GDPR: Transferring data outside of the European Union

The General Data Protection Regulation (“GDPR”) requires a data controller to implement safeguards to protect the personal data of residents in the European Union (“EU”). When an organization transfers data outside of the EU, it must follow the requirements of the GDPR. In this guide, we will explain: What are … Read more

GDPR creating data flow maps

The General Data Protection Regulation (“GDPR”) allows residents in the European Union (“EU”) to have control over their data. Under the GDPR, a controller must maintain an internal record of all its processing activities. In addition, the controller must make the record available to a supervisory authority upon request. In … Read more

GDPR data breach reporting requirements

The General Data Protection Regulation (“GDPR”) is a broad set of regulations in the European Union (“EU”) that protects the personal data of its residents. Under the GDPR, if an organization has a data breach, it must notify a regulatory authority and the affected individuals. In this guide, we will … Read more

How does GDPR affect marketing?

The GDPR: General Data Protection Regulation is a complex and highly enforced privacy law that protects the personal data of residents of the European Union. The law has very strict requirements, such as having a comprehensive Privacy Policy, processing data only when there is a legal basis to do so, … Read more

GDPR rules for responding to data subject requests

The General Data Protection Regulation (“GDPR”) provides rights to residents in the European Union (“EU”) that allows them to control their personal data. To exercise their rights, the GDPR allows EU residents to send a request to the data controller. In this guide, we will answer the following: What is … Read more

A guide to GDPR privacy by design requirements

The General Data Protection Regulation (GDPR) is one of the most strict and heavily enforced privacy laws in the world, with the goal of protecting the Personally Identifiable Information (PII) of residents of the European Union. The law achieves this goal by requiring certain websites that GDPR applies to have … Read more

GDPR rules for responding to data subject requests

The General Data Protection Regulation (“GDPR”) provides rights to residents in the European Union (“EU”) that allows them to control their personal data. To exercise their rights, the GDPR allows EU residents to send a request to the data controller. In this guide, we will answer the following: What is … Read more

A guide to GDPR Privacy Policy disclosure requirements

The General Data Protection Regulation (“GDPR”) gives residents in the European Union (“EU”) control over their personal data. Under the GDPR, a controller must make certain disclosures to EU residents about its data processing activities. In this guide, we will explain: What disclosures are required under the GDPR: General Data … Read more

GDPR: How to create a data protection impact assessment

The General Data Protection Regulation (“GDPR”) directs how an organization should handle the personal data of residents in the European Union (“EU”). Under the GDPR, an organization must conduct a Data Protection Impact Assessment (“DPIA”) if it processes high-risk data. In this guide, we will explain: What is a Data … Read more

GDPR: how to process data under the consent legal basis

The General Data Protection Regulation (GDPR) is a privacy law that protects the personal data of residents of the European Union. GDPR achieves this goal by providing privacy rights to individuals, requiring certain websites to have a compliant Privacy Policy, and imposing heavy fines for failure to comply.  Perhaps one … Read more