Blog

Can you use Google Chromebooks in schools?

The Danish supervisory authority, Datatilsynet, issued a decision on January 30, 2024, instructing 53 municipalities to align their processing of personal data related to Chromebooks with the obligations of the GDPR. However, do municipalities have the means to comply with this order?

Read more
What is Privacy by Design
Privacy by Design (“PbD”) is a concept originally developed in the 90’s by Ann Cavoukian, the former Information and Privacy Commissioner of Ontario. It was developed to address the privacy risks of new information and communication technologies. The concept achieved international acceptance in 2010 when the International Conference of Data Protection and Privacy Commissioners (currently known as the Global Privacy Assembly) recognised it as international standard.Read more
GDPR risks for Google Analytics
Google Analytics is the most used web analytics service that tracks and reports website traffic data. Despite its popularity, it has been under heavy scrutiny by European data protection supervisory authorities. Many businesses are asking is it lawful to use and what risks there might be for using it?Read more
Why data-flow mapping is essential for privacy impact assessments (DPIAs)
If you are a privacy professional, you know how crucial it is to understand how personal data is processed when you are conducting a privacy impact assessment or data protection impact assessment. But due to the complexity of today’s digital ecosystems, it can be challenging to gain a thorough understanding of your organisation’s processing activities. That’s where the data-flow mapping comes in.Read more
Controllers, how well do you know your recipients?
Article 15(1)(c) of the GDPR gives data subjects the right to obtain information from a controller on “the recipients or categories of recipients to whom the personal data have been or will be disclosed.” A common practice has been to list the recipients only on a category level in privacy notices and provide this information to the data subject upon request. However, many controllers were shocked after the Court of Justice of the EU (the “CJEU”) published its decision in case C-154/21, addressing that the controllers must provide data subjects with the actual identities of recipients, if so requested. According to the CJEU, this right enables data subjects to verify that their personal data are processed in a lawful manner.Read more
5 Reasons Why Data-flow Maps with Data Lineages are a Must in Data Protection
Instead of just documenting your processing activities with text and field forms, visualization with data-flow maps offers a more understandable and concrete way of describing the processing of personal data. Some companies rely on just drawing a data-flow map using, e.g., MS Visio. However, other companies go further and use tools that allow documenting the underlying data lineages in the data-flow maps.Read more

Book a free meeting

It all starts with a demo! Leave your email address below and we'll contact you shortly!
Captcha Code