded city: you must meet the code, welcome inspections, and prove the structure can take [...]
For many, being GDPR certified or obtaining GDPR certification is the holy grail. It provides proof that you comply with the GDPR and other data protection laws. This is especially true for processors that process personal data on behalf [...]
Let's talk telco cybersecurity in South Africa. Securing a telecommunications network is like trying to tune into a radio station amid heavy static: operators must carefully adjust both their security controls and their compliance processes to cut through the noise. [...]
What is cybersecurity compliance mapping? Navigating cybersecurity compliance today is like conducting a precise archaeological dig: you must carefully uncover each layer of obligations without damaging your organisation's underlying structure. Each jurisdiction, sector, and obligation presents distinct challenges, demanding meticulous [...]
We've all got that chaotic drawer at home — a messy collection of old chargers, mystery keys, forgotten receipts, and batteries that may or may not work. While such clutter at home might only cause mild frustration, allowing your business [...]
Managing data effectively in any organisation can feel like navigating an intricate roundabout without clear signage — a confusing, inefficient, and costly process prone to mistakes. Poor data quality can significantly impact your organisation's decision-making capabilities, resulting in operational inefficiencies, [...]
The European Commission (EU Commission) has published a proposal for a GDPR record-keeping exemption for SMEs and small mid-cap companies (SMCs) as part of its Omnibus IV Simplification Package. If adopted, this amendment to Article 30(5) of the GDPR could [...]
GDPR vs POPIA. How do they compare? The key is to identify the differences and similarities between the GDPR and the POPI Act. For example, who needs to comply with them, do they both apply to the same data [...]
Let's discuss TikTok’s GDPR transfers. Managing cross-border data flows under GDPR can be as treacherous as navigating iceberg-strewn waters — hidden dangers lurk beneath the surface. TikTok recently discovered how severe those dangers can be, facing a landmark €530 million [...]
Personal data deletion rights aren't just paperwork — they're like removing permanent marker from a whiteboard: simple to describe but tricky to do correctly. Data protection laws now give people more rights to control their personal information. One crucial right [...]
Today, processing personal data is not just a technical matter but a legal requirement governed by strict rules. Relevant data protection laws generally state that every data processing activity must have a legal basis. Although many believe that consent is [...]
Did you know that your role can change from processor to controller and back again? This is a crucial concept to understand under the General Data Protection Regulation (GDPR). In a chain of processing activities, a controller and processor's role [...]
