SlideShare a Scribd company logo

Gdpr compliance univ'air carslon wagon lit 5 oktober 2017

Download as PPTX, PDF
Bart Van Den Brande
Bart Van Den Brande

The GDPR will have a significant impact on travel and marketing industries beginning May 2018. It establishes much stricter rules around personal data processing and privacy. Non-compliance can result in fines up to 4% of annual global turnover or 20 million euros. Key changes include strengthened data subject rights, accountability requirements for all data processing, security obligations, and mandatory breach reporting. Companies need to audit all data practices and subcontractors to ensure compliance. Preparation may take 1-10 months depending on company size and complexity.

Law
1 of 32
Sirius Legal GDPR impact on the travel industry Univ’Airplus, 5 October 2017
New “Privacy Law” coming your way… General Data Protection Regulation 2016/679 (GDPR/AVGB) Regulation instead of Directive – 1 law for 28 states Agreement reached last December 2015 Enters into force on 25 May 2018 (without grace period!) New rules are MUCH stricter than current law and impact EVERYONE present here today
General Data Protection Regulation Heavily influenced by consumer protection activists in EP Result: Consumer friendly, but serious restraints for direct marketing, e-commerce and especially personalisation, profiling, real time marketing and big data Applicable on ALL data processing, except personal (private) contact lists (e.g. private Outlook account)
Don’t be this guy, be prepared… All e-commerce and online marketing run on personal data This is no different in today’s digital travel industry GDPR applies to ALL databases (clients, marketing, sales, HR, purchasing, accounting, …) In the words of the European Commission: “data has become a currency” (cfr. Draft Directive 2015/0287 on digital content delivery contracts) Fines up to 4% of annual turnover or 20 mio euro
Basic principles of GDPR Accountability Transaprancy Data Protection by design Data protection by default Purpose limitation Data minimisation Accuracy Limited retention time Data security
(Online) marketing today… Base of all marketing is data Heatmapping Measure everything NATM Amsterdam, 4 July 2017
(Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar Basis van alle marketing is data Remarketing Iedereen is individualiseerbaar en bereikbaar
Security & internal processes 1. Working with subcontractors that process data Obligation to work only with subcontractors that guarantee sufficient data security Obligation to have written contracts wth all subcontractors List of mandatory clauses in such contracts Booking engine, TO/agency, external marketeer, … = Need to audit/map all existing subcontracting/service contracts/licenses Mailchimp, Criteo, Eventbrite, (Google) Analytics, internal messaging (e.g.Slack), …
Security & internal processes 2. Record of processing activities Obligation to maintain a “record of processing activities” Holding ID of processor, processed data, categories, transfers, time limits, security measures In writing at the seat of your company Privacy Commission to launch template by 15 June Bookings, mailings, transfers to third parties, opt-outs, …
Security & internal processes 3. Data security measures “Processor shall implement appropriate technical and organizational measures, to ensure an appropriate level of security” Pseudonymisation where possible, confidentiality, security, back ups in place, security testing protocols, … = Need to audit/map data within company
Security & internal processes 4. Data Protection Impact Assessment If possible high impact on data subject privacy rights Obligation to run prior (documented) impact assessment Advice of DPO required if DPO is present in the organization Should be used as basis to ensure adequate security levels Privacy Commission to specify when DPIA is required If DPIA shows high risk: obtain Prior Assessment from Privacy Commission
Security & internal processes 5. Data breach notification Obligation to notify any data security breach to the Privacy Commission Asap or at least within 72 hours Nature of breach, possible consequences, measures taken, etc… (= obligation to document data breach) = Need to have data breach procedure in place If possible consequences for data subjects: obligation to notify them in person!
Security & internal processes 5. Data Protection Officer If core activity of processor Requires large scale data monitoring Consists of large scale data monitoring Series of requirements and conditions Details to be specified Inform & advise, monitor compliance, SPOC for authorities
Information obligations & rights of data subjects 1. Lawfulness of processing (“on which grounds can I proces data?”) Prior opt-in remains the basic rule (+ proof required) “Processing is required for the execution of a contract” “Legitimate grounds” DM “may be considered” legitimate, but “Personal data should be processed only if the purpose of the processing could not reasonably be fulfilled by other means” If existing client relationship: OK, otherwise not so evidently OK
(Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar De impact van de GDPR op uw marketing en prospectie Business meets IT, Blue Point Antwerpen, 1 juni 2017 Analytics – e-mail tagging Most often no opt-in Processing personal data (IP-adres)? Legitimate grounds?
(Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar Basis van alle marketing is data Remarketing Iedereen is individualiseerbaar en bereikbaar
Information obligations & rights of data subjects 2. Processing of data belonging to minor (-13 Y/O, -16 Y/O) Always requires explicit authorisation by parents! “Reasonable efforts” to check age and obtain authorisation eID?, Facebook login?, credit card data?, live chat, …?
Information obligations & rights of data subjects 3. Information obligations Obligation to notify data subject of the fact that his data is being / has been collected (or transferred) without his explicit consent Within 30 days or upon first contact = Data obtained from booking tools, travel agency, affiliate, data brokers, partner organisations, online collection…
Information obligations & rights of data subjects 3. Information obligations Obligation falls if Data subject already knows (= online booking engine or affiliate, travel agency, …) or Information provision requires disproportionate effort (= open door to creativity…)
Information obligations & rights of data subjects 4. Right not to be submitted to profiling If the person has a legitimate interest to do so, he has a right to object against processing/profiling Objection against processing/profiling for direct marketing purposes is always possible Remarketing, trigger based marketing, …
(Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar De impact van de GDPR op uw marketing en prospectie Business meets IT, Blue Point Antwerpen, 1 juni 2017 Basis of all marketing is data and profiling/segmentation Remarketing – Segmentation – trigger based – location based The right offer for the right consumer at the right moment But right to be informed and right to object Challenge: convince people not to object…
Information obligations & rights of data subjects 5. Right to object to automatic decision taking Right Not to be subject to a decision Producing legal effects / significantly affects Solely based on automated processing of data Intended to evaluate certain personal aspects Examples Creditworthiness, reliability and conduct Also applies to DM “decisions” (e.g. send offer or not)
Information obligations & rights of data subjects 6. Right to be forgotten Upon request by data subject, processor has to take all reasonable measures to permantently delete data + to ensure that third parties that have copies of or links to data are warned of the request and are asked to do the same
Information obligations & rights of data subjects 7. “Pseudonymous data” 8. “Privacy by design” 9. “privacy by default” (cfr. recent Telenet “personalized advertising…”) 10. …
Helping hand Code of Conduct = “ethical code” of associations Contain rules on how to handle data for their members Can be approved by authorities Association has to provide control/supervision Advantage: once approved can create presumption of compliance with series of obligations for association members ABTO / VVR / …?
Be prepared… Those who are not prepared face trouble… Provisions of highest importance (cfr. profiling = high risk processing) Fines up to 20 million euro Fines up to 4% of worldwide annual turnover (for undertakings) Reform of Privacy Commission will lead to actual enforcement… + Remedies for data subject
Be prepared…
Be prepared…
Be prepared…
Independants Work load +/- 2 days Timing: 3 to 4 weeks SME’s Work load Depending on size, maturity and complexity Work load: 5 to 25 days Timing: 1 to 4 months Corporate entities Depending on size, maturity and complexity Work load: 20 to … days Timing: 3 to 10 months Be prepared…
Sirius Legal Media & advertisement law IP law Internet & e-commerce Privacy & cookies Gambling law Travel & consumer protection Commercial & contracts Corporate - tax - labour - immo bart@siriuslegal.be www.siriuslegal.be @BartVdBrande Linkedin.com/in/bartvdb

Recommended

Gdpr compliance. Presentation for Consulegis Lawyers network
Gdpr compliance. Presentation for Consulegis Lawyers networkGdpr compliance. Presentation for Consulegis Lawyers network
Gdpr compliance. Presentation for Consulegis Lawyers network
Bart Van Den Brande
 
Abto ledenvergadering: gdpr impact on the travel industry 2017
Abto ledenvergadering: gdpr impact on the travel industry 2017Abto ledenvergadering: gdpr impact on the travel industry 2017
Abto ledenvergadering: gdpr impact on the travel industry 2017
Bart Van Den Brande
 
Magento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
Magento checklist AVG / GDPR - Algemene Verordering GegevensbeschermingMagento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
Magento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
Erwin Otten
 
Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016
Bart Van Den Brande
 
GDPR practical info session for development
GDPR practical info session for developmentGDPR practical info session for development
GDPR practical info session for development
Tomppa Järvinen
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
dan hyde
 
GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018
Marjane Moghimi, ERP
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
Vicky Dallas
 

Recommended

Gdpr compliance. Presentation for Consulegis Lawyers network
Gdpr compliance. Presentation for Consulegis Lawyers networkGdpr compliance. Presentation for Consulegis Lawyers network
Gdpr compliance. Presentation for Consulegis Lawyers network
Bart Van Den Brande
 
Abto ledenvergadering: gdpr impact on the travel industry 2017
Abto ledenvergadering: gdpr impact on the travel industry 2017Abto ledenvergadering: gdpr impact on the travel industry 2017
Abto ledenvergadering: gdpr impact on the travel industry 2017
Bart Van Den Brande
 
Magento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
Magento checklist AVG / GDPR - Algemene Verordering GegevensbeschermingMagento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
Magento checklist AVG / GDPR - Algemene Verordering Gegevensbescherming
Erwin Otten
 
Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016
Bart Van Den Brande
 
GDPR practical info session for development
GDPR practical info session for developmentGDPR practical info session for development
GDPR practical info session for development
Tomppa Järvinen
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
dan hyde
 
GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018GDPR will be the new regulation on may 2018
GDPR will be the new regulation on may 2018
Marjane Moghimi, ERP
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
Vicky Dallas
 
GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketing
Spotler
 
Privacy and data protection in credit scoring
Privacy and data protection in credit scoring Privacy and data protection in credit scoring
Privacy and data protection in credit scoring
Bart Van Den Brande
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
Fintan Swanton
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
Aaron Banham
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
Lilian Edwards
 
Get you and your business GDPR ready
Get you and your business GDPR readyGet you and your business GDPR ready
Get you and your business GDPR ready
Harrison Clark Rickerbys
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
Dave James
 
GDPR - a view for the non experts
GDPR - a view for the non expertsGDPR - a view for the non experts
GDPR - a view for the non experts
Claudio Bolla, CISM
 
Gdpr in a nutshell
Gdpr in a nutshellGdpr in a nutshell
Gdpr in a nutshell
Matthew Butler
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
Paul O'Carroll
 
GDPR for dummies
GDPR for dummies GDPR for dummies
GDPR for dummies
Benoît De Nayer
 
How to get started with being GDPR compliant
How to get started with being GDPR compliantHow to get started with being GDPR compliant
How to get started with being GDPR compliant
Siddharth Ram Dinesh
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
HackerOne
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
Omo Osagiede
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
BCC - Solutions for IBM Collaboration Software
 
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?
Ulf Mattsson
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
TrustArc
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
Jean-Michel Tyszka
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processing
Tim Gough
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
BCC - Solutions for IBM Collaboration Software
 
De impact van de GDPR op de reissector
De impact van de GDPR op de reissectorDe impact van de GDPR op de reissector
De impact van de GDPR op de reissector
Bart Van Den Brande
 
Gdpr and smart cities
Gdpr and smart citiesGdpr and smart cities
Gdpr and smart cities
Bart Van Den Brande
 

More Related Content

What's hot

GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketing
Spotler
 
Privacy and data protection in credit scoring
Privacy and data protection in credit scoring Privacy and data protection in credit scoring
Privacy and data protection in credit scoring
Bart Van Den Brande
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
Fintan Swanton
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
Aaron Banham
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
Lilian Edwards
 
Get you and your business GDPR ready
Get you and your business GDPR readyGet you and your business GDPR ready
Get you and your business GDPR ready
Harrison Clark Rickerbys
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
Dave James
 
GDPR - a view for the non experts
GDPR - a view for the non expertsGDPR - a view for the non experts
GDPR - a view for the non experts
Claudio Bolla, CISM
 
Gdpr in a nutshell
Gdpr in a nutshellGdpr in a nutshell
Gdpr in a nutshell
Matthew Butler
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
Paul O'Carroll
 
GDPR for dummies
GDPR for dummies GDPR for dummies
GDPR for dummies
Benoît De Nayer
 
How to get started with being GDPR compliant
How to get started with being GDPR compliantHow to get started with being GDPR compliant
How to get started with being GDPR compliant
Siddharth Ram Dinesh
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
HackerOne
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
Omo Osagiede
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
BCC - Solutions for IBM Collaboration Software
 
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?
Ulf Mattsson
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
TrustArc
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
Jean-Michel Tyszka
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processing
Tim Gough
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
BCC - Solutions for IBM Collaboration Software
 

What's hot (20)

GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketing
 
Privacy and data protection in credit scoring
Privacy and data protection in credit scoring Privacy and data protection in credit scoring
Privacy and data protection in credit scoring
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 
Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0Associates quick guide to gdpr v 1.0
Associates quick guide to gdpr v 1.0
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
Get you and your business GDPR ready
Get you and your business GDPR readyGet you and your business GDPR ready
Get you and your business GDPR ready
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
 
GDPR - a view for the non experts
GDPR - a view for the non expertsGDPR - a view for the non experts
GDPR - a view for the non experts
 
Gdpr in a nutshell
Gdpr in a nutshellGdpr in a nutshell
Gdpr in a nutshell
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
 
GDPR for dummies
GDPR for dummies GDPR for dummies
GDPR for dummies
 
How to get started with being GDPR compliant
How to get started with being GDPR compliantHow to get started with being GDPR compliant
How to get started with being GDPR compliant
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
 
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processing
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 

Similar to Gdpr compliance univ'air carslon wagon lit 5 oktober 2017

De impact van de GDPR op de reissector
De impact van de GDPR op de reissectorDe impact van de GDPR op de reissector
De impact van de GDPR op de reissector
Bart Van Den Brande
 
Gdpr and smart cities
Gdpr and smart citiesGdpr and smart cities
Gdpr and smart cities
Bart Van Den Brande
 
Gdpr and smart cities
Gdpr and smart citiesGdpr and smart cities
Gdpr and smart cities
Bart Van Den Brande
 
20481112 travelmedia congres gdpr in de travelindustrie in 2019
20481112 travelmedia congres gdpr in de travelindustrie in 201920481112 travelmedia congres gdpr in de travelindustrie in 2019
20481112 travelmedia congres gdpr in de travelindustrie in 2019
Bart Van Den Brande
 
Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
20181125 vef congres gdpr 2019
20181125 vef congres gdpr 201920181125 vef congres gdpr 2019
20181125 vef congres gdpr 2019
Bart Van Den Brande
 
CMR - GDPR - general introduction for marketeers
CMR - GDPR - general introduction for marketeersCMR - GDPR - general introduction for marketeers
CMR - GDPR - general introduction for marketeers
The CMR Agency
 
The Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPRThe Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPR
Case IQ
 
UBA legal changes in marketing automation
UBA legal changes in marketing automation UBA legal changes in marketing automation
UBA legal changes in marketing automation
Bart Van Den Brande
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charities
Tech Trust
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository
XeniT Solutions nv
 
Board Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationBoard Priorities for GDPR Implementation
Board Priorities for GDPR Implementation
Joseph V. Moreno
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
Dr. Donald Macfarlane
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
SCCE Processors and GDPR
SCCE Processors and GDPRSCCE Processors and GDPR
SCCE Processors and GDPR
Robert Bond
 
A very clear gdpr story for normal people
A very clear gdpr story for normal peopleA very clear gdpr story for normal people
A very clear gdpr story for normal people
Hans Demeyer
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
BenjaminShalevSalovi
 
The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018
Shane Gray
 
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPRDigital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Richard Veryard
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors
 

Similar to Gdpr compliance univ'air carslon wagon lit 5 oktober 2017 (20)

De impact van de GDPR op de reissector
De impact van de GDPR op de reissectorDe impact van de GDPR op de reissector
De impact van de GDPR op de reissector
 
Gdpr and smart cities
Gdpr and smart citiesGdpr and smart cities
Gdpr and smart cities
 
Gdpr and smart cities
Gdpr and smart citiesGdpr and smart cities
Gdpr and smart cities
 
20481112 travelmedia congres gdpr in de travelindustrie in 2019
20481112 travelmedia congres gdpr in de travelindustrie in 201920481112 travelmedia congres gdpr in de travelindustrie in 2019
20481112 travelmedia congres gdpr in de travelindustrie in 2019
 
Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdf
 
20181125 vef congres gdpr 2019
20181125 vef congres gdpr 201920181125 vef congres gdpr 2019
20181125 vef congres gdpr 2019
 
CMR - GDPR - general introduction for marketeers
CMR - GDPR - general introduction for marketeersCMR - GDPR - general introduction for marketeers
CMR - GDPR - general introduction for marketeers
 
The Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPRThe Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPR
 
UBA legal changes in marketing automation
UBA legal changes in marketing automation UBA legal changes in marketing automation
UBA legal changes in marketing automation
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charities
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository
 
Board Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationBoard Priorities for GDPR Implementation
Board Priorities for GDPR Implementation
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
SCCE Processors and GDPR
SCCE Processors and GDPRSCCE Processors and GDPR
SCCE Processors and GDPR
 
A very clear gdpr story for normal people
A very clear gdpr story for normal peopleA very clear gdpr story for normal people
A very clear gdpr story for normal people
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018
 
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPRDigital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
 
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdprSharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
Sharp Cookie Advisors legal_botar_ai_dataskydd_gdpr
 

More from Bart Van Den Brande

Start2AIM Legal focus points for AI in Marketing
Start2AIM Legal focus points for AI in Marketing Start2AIM Legal focus points for AI in Marketing
Start2AIM Legal focus points for AI in Marketing
Bart Van Den Brande
 
Data export after the Google Analytics decision
Data export after the Google Analytics decisionData export after the Google Analytics decision
Data export after the Google Analytics decision
Bart Van Den Brande
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision
Bart Van Den Brande
 
20211116 gastles UCLL Hogeschool: Legal compliant websites
20211116 gastles UCLL Hogeschool: Legal compliant websites20211116 gastles UCLL Hogeschool: Legal compliant websites
20211116 gastles UCLL Hogeschool: Legal compliant websites
Bart Van Den Brande
 
20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...
20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...
20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...
Bart Van Den Brande
 
SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021
SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021
SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021
Bart Van Den Brande
 
20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos
Bart Van Den Brande
 
Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...
Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...
Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...
Bart Van Den Brande
 
20201211 DPIA webinar
20201211 DPIA webinar20201211 DPIA webinar
20201211 DPIA webinar
Bart Van Den Brande
 
20201214 schrems II webinar politeia
20201214 schrems II webinar politeia20201214 schrems II webinar politeia
20201214 schrems II webinar politeia
Bart Van Den Brande
 
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020
Bart Van Den Brande
 
Schrems II, wat nu?
Schrems II, wat nu?Schrems II, wat nu?
Schrems II, wat nu?
Bart Van Den Brande
 
Direct marketing and data protection in fundraising
Direct marketing and data protection in fundraisingDirect marketing and data protection in fundraising
Direct marketing and data protection in fundraising
Bart Van Den Brande
 
Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)
Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)
Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)
Bart Van Den Brande
 
fvb 10 praktische tips om correct om te gaan met klantendata (1)
fvb 10 praktische tips om correct om te gaan met klantendata (1)fvb 10 praktische tips om correct om te gaan met klantendata (1)
fvb 10 praktische tips om correct om te gaan met klantendata (1)
Bart Van Den Brande
 
Sirius Friday Corona Webinar
Sirius Friday Corona WebinarSirius Friday Corona Webinar
Sirius Friday Corona Webinar
Bart Van Den Brande
 
The somewhat awkward marriage between digital marketing and data protection (...
The somewhat awkward marriage between digital marketing and data protection (...The somewhat awkward marriage between digital marketing and data protection (...
The somewhat awkward marriage between digital marketing and data protection (...
Bart Van Den Brande
 
Omgaan met data in e-commerce na de komst van GDPR en ePrivacy
Omgaan met data in e-commerce na de komst van GDPR en ePrivacyOmgaan met data in e-commerce na de komst van GDPR en ePrivacy
Omgaan met data in e-commerce na de komst van GDPR en ePrivacy
Bart Van Den Brande
 
Omgaan met data in tijden van GDPR en Privacy
Omgaan met data in tijden van GDPR en PrivacyOmgaan met data in tijden van GDPR en Privacy
Omgaan met data in tijden van GDPR en Privacy
Bart Van Den Brande
 
Sirius Friday seminarie "1 jaar gdpr"
Sirius Friday seminarie "1 jaar gdpr"Sirius Friday seminarie "1 jaar gdpr"
Sirius Friday seminarie "1 jaar gdpr"
Bart Van Den Brande
 

More from Bart Van Den Brande (20)

Start2AIM Legal focus points for AI in Marketing
Start2AIM Legal focus points for AI in Marketing Start2AIM Legal focus points for AI in Marketing
Start2AIM Legal focus points for AI in Marketing
 
Data export after the Google Analytics decision
Data export after the Google Analytics decisionData export after the Google Analytics decision
Data export after the Google Analytics decision
 
20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision 20220211 Data export after the Google Analytics decision
20220211 Data export after the Google Analytics decision
 
20211116 gastles UCLL Hogeschool: Legal compliant websites
20211116 gastles UCLL Hogeschool: Legal compliant websites20211116 gastles UCLL Hogeschool: Legal compliant websites
20211116 gastles UCLL Hogeschool: Legal compliant websites
 
20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...
20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...
20211118 BAM webinar: Hoe kies ik veilige (marketing automation) tools in tij...
 
SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021
SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021
SafeShops wijzigingen in intracommunautaire btw vanaf 1 juli 2021
 
20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos
 
Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...
Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...
Sirius Legal presentatie voor Voka: 10 praktische tips om correct om te gaan ...
 
20201211 DPIA webinar
20201211 DPIA webinar20201211 DPIA webinar
20201211 DPIA webinar
 
20201214 schrems II webinar politeia
20201214 schrems II webinar politeia20201214 schrems II webinar politeia
20201214 schrems II webinar politeia
 
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020
Wedstrijden en social media. Gastles Odisee Hogeschool 17/11/2020
 
Schrems II, wat nu?
Schrems II, wat nu?Schrems II, wat nu?
Schrems II, wat nu?
 
Direct marketing and data protection in fundraising
Direct marketing and data protection in fundraisingDirect marketing and data protection in fundraising
Direct marketing and data protection in fundraising
 
Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)
Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)
Sirius Legal Gastles aan Thomas More Hogeschool: e commerce en gdpr (1)
 
fvb 10 praktische tips om correct om te gaan met klantendata (1)
fvb 10 praktische tips om correct om te gaan met klantendata (1)fvb 10 praktische tips om correct om te gaan met klantendata (1)
fvb 10 praktische tips om correct om te gaan met klantendata (1)
 
Sirius Friday Corona Webinar
Sirius Friday Corona WebinarSirius Friday Corona Webinar
Sirius Friday Corona Webinar
 
The somewhat awkward marriage between digital marketing and data protection (...
The somewhat awkward marriage between digital marketing and data protection (...The somewhat awkward marriage between digital marketing and data protection (...
The somewhat awkward marriage between digital marketing and data protection (...
 
Omgaan met data in e-commerce na de komst van GDPR en ePrivacy
Omgaan met data in e-commerce na de komst van GDPR en ePrivacyOmgaan met data in e-commerce na de komst van GDPR en ePrivacy
Omgaan met data in e-commerce na de komst van GDPR en ePrivacy
 
Omgaan met data in tijden van GDPR en Privacy
Omgaan met data in tijden van GDPR en PrivacyOmgaan met data in tijden van GDPR en Privacy
Omgaan met data in tijden van GDPR en Privacy
 
Sirius Friday seminarie "1 jaar gdpr"
Sirius Friday seminarie "1 jaar gdpr"Sirius Friday seminarie "1 jaar gdpr"
Sirius Friday seminarie "1 jaar gdpr"
 

Recently uploaded

Patenting_Innovations_in_3D_Printing_Prosthetics.pptx
Patenting_Innovations_in_3D_Printing_Prosthetics.pptxPatenting_Innovations_in_3D_Printing_Prosthetics.pptx
Patenting_Innovations_in_3D_Printing_Prosthetics.pptx
ssuser559494
 
San Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at SeaSan Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at Sea
Justin Ordoyo
 
Genocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptxGenocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptx
MasoudZamani13
 
一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理
一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理
一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理
gjsma0ep
 
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee
 
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and ToolsThe Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
Milind Agarwal
 
Matthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government LiaisonMatthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government Liaison
MattGardner52
 
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence Lawyers
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence LawyersDefending Weapons Offence Charges: Role of Mississauga Criminal Defence Lawyers
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence Lawyers
HarpreetSaini48
 
Receivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptxReceivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样
在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样
在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样
osenwakm
 
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Massimo Talia
 
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
osenwakm
 
The Work Permit for Self-Employed Persons in Italy
The Work Permit for Self-Employed Persons in ItalyThe Work Permit for Self-Employed Persons in Italy
The Work Permit for Self-Employed Persons in Italy
BridgeWest.eu
 
The Future of Criminal Defense Lawyer in India.pdf
The Future of Criminal Defense Lawyer in India.pdfThe Future of Criminal Defense Lawyer in India.pdf
The Future of Criminal Defense Lawyer in India.pdf
veteranlegal
 
Business Laws Sunita saha
Business Laws Sunita sahaBusiness Laws Sunita saha
Business Laws Sunita saha
sunitasaha5
 
fnaf lore.pptx ...................................
fnaf lore.pptx ...................................fnaf lore.pptx ...................................
fnaf lore.pptx ...................................
20jcoello
 
What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...
lawyersonia
 
Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976
PelayoGilbert
 
Lifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point PresentationLifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point Presentation
seri bangash
 
From Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal EnvironmentsFrom Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal Environments
ssusera97a2f
 

Recently uploaded (20)

Patenting_Innovations_in_3D_Printing_Prosthetics.pptx
Patenting_Innovations_in_3D_Printing_Prosthetics.pptxPatenting_Innovations_in_3D_Printing_Prosthetics.pptx
Patenting_Innovations_in_3D_Printing_Prosthetics.pptx
 
San Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at SeaSan Remo Manual on International Law Applicable to Armed Conflict at Sea
San Remo Manual on International Law Applicable to Armed Conflict at Sea
 
Genocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptxGenocide in International Criminal Law.pptx
Genocide in International Criminal Law.pptx
 
一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理
一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理
一比一原版(Lincoln毕业证)新西兰林肯大学毕业证如何办理
 
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...
 
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and ToolsThe Art and Science of Cryptoforensic Investigation: Best Practices and Tools
The Art and Science of Cryptoforensic Investigation: Best Practices and Tools
 
Matthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government LiaisonMatthew Professional CV experienced Government Liaison
Matthew Professional CV experienced Government Liaison
 
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence Lawyers
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence LawyersDefending Weapons Offence Charges: Role of Mississauga Criminal Defence Lawyers
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence Lawyers
 
Receivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptxReceivership and liquidation Accounts Prof. Oyedokun.pptx
Receivership and liquidation Accounts Prof. Oyedokun.pptx
 
在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样
在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样
在线办理(SU毕业证书)美国雪城大学毕业证成绩单一模一样
 
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...
 
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
原版制作(PSU毕业证书)宾州州立大学公园分校毕业证学历证书一模一样
 
The Work Permit for Self-Employed Persons in Italy
The Work Permit for Self-Employed Persons in ItalyThe Work Permit for Self-Employed Persons in Italy
The Work Permit for Self-Employed Persons in Italy
 
The Future of Criminal Defense Lawyer in India.pdf
The Future of Criminal Defense Lawyer in India.pdfThe Future of Criminal Defense Lawyer in India.pdf
The Future of Criminal Defense Lawyer in India.pdf
 
Business Laws Sunita saha
Business Laws Sunita sahaBusiness Laws Sunita saha
Business Laws Sunita saha
 
fnaf lore.pptx ...................................
fnaf lore.pptx ...................................fnaf lore.pptx ...................................
fnaf lore.pptx ...................................
 
What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...What are the common challenges faced by women lawyers working in the legal pr...
What are the common challenges faced by women lawyers working in the legal pr...
 
Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976
 
Lifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point PresentationLifting the Corporate Veil. Power Point Presentation
Lifting the Corporate Veil. Power Point Presentation
 
From Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal EnvironmentsFrom Promise to Practice. Implementing AI in Legal Environments
From Promise to Practice. Implementing AI in Legal Environments
 

Gdpr compliance univ'air carslon wagon lit 5 oktober 2017

  • 1. Sirius Legal GDPR impact on the travel industry Univ’Airplus, 5 October 2017
  • 2.
  • 3. New “Privacy Law” coming your way… General Data Protection Regulation 2016/679 (GDPR/AVGB) Regulation instead of Directive – 1 law for 28 states Agreement reached last December 2015 Enters into force on 25 May 2018 (without grace period!) New rules are MUCH stricter than current law and impact EVERYONE present here today
  • 4. General Data Protection Regulation Heavily influenced by consumer protection activists in EP Result: Consumer friendly, but serious restraints for direct marketing, e-commerce and especially personalisation, profiling, real time marketing and big data Applicable on ALL data processing, except personal (private) contact lists (e.g. private Outlook account)
  • 5. Don’t be this guy, be prepared… All e-commerce and online marketing run on personal data This is no different in today’s digital travel industry GDPR applies to ALL databases (clients, marketing, sales, HR, purchasing, accounting, …) In the words of the European Commission: “data has become a currency” (cfr. Draft Directive 2015/0287 on digital content delivery contracts) Fines up to 4% of annual turnover or 20 mio euro
  • 6. Basic principles of GDPR Accountability Transaprancy Data Protection by design Data protection by default Purpose limitation Data minimisation Accuracy Limited retention time Data security
  • 7. (Online) marketing today… Base of all marketing is data Heatmapping Measure everything NATM Amsterdam, 4 July 2017
  • 8. (Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar Basis van alle marketing is data Remarketing Iedereen is individualiseerbaar en bereikbaar
  • 9. Security & internal processes 1. Working with subcontractors that process data Obligation to work only with subcontractors that guarantee sufficient data security Obligation to have written contracts wth all subcontractors List of mandatory clauses in such contracts Booking engine, TO/agency, external marketeer, … = Need to audit/map all existing subcontracting/service contracts/licenses Mailchimp, Criteo, Eventbrite, (Google) Analytics, internal messaging (e.g.Slack), …
  • 10. Security & internal processes 2. Record of processing activities Obligation to maintain a “record of processing activities” Holding ID of processor, processed data, categories, transfers, time limits, security measures In writing at the seat of your company Privacy Commission to launch template by 15 June Bookings, mailings, transfers to third parties, opt-outs, …
  • 11. Security & internal processes 3. Data security measures “Processor shall implement appropriate technical and organizational measures, to ensure an appropriate level of security” Pseudonymisation where possible, confidentiality, security, back ups in place, security testing protocols, … = Need to audit/map data within company
  • 12. Security & internal processes 4. Data Protection Impact Assessment If possible high impact on data subject privacy rights Obligation to run prior (documented) impact assessment Advice of DPO required if DPO is present in the organization Should be used as basis to ensure adequate security levels Privacy Commission to specify when DPIA is required If DPIA shows high risk: obtain Prior Assessment from Privacy Commission
  • 13. Security & internal processes 5. Data breach notification Obligation to notify any data security breach to the Privacy Commission Asap or at least within 72 hours Nature of breach, possible consequences, measures taken, etc… (= obligation to document data breach) = Need to have data breach procedure in place If possible consequences for data subjects: obligation to notify them in person!
  • 14. Security & internal processes 5. Data Protection Officer If core activity of processor Requires large scale data monitoring Consists of large scale data monitoring Series of requirements and conditions Details to be specified Inform & advise, monitor compliance, SPOC for authorities
  • 15. Information obligations & rights of data subjects 1. Lawfulness of processing (“on which grounds can I proces data?”) Prior opt-in remains the basic rule (+ proof required) “Processing is required for the execution of a contract” “Legitimate grounds” DM “may be considered” legitimate, but “Personal data should be processed only if the purpose of the processing could not reasonably be fulfilled by other means” If existing client relationship: OK, otherwise not so evidently OK
  • 16. (Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar De impact van de GDPR op uw marketing en prospectie Business meets IT, Blue Point Antwerpen, 1 juni 2017 Analytics – e-mail tagging Most often no opt-in Processing personal data (IP-adres)? Legitimate grounds?
  • 17. (Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar Basis van alle marketing is data Remarketing Iedereen is individualiseerbaar en bereikbaar
  • 18. Information obligations & rights of data subjects 2. Processing of data belonging to minor (-13 Y/O, -16 Y/O) Always requires explicit authorisation by parents! “Reasonable efforts” to check age and obtain authorisation eID?, Facebook login?, credit card data?, live chat, …?
  • 19. Information obligations & rights of data subjects 3. Information obligations Obligation to notify data subject of the fact that his data is being / has been collected (or transferred) without his explicit consent Within 30 days or upon first contact = Data obtained from booking tools, travel agency, affiliate, data brokers, partner organisations, online collection…
  • 20. Information obligations & rights of data subjects 3. Information obligations Obligation falls if Data subject already knows (= online booking engine or affiliate, travel agency, …) or Information provision requires disproportionate effort (= open door to creativity…)
  • 21. Information obligations & rights of data subjects 4. Right not to be submitted to profiling If the person has a legitimate interest to do so, he has a right to object against processing/profiling Objection against processing/profiling for direct marketing purposes is always possible Remarketing, trigger based marketing, …
  • 22. (Online) marketing vandaag… Basis van alle marketing is data Heatmapping Alles is meetbaar De impact van de GDPR op uw marketing en prospectie Business meets IT, Blue Point Antwerpen, 1 juni 2017 Basis of all marketing is data and profiling/segmentation Remarketing – Segmentation – trigger based – location based The right offer for the right consumer at the right moment But right to be informed and right to object Challenge: convince people not to object…
  • 23. Information obligations & rights of data subjects 5. Right to object to automatic decision taking Right Not to be subject to a decision Producing legal effects / significantly affects Solely based on automated processing of data Intended to evaluate certain personal aspects Examples Creditworthiness, reliability and conduct Also applies to DM “decisions” (e.g. send offer or not)
  • 24. Information obligations & rights of data subjects 6. Right to be forgotten Upon request by data subject, processor has to take all reasonable measures to permantently delete data + to ensure that third parties that have copies of or links to data are warned of the request and are asked to do the same
  • 25. Information obligations & rights of data subjects 7. “Pseudonymous data” 8. “Privacy by design” 9. “privacy by default” (cfr. recent Telenet “personalized advertising…”) 10. …
  • 26. Helping hand Code of Conduct = “ethical code” of associations Contain rules on how to handle data for their members Can be approved by authorities Association has to provide control/supervision Advantage: once approved can create presumption of compliance with series of obligations for association members ABTO / VVR / …?
  • 27. Be prepared… Those who are not prepared face trouble… Provisions of highest importance (cfr. profiling = high risk processing) Fines up to 20 million euro Fines up to 4% of worldwide annual turnover (for undertakings) Reform of Privacy Commission will lead to actual enforcement… + Remedies for data subject
  • 31. Independants Work load +/- 2 days Timing: 3 to 4 weeks SME’s Work load Depending on size, maturity and complexity Work load: 5 to 25 days Timing: 1 to 4 months Corporate entities Depending on size, maturity and complexity Work load: 20 to … days Timing: 3 to 10 months Be prepared…
  • 32. Sirius Legal Media & advertisement law IP law Internet & e-commerce Privacy & cookies Gambling law Travel & consumer protection Commercial & contracts Corporate - tax - labour - immo bart@siriuslegal.be www.siriuslegal.be @BartVdBrande Linkedin.com/in/bartvdb