The European Commission (EU Commission) has published a proposal for a GDPR record-keeping exemption for SMEs and small mid-cap companies (SMCs) as part of its Omnibus IV Simplification Package. If adopted, this amendment to Article 30(5) of the GDPR could [...]
GDPR vs POPIA. How do they compare? The key is to identify the differences and similarities between the GDPR and the POPI Act. For example, who needs to comply with them, do they both apply to the same data [...]
Let's discuss TikTok’s GDPR transfers. Managing cross-border data flows under GDPR can be as treacherous as navigating iceberg-strewn waters — hidden dangers lurk beneath the surface. TikTok recently discovered how severe those dangers can be, facing a landmark €530 million [...]
Personal data deletion rights aren't just paperwork — they're like removing permanent marker from a whiteboard: simple to describe but tricky to do correctly. Data protection laws now give people more rights to control their personal information. One crucial right [...]
Today, processing personal data is not just a technical matter but a legal requirement governed by strict rules. Relevant data protection laws generally state that every data processing activity must have a legal basis. Although many believe that consent is [...]
Did you know that your role can change from processor to controller and back again? This is a crucial concept to understand under the General Data Protection Regulation (GDPR). In a chain of processing activities, a controller and processor's role [...]
For many, a data protection standard is the holy grail in assisting them to comply with data protection laws. Data protection standards often provide practical, actionable controls (almost a checklist) that they can implement to protect data and, therefore, comply [...]
Data privacy isn't just for customers — employees have rights, too. With strict privacy laws like the EU's GDPR, California's CPRA amending the CCPA, and South Africa's POPIA, companies must protect employee data with the same care as consumer data. [...]
Think of your organisation's data protection policy as a secure vault. Its strength comes from solid walls and the trust and responsibility shared among those who hold the keys. In today's data-driven world, safeguarding personal information isn't just about following [...]
In today's digital world, data privacy isn't just a legal requirement — it's essential for building trust and growing your business. A solid privacy policy is critical for SaaS (Software as a Service) companies. It helps you protect user data, [...]
The protection of personal data is crucial, especially for institutions like the European Parliament. NYOB's complaint against the EU parliament has shed light on serious data breaches in the Parliament’s recruitment platform, PEOPLE. These breaches have compromised the personal information [...]
Navigating the stormy seas of information security requires more than just a robust ship; it also demands a vigilant crew equipped with precise navigation tools. Information security incident reports are essential tools in the world of data protection. This document [...]
