GDPR

Home/Tag:GDPR

Proposed GDPR record-keeping exemption for SMEs

The European Commission (EU Commission) has published a proposal for a GDPR record-keeping exemption for SMEs and small mid-cap companies (SMCs) as part of its Omnibus IV Simplification Package. If adopted, this amendment to Article 30(5) of the GDPR could [...]

GDPR vs POPIA | Compare the GDPR with the POPI Act?

GDPR vs POPIA. How do they compare? The key is to identify the differences and similarities between the GDPR and the POPI Act. For example, who needs to comply with them, do they both apply to the same data [...]

TikTok’s GDPR transfers – Understanding the €530M fine

Let's discuss TikTok’s GDPR transfers. Managing cross-border data flows under GDPR can be as treacherous as navigating iceberg-strewn waters — hidden dangers lurk beneath the surface. TikTok recently discovered how severe those dangers can be, facing a landmark €530 million [...]

Personal data deletion rights: Navigating your responsibilities

Personal data deletion rights aren't just paperwork — they're like removing permanent marker from a whiteboard: simple to describe but tricky to do correctly. Data protection laws now give people more rights to control their personal information. One crucial right [...]

By |2025-04-10T10:45:22+02:00April 8th, 2025|Categories: POPI and Data Protection|Tags: , |

Beyond consent: Better grounds for processing personal data

Today, processing personal data is not just a technical matter but a legal requirement governed by strict rules. Relevant data protection laws generally state that every data processing activity must have a legal basis. Although many believe that consent is [...]

By |2025-02-20T12:20:17+02:00February 20th, 2025|Categories: POPI and Data Protection|Tags: , |

Concepts of controller and processor – do you really know your processing role?

Did you know that your role can change from processor to controller and back again? This is a crucial concept to understand under the General Data Protection Regulation (GDPR). In a chain of processing activities, a controller and processor's role [...]

Data protection standard | Bureau Veritas | ISO | SANS

For many, a data protection standard is the holy grail in assisting them to comply with data protection laws. Data protection standards often provide practical, actionable controls (almost a checklist) that they can implement to protect data and, therefore, comply [...]

By |2025-01-27T14:39:30+02:00December 12th, 2024|Categories: POPI and Data Protection|Tags: , , , |

Employee privacy policies

Data privacy isn't just for customers — employees have rights, too. With strict privacy laws like the EU's GDPR, California's CPRA amending the CCPA, and South Africa's POPIA, companies must protect employee data with the same care as consumer data. [...]

By |2024-11-12T12:43:15+02:00November 11th, 2024|Categories: POPI and Data Protection|Tags: , |

Radical Candor in data protection policies

Think of your organisation's data protection policy as a secure vault. Its strength comes from solid walls and the trust and responsibility shared among those who hold the keys. In today's data-driven world, safeguarding personal information isn't just about following [...]

By |2024-10-14T13:23:15+02:00October 14th, 2024|Categories: POPI and Data Protection|Tags: , |

NYOB’s complaint against EU parliament | Data breach

The protection of personal data is crucial, especially for institutions like the European Parliament. NYOB's complaint against the EU parliament has shed light on serious data breaches in the Parliament’s recruitment platform, PEOPLE. These breaches have compromised the personal information [...]

By |2024-08-28T14:07:09+02:00August 22nd, 2024|Categories: POPI and Data Protection|Tags: , , , |

Information security incident reports

Navigating the stormy seas of information security requires more than just a robust ship; it also demands a vigilant crew equipped with precise navigation tools. Information security incident reports are essential tools in the world of data protection. This document [...]

By |2024-08-13T18:00:45+02:00August 13th, 2024|Categories: Cybersecurity Law, POPI and Data Protection|Tags: , , , , |