Par une décision rendue le 28 mai 2019 (1) , la Commission nationale de l’informatique et des libertés (la « CNIL ») a prononcé une sanction de 400 000 euros à l’encontre d’une moyenne entreprise spécialisée dans la promotion immobilière pour avoir insuffisamment protégé les données à caractère personnel des utilisateurs (les « Données ») de son...
S. Keith Moulsdale, partner, & Raz Miutescu, counsel, Whiteford Taylor Preston LLP. Organizations of all sizes were caught off-guard by the GDPR’s extraterritoriality. Data mapping and gap analyses took center stage. Vendor due diligence became a time-consuming priority endeavor. Board meetings often included GDPR discussions. Except for a...
Julia Bhend - Probst Partner AG Processing of personal data in Switzerland is primarily governed by the Federal Act on Data Protection (DPA). Since not in the EU or the EEA, Swiss companies and organisations have to observe the GDPR only when the processing activities relate to the offering of goods or services to data subjects in the EU or the...
Lauren Webb – Senior associate – Brownejacobson LLP One year on since the GDPR came into force – no significant fines yet, but one retailer has shown that businesses are responsible for their employees’ data breaches (even where that employee was acting against instructions). The Information Commissioner’s Office (ICO) in the UK is investigating...
Mgr. Bc. Tomáš Mudra, Counsel at UEPA advokáti Even though personal data protection has been a discussed topic during last year, we have seen many misguided GDPR implementations and a significant level of GDPR incomprehension still continues. This lack has been exacerbated by the delay of the Czech Republic to modify its legislation so far. The...
