20220211 Data export after the Google Analytics decision Bart Van Den Brande
The recent Austrian and French DPA decisions on the use of Google Analytics in light of GDPR compliance, raise a lot of legal questions surrounding data transfers. We try to answer them in a clear and pragmatic way in this webinar
Vanaf 25 mei 2018 moeten alle (Magento webshops) in Europa aan de nieuwe regelgeving van de Algemene Verordering Gegevensbescherming (AVG) of GDPR (General Data Protection Regulation (GDPR) voldoen. Wat betekent dit voor Magento webshops? Een analyse door Reach Digital.
Nederlands artikel op https://reachdigital.nl/blog/checklist-algemene-verordering-gegevensbescherming-AVG-GDPR-Magento-webshops
The GDPR changes are fast approaching and time is running out to prepare yourself and your data. GDPR is an important topic that you will need to know inside out for your business and marketing to succeed. CommuniGator can help you get fully prepared for its arrival.
We are here to answer YOUR GDPR questions to arm you with everything you need to ensure you are compliant come May 2018.
Find out how the new data law will affect your B2B marketing abilities. We answer all your questions with a Q&A section from our experts in the field – so you can really get to grips with the changes.
We cover:
- The good the bad and the ugly of GDPR
- Your own checklist to becoming compliant
- How to get your existing data ‘double opted-in’
- Answers to your burning questions!
This Webinar featuring guests from the EU Commission, the French data regulator CNIL, DLA Piper and IBM provided an overview of the new EU data protection and privacy perspective from the perspective of the regulation author, regulator, legal advisor and technology providers.
For more information visit https://brightpay.co.uk
All organisations, regardless of size, will have had to introduce or update existing policies regarding personal data in order to comply with the new regulations.
This webinar will look at the GDPR, how it may affect your business and what we have learned from the GDPR 5 months on. We will also have a look at how BrightPay can help your organisation utilise the new regulations for the benefit of you, your customers and youremployees.
Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data, and that includes your employee’s personal payroll and HR information. We will take you through the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligations with regards to payroll, HR and Employment law.
The webinar will include a demonstration of how our BrightPay Connect add-on can help you work towards GDPR compliance by offering remote online access to accountants, employers and employees. We will take a brief look at our Bright Contracts software, which as well as providing the user with the facility to create and customise Contracts of Employment and Company Handbooks, now has a new feature which enables the user to create an Employee Privacy Policy which is a requirement under GDPR.
We will also unveil our new timesheet rapid input feature. Our exciting new timesheet feature directly connects to the BrightPay payroll and allows clients to import timesheet hours from a CSV or directly input hours for each employee on the BrightPay connect employer dashboard. For accountants and payroll bureaus, clients can easily use the timesheet upload for rapid input of employee’s hours eliminating possible errors. The timesheet feature also allows bureaus to easily run the payroll before sending it back to your payroll client for final approval and validation.
20220211 Data export after the Google Analytics decision Bart Van Den Brande
The recent Austrian and French DPA decisions on the use of Google Analytics in light of GDPR compliance, raise a lot of legal questions surrounding data transfers. We try to answer them in a clear and pragmatic way in this webinar
Vanaf 25 mei 2018 moeten alle (Magento webshops) in Europa aan de nieuwe regelgeving van de Algemene Verordering Gegevensbescherming (AVG) of GDPR (General Data Protection Regulation (GDPR) voldoen. Wat betekent dit voor Magento webshops? Een analyse door Reach Digital.
Nederlands artikel op https://reachdigital.nl/blog/checklist-algemene-verordering-gegevensbescherming-AVG-GDPR-Magento-webshops
The GDPR changes are fast approaching and time is running out to prepare yourself and your data. GDPR is an important topic that you will need to know inside out for your business and marketing to succeed. CommuniGator can help you get fully prepared for its arrival.
We are here to answer YOUR GDPR questions to arm you with everything you need to ensure you are compliant come May 2018.
Find out how the new data law will affect your B2B marketing abilities. We answer all your questions with a Q&A section from our experts in the field – so you can really get to grips with the changes.
We cover:
- The good the bad and the ugly of GDPR
- Your own checklist to becoming compliant
- How to get your existing data ‘double opted-in’
- Answers to your burning questions!
This Webinar featuring guests from the EU Commission, the French data regulator CNIL, DLA Piper and IBM provided an overview of the new EU data protection and privacy perspective from the perspective of the regulation author, regulator, legal advisor and technology providers.
For more information visit https://brightpay.co.uk
All organisations, regardless of size, will have had to introduce or update existing policies regarding personal data in order to comply with the new regulations.
This webinar will look at the GDPR, how it may affect your business and what we have learned from the GDPR 5 months on. We will also have a look at how BrightPay can help your organisation utilise the new regulations for the benefit of you, your customers and youremployees.
Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data, and that includes your employee’s personal payroll and HR information. We will take you through the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligations with regards to payroll, HR and Employment law.
The webinar will include a demonstration of how our BrightPay Connect add-on can help you work towards GDPR compliance by offering remote online access to accountants, employers and employees. We will take a brief look at our Bright Contracts software, which as well as providing the user with the facility to create and customise Contracts of Employment and Company Handbooks, now has a new feature which enables the user to create an Employee Privacy Policy which is a requirement under GDPR.
We will also unveil our new timesheet rapid input feature. Our exciting new timesheet feature directly connects to the BrightPay payroll and allows clients to import timesheet hours from a CSV or directly input hours for each employee on the BrightPay connect employer dashboard. For accountants and payroll bureaus, clients can easily use the timesheet upload for rapid input of employee’s hours eliminating possible errors. The timesheet feature also allows bureaus to easily run the payroll before sending it back to your payroll client for final approval and validation.
Building Consumer Trust through Individual Rights / DSAR ManagementTrustArc
Perhaps the most customer facing and public compliance requirements for GDPR, CCPA and LGPD are around the rights of the data subject, often referred to as individual rights or data subject access requests (DSARs). These regulations have significantly increased the requirements on businesses regarding how they address individual rights and related requests, specifically the type of requests they need to address and the timeline and process they need to follow in order to fulfill the requests.
In order to build consumer trust and fulfil data subject rights requirements, organizations must have a consistent and streamlined process for the intake and management of consumer requests.
This webinar will review:
-Summary of data subject rights requirements for GDPR, CCPA & LGPD
-Best practices and tips to comply
-Practical steps for implementing a Data Subject Rights -Management program along with sample case studies
GDPR and evolving international privacy regulationsUlf Mattsson
Convergence of data privacy principles, standards and regulations
General Data Protection Regulation (GDPR)
GDPR and California Consumer Privacy Act (CCPA)
What role does technologies play in compliance
Use Cases
The somewhat awkward marriage between digital marketing and data protection (...Bart Van Den Brande
Data protection and digital marketing seem hard to reconcile: cookie regulations, GDPR, ePrivacy, .... Seem to restrict marketing activities, but what if marketeers could learn to use data protection laws to gain consumer's trust and thus build a long term customer relationship...?
Data privacy awareness is on the rise. Users become more and more concerned with how online service providers collect and protect their personal information. And so should you. Discover how to balance the risks and benefits of collecting data in the age of customer centricity.
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...TrustArc
The GDPR forced companies to spend a substantial amount of time, resources and money on becoming compliant. For many companies, it took years to understand, build and manage a compliance program to meet the variety of requirements included in the GDPR.
With new and updated privacy laws and regulations popping up, such as CCPA and Privacy Shield invalidation, companies are now being tasked with assessing the impact to their current privacy program and learning how to weave them into existing practices.
Listen to this webinar to learn how to leverage the substantial amount of work that was done for the GDPR to simplify additional privacy compliance.
Privacy Regulations and Your Digital SetupPiwik PRO
How Will the New Privacy Regulations Affect Your Digital Set-up? In less than 2 years from now, Europe’s new data privacy law will come into effect, changing the way organizations handle information of their users. General Data Protection Regulation will heavily impact usage of digital tools for customer insights and analytics.
This presentation was created by the Piwik PRO Team for a webinar session with Aurelie Pols. Webinar recording is available on: https://youtu.be/dPOvbbZ3vdo
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
Watch the free webinar on-demand NOW: https://info.trustarc.com/marketing-under-gdpr-webinar.html
Practical advice on what marketing activities can and can’t be done.
Marketing is an area that will be highly impacted by changes required under the GDPR, but there is a lack of clear guidance as to what the compliance requirements mean in practice. Do you need consent for everything? How can direct marketing practices comply with the GDPR and still meet business objectives?
This on-demand webinar will support privacy and marketing teams by providing practical advice on what marketing activities can and cannot be done.
#trustarcGDPRevents
Webinar Speakers
James Koons
Senior Privacy Consultant, TrustArc
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
In the shadow of the global pandemic and the associated economic downturn, organizations are focused on cost optimization, which often leads to impulsive decisions to deprioritize compliance with all nonrevenue programs.
Regulators have evolved to adapt with the notable increase in data subject complaints and are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine while Equifax agreed to pay a minimum of $575 million for its breach. The US Federal Trade Commission, the US Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states and territories sued over the company’s failure to take “reasonable steps” to secure its sensitive personal data.
Privacy and data protection are enforced by a growing number of regulations around the world and people are actively demanding privacy protection — and legislators are reacting. More than 60 countries have introduced privacy laws in response to citizens’ cry for transparency and control. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today, according to Gartner. There is a convergence of data privacy principles, standards and regulations on a common set of fundamental principles.
The opportunities to use data are growing exponentially, but so too are the business and financial risks as the number of data protection and privacy regulations grows internationally.
Join this webinar to learn more about:
- Trends in modern privacy regulations
- The impact on organizations to protect and use sensitive data
- Data privacy principles
- The impact of General Data Protection Regulation (GDPR) and data transfer between US and EU
- The evolving CCPA, the new PCI DSS version 4 and new international data privacy laws or regulations
- Data privacy best practices, use cases and how to control sensitive personal data throughout the data life cycle
These are the slides used in the presentation I gave alongside Haydn Thomas and Andrew Cross from Lightful.
The presentation was to help charities understand the most pressing implications of GDPR as well from an operational and marketing standpoint.
You can find out more about our organisations here:
https://tech-trust.org/
https://www.lightful.com/
https://www.meetup.com/netsquaredlondon/
GDPR ed Explainable AI - Intelligenza Artificiale e Regolamento Europeo sulla...Pietro Calorio
Brief of the panel @ CLB Fest 2018 Torino, with Daniele Magazzeni, Marco Ciurcina and Pietro Calorio.
Video (in Italian): https://www.youtube.com/watch?v=K2WCyu2uEsI
https://www.clbfest.it
https://www.youtube.com/channel/UCJKU28AkcvbcyLLoyNF2Emw/featured - https://legalhackers.org/clbfest2018/
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
We will discuss the Evolving International Privacy Regulations. Cross Border Data Transfer for GDPR under Schrems II is now ruled by an EU court that defined what is required. This ruling can be far reaching for many businesses.
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
On January 1, 2020, one of the strictest privacy laws in the US, the California Consumer Privacy Act (CCPA), will come into effect. What should governance, risk and compliance executives know in order to prepare for CCPA? Watch the on demand recording here: https://symc.ly/2Pn7tvW.
Modern data protection and privacy rests on accurate data classification and labeling for smarter more accurate enforcement. BigID's award-winning sensitive data discovery and tagging provides a first of its kind ability to accurately find and secure personal data.
G Suite Data Protection: 3 steps to complianceJames Farha
A 3 step guide to ensuring your EU users of G Suite for business are compliant with the relevant EU Data Protection Legislation. Please note that this is not legal advice.
Building Consumer Trust through Individual Rights / DSAR ManagementTrustArc
Perhaps the most customer facing and public compliance requirements for GDPR, CCPA and LGPD are around the rights of the data subject, often referred to as individual rights or data subject access requests (DSARs). These regulations have significantly increased the requirements on businesses regarding how they address individual rights and related requests, specifically the type of requests they need to address and the timeline and process they need to follow in order to fulfill the requests.
In order to build consumer trust and fulfil data subject rights requirements, organizations must have a consistent and streamlined process for the intake and management of consumer requests.
This webinar will review:
-Summary of data subject rights requirements for GDPR, CCPA & LGPD
-Best practices and tips to comply
-Practical steps for implementing a Data Subject Rights -Management program along with sample case studies
GDPR and evolving international privacy regulationsUlf Mattsson
Convergence of data privacy principles, standards and regulations
General Data Protection Regulation (GDPR)
GDPR and California Consumer Privacy Act (CCPA)
What role does technologies play in compliance
Use Cases
The somewhat awkward marriage between digital marketing and data protection (...Bart Van Den Brande
Data protection and digital marketing seem hard to reconcile: cookie regulations, GDPR, ePrivacy, .... Seem to restrict marketing activities, but what if marketeers could learn to use data protection laws to gain consumer's trust and thus build a long term customer relationship...?
Data privacy awareness is on the rise. Users become more and more concerned with how online service providers collect and protect their personal information. And so should you. Discover how to balance the risks and benefits of collecting data in the age of customer centricity.
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...TrustArc
The GDPR forced companies to spend a substantial amount of time, resources and money on becoming compliant. For many companies, it took years to understand, build and manage a compliance program to meet the variety of requirements included in the GDPR.
With new and updated privacy laws and regulations popping up, such as CCPA and Privacy Shield invalidation, companies are now being tasked with assessing the impact to their current privacy program and learning how to weave them into existing practices.
Listen to this webinar to learn how to leverage the substantial amount of work that was done for the GDPR to simplify additional privacy compliance.
Privacy Regulations and Your Digital SetupPiwik PRO
How Will the New Privacy Regulations Affect Your Digital Set-up? In less than 2 years from now, Europe’s new data privacy law will come into effect, changing the way organizations handle information of their users. General Data Protection Regulation will heavily impact usage of digital tools for customer insights and analytics.
This presentation was created by the Piwik PRO Team for a webinar session with Aurelie Pols. Webinar recording is available on: https://youtu.be/dPOvbbZ3vdo
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
Watch the free webinar on-demand NOW: https://info.trustarc.com/marketing-under-gdpr-webinar.html
Practical advice on what marketing activities can and can’t be done.
Marketing is an area that will be highly impacted by changes required under the GDPR, but there is a lack of clear guidance as to what the compliance requirements mean in practice. Do you need consent for everything? How can direct marketing practices comply with the GDPR and still meet business objectives?
This on-demand webinar will support privacy and marketing teams by providing practical advice on what marketing activities can and cannot be done.
#trustarcGDPRevents
Webinar Speakers
James Koons
Senior Privacy Consultant, TrustArc
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
In the shadow of the global pandemic and the associated economic downturn, organizations are focused on cost optimization, which often leads to impulsive decisions to deprioritize compliance with all nonrevenue programs.
Regulators have evolved to adapt with the notable increase in data subject complaints and are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine while Equifax agreed to pay a minimum of $575 million for its breach. The US Federal Trade Commission, the US Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states and territories sued over the company’s failure to take “reasonable steps” to secure its sensitive personal data.
Privacy and data protection are enforced by a growing number of regulations around the world and people are actively demanding privacy protection — and legislators are reacting. More than 60 countries have introduced privacy laws in response to citizens’ cry for transparency and control. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today, according to Gartner. There is a convergence of data privacy principles, standards and regulations on a common set of fundamental principles.
The opportunities to use data are growing exponentially, but so too are the business and financial risks as the number of data protection and privacy regulations grows internationally.
Join this webinar to learn more about:
- Trends in modern privacy regulations
- The impact on organizations to protect and use sensitive data
- Data privacy principles
- The impact of General Data Protection Regulation (GDPR) and data transfer between US and EU
- The evolving CCPA, the new PCI DSS version 4 and new international data privacy laws or regulations
- Data privacy best practices, use cases and how to control sensitive personal data throughout the data life cycle
These are the slides used in the presentation I gave alongside Haydn Thomas and Andrew Cross from Lightful.
The presentation was to help charities understand the most pressing implications of GDPR as well from an operational and marketing standpoint.
You can find out more about our organisations here:
https://tech-trust.org/
https://www.lightful.com/
https://www.meetup.com/netsquaredlondon/
GDPR ed Explainable AI - Intelligenza Artificiale e Regolamento Europeo sulla...Pietro Calorio
Brief of the panel @ CLB Fest 2018 Torino, with Daniele Magazzeni, Marco Ciurcina and Pietro Calorio.
Video (in Italian): https://www.youtube.com/watch?v=K2WCyu2uEsI
https://www.clbfest.it
https://www.youtube.com/channel/UCJKU28AkcvbcyLLoyNF2Emw/featured - https://legalhackers.org/clbfest2018/
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
We will discuss the Evolving International Privacy Regulations. Cross Border Data Transfer for GDPR under Schrems II is now ruled by an EU court that defined what is required. This ruling can be far reaching for many businesses.
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
On January 1, 2020, one of the strictest privacy laws in the US, the California Consumer Privacy Act (CCPA), will come into effect. What should governance, risk and compliance executives know in order to prepare for CCPA? Watch the on demand recording here: https://symc.ly/2Pn7tvW.
Modern data protection and privacy rests on accurate data classification and labeling for smarter more accurate enforcement. BigID's award-winning sensitive data discovery and tagging provides a first of its kind ability to accurately find and secure personal data.
G Suite Data Protection: 3 steps to complianceJames Farha
A 3 step guide to ensuring your EU users of G Suite for business are compliant with the relevant EU Data Protection Legislation. Please note that this is not legal advice.
Why care about GDPR and avoid over $20 million fines, even outside EU ?FactoVia
Yes, YOU are concerned with 20 000 000€ fines, even outside EU ! You've been watched by Global Data Regulation Privacy !
At first, I thought that was only a EU matter, but when traveling to the US, it is a serious topic that impacts many IT companies worldwide !
This presentation is an introduction on how to get structured rapidly and be ready for D-Day, and avoid HUGE fines... and make citizen's privacy at last secured !
Official Website : http://www.eugdpr.org
eMarketing Techniques Conference_Google Tools May2 GoebelCorporate College
Dave Goebel, President of the Goebel Group, presents Free tools you can use from Google, at the eMarketing Techniques Conference at Corporate College. Brought to you by the Key Entrepreneur Development Center.
INATSUMMIT 2018 - Belgrade April 14th, 2018
How to comply to General Data Protection Regulation and still run a wealthy organization in post-digital economy
Central NJ Web Developers Meetup - Google Analytics 4.pdfDesignHammer
Universal Analytics (Google Analytics 3) is reaching end of life. Upgrade to Google Analytics 4 (other another analytics platform) before Universal Analytics stops collecting data! Learn the differences between UA and GA4, privacy considerations for Google Analytics, & how and when to implement GA4.
The competitive landscape of the Internet of ThingsIoTAnalytics
The competitive landscape of IoT
Competitive forces and companies shaping the Internet of Things
Vienna Global IoT Day, 9 April 2015
Knud Lasse Lueth, Founder of IoT Analytics
Agenda:
Introduction
Part 1: How IoT changes competitive forces
Part 2: The companies and technologies making IoT happen
Conclusion
1. The value of the Internet of Things lies beyond the connectivity – It comes with smart analytics and ecosystem-enablement
2. Entire industry forces are changing due to IoT. Some industries may experience higher profits. Companies need to be aware of potential lock-out.
3. The “new” IoT infrastructure is being created now – Hardware including sensors and processors, communication, software, and application.
4. The top IoT companies in terms of “share-of-voice” currently are: Intel, Microsoft, Cisco, Google, IBM
5. US startup funding in the IoT area is much larger than German or Austrian IoT investment activity
The General Data Protection Regulation (GDPR) comes into force on 25 May 2018. GDPR is a hugely important piece of legislation designed to replace antiquated data protection rules with a new framework which accounts for recent technological advancements.
Fundamentally, GDPR is about protecting people: in this digital age, our world is awash with data and individuals are generating a continuous flow of personal information. This data can hold huge socio-economic value, from individual preference and personalisation, to understanding national health trends and global business insights. But while the digital age has brought forth huge possibilities and benefits, it also carries inherent dangers.
Some of the most powerful companies in the world have established a business model predicated on the basis of data capture. Increasingly, services like email, search and social media have become available free of charge, but this often involves a trade-off where user access comes at the cost of relinquishing control of data. As the value of this information has become clear, there has been growing recognition that a new framework is needed to police this delicate balance and restore ownership and control.
GDPR will significantly raise the bar of obligation and accountability, ensuring that all organisations which handle personal data adhere to strict regulations around privacy, security and consent. This conference will contextualise the changing regulatory landscape, explain the significance of incoming rules, and define the key areas that organisations need to be aware of.
Core conference topics include:
Key legal issues and obligations
Privacy Impact Assessments
Data security and breach notification
Privacy by design
DPO requirements
Practical strategy implementation
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?Chris Swan
As a hacker and engineer I've been interested in identity and privacy since the dawn of the Internet and the online services it's enabled. For the past year I've been helping to build and open source The @ Platform, which inverts the usual model by giving everybody (and every thing) their own place to store data and control who (and what) has access to it. This talk will give an overview of the platform and its underlying protocol, and illustrate how it can be used to build privacy preserving apps and Internet connected things. It will also cover how the platform can be self hosted on devices like the Raspberry Pi, and how people can get involved in the open source community growing around it.
Privacy 2.0: Building a Winning Mobile Strategy in a Privacy-first WorldTinuiti
In this webinar, our privacy experts partner with marketing analytics and attribution experts, Singular, to talk about channel diversification and building a trove of first-party data to create a winning mobile channel strategy in the age of privacy.
Slides for the final event of the Start2AIM project of Odisee and Vlaio: short overview of the legal challenges for the use of AI in marketing (automation)
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020Bart Van Den Brande
De juridische aandachtspunten bij social media wedstrijden: kansspelen, loterijen, tombola's, consumentenbescherming, wedstrijdreglementen, gegevensbescherming, cookies, internationale aspecten
webinar for Fundraisers alliance Belgium as part of the 2 year GDPR online conference: GDPR, direct marketing and cookie compliance in fundraising based o nthe learning of 2 years of GDPR
Overzicht van de juridische impact van de Coronacrisis op uw personeelsbeleid, contracten, e-commerce, online marketing, maar ook op uw Raad van Bestuur en Algemene Vergadering
20190319 gdpr en consumentenbescherming in de autocarsectorBart Van Den Brande
What the travel industry should know about GDPR, Consumer protection, Geoblocking, PSD II, Marketing and Advertizing law (sweepstakes and Facebook contests), cookies and the platform economy before starting a webshop. Training given in collaboration with Thomas More Hogeschool and The Belgian Association of Bus and Coach professionals
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...Massimo Talia
This guide aims to provide information on how lawyers will be able to use the opportunities provided by AI tools and how such tools could help the business processes of small firms. Its objective is to provide lawyers with some background to understand what they can and cannot realistically expect from these products. This guide aims to give a reference point for small law practices in the EU
against which they can evaluate those classes of AI applications that are probably the most relevant for them.
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
Matthew Professional CV experienced Government LiaisonMattGardner52
As an experienced Government Liaison, I have demonstrated expertise in Corporate Governance. My skill set includes senior-level management in Contract Management, Legal Support, and Diplomatic Relations. I have also gained proficiency as a Corporate Liaison, utilizing my strong background in accounting, finance, and legal, with a Bachelor's degree (B.A.) from California State University. My Administrative Skills further strengthen my ability to contribute to the growth and success of any organization.
Lifting the Corporate Veil. Power Point Presentationseri bangash
"Lifting the Corporate Veil" is a legal concept that refers to the judicial act of disregarding the separate legal personality of a corporation or limited liability company (LLC). Normally, a corporation is considered a legal entity separate from its shareholders or members, meaning that the personal assets of shareholders or members are protected from the liabilities of the corporation. However, there are certain situations where courts may decide to "pierce" or "lift" the corporate veil, holding shareholders or members personally liable for the debts or actions of the corporation.
Here are some common scenarios in which courts might lift the corporate veil:
Fraud or Illegality: If shareholders or members use the corporate structure to perpetrate fraud, evade legal obligations, or engage in illegal activities, courts may disregard the corporate entity and hold those individuals personally liable.
Undercapitalization: If a corporation is formed with insufficient capital to conduct its intended business and meet its foreseeable liabilities, and this lack of capitalization results in harm to creditors or other parties, courts may lift the corporate veil to hold shareholders or members liable.
Failure to Observe Corporate Formalities: Corporations and LLCs are required to observe certain formalities, such as holding regular meetings, maintaining separate financial records, and avoiding commingling of personal and corporate assets. If these formalities are not observed and the corporate structure is used as a mere façade, courts may disregard the corporate entity.
Alter Ego: If there is such a unity of interest and ownership between the corporation and its shareholders or members that the separate personalities of the corporation and the individuals no longer exist, courts may treat the corporation as the alter ego of its owners and hold them personally liable.
Group Enterprises: In some cases, where multiple corporations are closely related or form part of a single economic unit, courts may pierce the corporate veil to achieve equity, particularly if one corporation's actions harm creditors or other stakeholders and the corporate structure is being used to shield culpable parties from liability.
Car Accident Injury Do I Have a Case....Knowyourright
Every year, thousands of Minnesotans are injured in car accidents. These injuries can be severe – even life-changing. Under Minnesota law, you can pursue compensation through a personal injury lawsuit.
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordinary And Special Businesses And Ordinary And Special Resolutions with Companies (Postal Ballot) Regulations, 2018
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence LawyersHarpreetSaini48
Discover how Mississauga criminal defence lawyers defend clients facing weapon offence charges with expert legal guidance and courtroom representation.
To know more visit: https://www.saini-law.com/
1. Data Export after the Google Analytics decision
How to ensure
Safe Data Export
After the Google
Analytics decision
11 February 2021
2. Data Export after the Google Analytics decision
Legal game changers with a passion for
technology, media and IT
VLAIO Partner for Cybersecurity projects
Contributors to the “ICLG to Cybersecurity”
DPO-Trainer at Data Protection Institute
Guest lecturers at Universities across Belgium & regular authors
Legal Partner of leading associations in marketing, web building, e-commerce and IT
Member of the Board at Smart Cities Law Firms
Chairman IT & Data Protection Practice Group at Consulegis Law Network
3. Data Export after the Google Analytics decision
Useful downloads
● 5 copies of our ICLG Cyber Security Guide
● The actual Google Analytics decision (in German)
● EDPB Guidelines on supplementary measures for data export (01/2020)
● EDPB Guidelines on what constitutes international data transfer (05/2021)
● EDPS Guidelines on data transfers to Russia, China and India
● Sirius Legal data export vendor assessment form
● Sirius Legal coordinated and split version(s) of new SCC’s
● Sirius Legal webinar recording on international data transfers
4. Data Export after the Google Analytics decision
On our menu today
▪ What happened?
▪ What is data export?
▪ Why all the fuzz?
▪ Data export after Schrems II
A bit of
background
▪ Now, really, what happened?
▪ GA as the canary in the coal mine
▪ But Google must have an answer to this,
right?
▪ Lessons (to be) learned
The Google
Analytics bomb
▪ DTIA’s & Vendor Assessments
▪ Encryption and pseudonymisation
▪ Looking for “safer” alternatives
▪ Key takeaways from all of this
Practical
“how to” tools
5. Data Export after the Google Analytics decision
Google Analytics?
What happened?
6. Data Export after the Google Analytics decision
What happened?
Well, to cut the story short…
80% of European online businesses use Google Analytics
Cookie based web analytics tool
Creates unique ID that is tracked over time
Shares data with Google servers in the US
One Austrian user decided to be the smart guy
IP addresses and Google ID are PII
PII export outside EU without prior consent
PII export outside EU without proper data security
This impacts almost Every non-EU cloud service
7. Data Export after the Google Analytics decision
A new and complex legal reality…
Or a witch hunt, according to some
7
9. Data Export after the Google Analytics decision
MS O365,
Facebook, LinkedIn,
Mailchimp, Hotjar,
Cloudflare, Google,
Hubspot,...
The list is endless
Offshore call
centers
outside EU
(Cloud)
Server
hosting
outside EU
Any cross
border data
movement
outside
EU/EEA
11. Data Export after the Google Analytics decision
Title Title
Until that day
(more or less) free flow
of data between EU and
US under Privacy Shield
“US can never offer
data privacy”
New Privacy Shield will
not come any time soon
Schrems II
terminated Privacy
Shield with
immediate effect
Reason?
US security laws
FISA
CLOUD Act
ECJ decision
on Schrems II
16 July 2020
12. Data Export after the Google Analytics decision
Data export after Schrems II
13. Data Export after the Google Analytics decision
Title Title
End of Privacy Shield is
not the end of EU-US
data flow
Compliance is your
responsibility
Not the cloud providers
Find a new and
appropriate legal
basis
In addition to that, always
case by case DTIA
Additional measures to
ensure data privacy
ECJ decision
on Schrems II
16 July 2020
14. Data Export after the Google Analytics decision
Adequate country
Very short list…
Switzerland
UK + Islands
Canada
Israel
Japan
South Korea
New Zealand
Argentina
Uruguay
Faroër & Andorra
Appropriate
safeguards
SCC
BCR
+
Always DTIA and
additional measures
+
Careful with new SCC’s
Alternative legal
grounds
DIY contract
Opt-in
Contractual necessity
…
But really, don’t…
Legitimate interest?
Theoretically possible
But almost impossible
to justify
…
So really, don’t…
15. Data Export after the Google Analytics decision
Looking for a practical
SCC template?
16. Data Export after the Google Analytics decision
Now really, what happened?
17. Data Export after the Google Analytics decision
Now really, what happened?
Google Analytics and the inevitable logic of GDPR
Most (all) cloud services require you to share PII
Many are not EU based ⇒ export data
Google offers EU servers, SCC and “additional measures”
Google Analytics allows for partially anonymised IP
Google does not allow you to add PII to GA accounts
But that was not sufficient
Google Analytics exports PII outside the EU
Without proper data privacy (FISA!)
Violation of GDPR by the website (no decision on Google)
18. Data Export after the Google Analytics decision
Google Analytics as the canary in the
coal mine…
20. Data Export after the Google Analytics decision
Austrian DSK
Finds company in
breach for using
GA
Dutch AP warns on
it’s website the next
day that “GA may
no longer be legal”
Norwegian Datatilsynet
announces 2 ongoing cases
and advises to look for
alternative to Google
Analytics
German DSK
expert opinion on
FISA: “it’s broader
than we think”
EDPS fines
European
Parliament over
Google Analytics
and Stripe cookies
on website
German court decision
sanctions Google Fonts
(and by extension
Google Recaptcha,
Google Tag Manager, …
It’s not just the one
decision.
Since beginning of 2022,
here’s what happened…
City of Stockholm
says no to further
use of O365
21. Data Export after the Google Analytics decision
It’s not just the one
decision.
And just yesterday this…
22. Data Export after the Google Analytics decision
CNIL
Feb 2021
MS Azure
Bavaria
March 2021
Mailchimp
Hamburg
June 2021
Zoom “On demand”
Portugal
April 2021
Cloudflare
Germany
June 2021
Facebook company page
EU Commission
January 2022
“New Privacy
Shield not for
tomorrow”
And that just
confirms what we
already knew
2021 was no different
from 2022
23. Data Export after the Google Analytics decision
But Google must have an
answer to this, right…?
24. Data Export after the Google Analytics decision
“We ask people not to enter PII in
their Google Analytics account”
“You can partially anonymise IP
addresses in Google Analytics”
“We have never had a
Google Analytics access
request before”
“We have taken
supplementary measures,
as requested by Schrems II”
“The EU should replace the
Privacy Shield with a new privacy
shield (or we’re leaving…)”
What Google says
25. Data Export after the Google Analytics decision
What Google said
earlier this week
“We are working to add additional
controls that will allow customers to
further customize the analytics data they
collect, thereby enabling them to
continue to use Google Analytics in a
manner that is consistent with their
compliance objectives”
No idea what that exactly means…
This does not say that Google Analytics
will be GDPR compliant in the near
future
Further anonymisation?
EU data residence?
Additional encryption possibilities?
When?
How?
27. Data Export after the Google Analytics decision
Microsoft
remains
vague
And Azure
(also MS)
remains a big
question
mark...
28. Data Export after the Google Analytics decision
Amazon Web
Services
(AWS) does
not mention
any additional
safeguards in
place...
29. Data Export after the Google Analytics decision
“We’re moving all EU citizen data
to EU servers exclusively”
“We will begin making changes
that allow for third party “zero
access” encryption on your data”
“We will no longer use GA
data for Google Ad
purposes”
“We will disable all non-
essential data sharing (cfr.
IP in Google Fonts”)
“The US should adapt it’s
surveillance laws to allow for proper
data privacy (or we’re leaving…)
What Google should
actually be saying
30. Data Export after the Google Analytics decision
Lessons (to be) learned...
31. Data Export after the Google Analytics decision
European
SME’s are
paying the
price
Google, FB,
e.g. are
playing high
stakes
gambling
It’s almost
impossible to
avoid data
transfers
through cloud
services
This problem
is not going
away by itself
32. Data Export after the Google Analytics decision
Data Transfer Impact Assessments &
vendor assessment
33. Data Export after the Google Analytics decision
So this is important?
Wait a moment while I write this down...
ALWAYS run a prior DTIA
Incorporate data residence and security
in Vendor assessment procedures
Also, run a full scale post factum DTIA
on current services without delay
If possible, choose EU based providers
Vendor assessments under GDPR
36. Data Export after the Google Analytics decision
Destination country
political assessment
Prior behaviour of
local authorities
Data sensitivity
Purpose of the
processing
Economic sector
Duration and
volume of data
export
Number of
actors involved
Transmission
channels
Storage
location
Intended
onward
transfers
How to DTIA?
Contractual
safeguards
put in place?
TOM’s put in
place?
High Risk?
Additional
Safeguards
possible?
If not?
Alternative
options
If not?
Stop the
partnership
41. Data Export after the Google Analytics decision
Encryption & Pseudonymisation
42. Data Export after the Google Analytics decision
Series of specific
examples of
sufficient TOM’s
Series of examples
of insufficient
TOM’s
EU based “zero access” encryption
“State of the art technology”
EU based “zero
access”
Pseudonimisation
(beware of re-ID risks
through different data
sets)
Supplier based
technology will never
suffice
“standard” measures
(staff training,
password protection,
2FA, … will never
suffice
Supplementary
measures?
EDPB guidelines 01/2020
Austrian DSK
+ others
43. Data Export after the Google Analytics decision
A few useable encryption tools
(For what it’s worth)
Boxcryptor
EU based
Works seamlessly with Google
Workspace
Full end-to end encryption
Cryptomator
Full end-to-end encryption
Add-on to Google Drive, Dropbox,
ect…
Veracrypt
Third party alternative to MS’s
Bitlocker
Interesting extra features for
enhanced security (a.o.
steganography)
Bitlocker?
MS, so perhaps not the best solution…
Apple Filevault?
Same problem…
44. Data Export after the Google Analytics decision
Looking for “safer” alternatives...
45. Data Export after the Google Analytics decision
Alternatives to Google Analytics
(For what it’s worth)
Matomo
EU based
Privacy centric
€ 19/month - € 35/month for 30 sites and 30 users
Extensive options
Rather costly in full service
Used by governments, banks, …
Piwik Pro
EU based
Privacy centric
Free up to 10 sites and 500.000 PV/month
Extesive options
Same origin as Matomo
Simple Analytics
EU based
Like the name says… simple
€ 19/month entry level - € 59/month business
1 mio page views - 10 users
May not suffice for full commercial analytics
Plausible Analytics
EU based
€ 9/month basic up to € 49/month for 1 mio PV’s
Open source
Cookieless (but that is no guarantee for compliance)
May not suffice for full commercial analytics
Fathom
Canadian
But with “EU Isolation” feature
Guarantees data residency in EU
Rather complete options
€ 14/month - € 44/month for 50 sites and
500.000 PV’s
46. Data Export after the Google Analytics decision
Alternatives to Mailchimp
(Again, for what it’s worth)
Flexmail
Belgian based
Privacy centric
Good Mailchimp alternative
Extensive options
ActiveCampaign (?)
Maybe…
US based
But with EU data processing guarantee
What else?
We’re still looking for any other reliable
alternatives, to be honest…
Emaillabs.io
(?)
EU based
But mainly focused on e-mail tracking
As far as we see not a full replacement for
Mailchimp
47. Data Export after the Google Analytics decision
Alternatives to O365 en MS Teams
(Again, for what it’s worth)
Nextcloud
EU based
Open source (free)
Host-it-yourself solution
Cloud storage + office tools + comm tools
Cryptpad
French based
Full office productivity suite
End-to-end encryption
Crypt.ee
Document storage + editing
End-to-end encryption
O365 itself?
Compliance should theoretically be possible
With full ”zero access” encryption
Google
Workspace?
Already offers
Strong Google based encryption
EU server location and back-up
With additional “zero access” encryption, compliance seems possible
Third party encryption tool for Workspace: Boxcryptor
49. Data Export after the Google Analytics decision
Title Title
There is a major issue with
all data transfers outside
the EU, including yours
You should:
List
Assess
Document
Secure
or Replace
This is part of a
fundamentally different
view on privacy between
the EU and the US, China,
Russia, …
You are liable for all data
export by cloud services,
online tools, apps, … within
your organisation.
So get and stay in control!
Key takeaways
from all of this
50. Data Export after the Google Analytics decision
Why?
Business
continuity
disturbance
Reputational
damage
Liability ico
data breach
High fines &
actual
enforcement
51. Data Export after the Google Analytics decision
And if needed, we can help…
54. Data Export after the Google Analytics decision
Our recent work in data protection...
55. Data Export after the Google Analytics decision
Any remaining questions?
www.siriuslegal.be
bart@siriuslegal.be
+32 486 901 931
+32 485 586 208
linkedin.com/company/sirius-legal-law-firm