Data protection compliance is a crucial consideration when it comes to purchasing data for direct marketing. Data broking for direct marketing purposes involves collecting data about individuals from a variety of sources, then combining it and...
Article 37 of the GDPR indicates that any controller or processor shall appoint a Data Protection Officer (DPO) in the following situations: the processing is carried out by a public authority or body, except for courts acting in their judicial...
The revolution that the Internet has brought to the business world is undeniable, allowing information to be shared around the world in a matter of seconds. In fact, a large part of the services and business models that have arisen as a result of...
On 4th June 2021 the EU Commission published two sets of standard contractual clauses under the General Data Protection Regulation (“GDPR”): Standard contractual clauses for international data transfers (“new SCCs”), which is the much-awaited set of...
The same elements and techniques that power the socio-economic benefits of AI can also bring new risks and negative consequences for individuals or society. In response, on April 2021 the EU Commission has published a new draft AI Regulation which...
During its 48th Plenary Session, the European Data Protection Board (EDPB) adopted its two Opinions on the European Commission’s adequacy decisions on the UK. Although the EDPB acknowledges that there are key areas of strong alignment between...
The Court of Justice of the European Union (‘CJEU’) published, on 16 July 2020, its highly anticipated Judgment in the case known as ‘Schrems II’. This is the latest chapter in the Schrems case that also took down the former EU-US Safe Harbour...
Simply mentioning “artificial intelligence” already invokes dangerous robots destroying the world. Fortunately, reality shows that the current uses of this technology are definitely of a much more positive character. In fact, the...
“Consent” is one of the legitimate bases or legal grounds included in Article 6 of the EU General Data Protection Regulation (GDPR). The definition of consent is included in Article 4.11 of the GDPR as follows: Any freely given, specific, informed...
As explained in a previous post on legitimate basis, a data processing activity can only be lawful if it is based on one of the six situations established in Article 6.1 of the General Data Protection Regulation (GDPR or GDPR). Among them, Article 6...