The GDPR is a new EU regulation that protects personal data and privacy rights. It applies broadly to any organization that handles EU citizens' data. Key provisions include:
- Significant fines for non-compliance up to €20 million or 4% annual global turnover
- Rights for data subjects to access, correct, and delete their personal data
- Mandates for consent, privacy by design, and data protection officers.
- Breach notification requirements for reporting certain data incidents within 72 hours.
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
An Overview of the new GDPR regulations including:
• Data Protection Frame Work
• GDPR – Responsibilities
• GDPR – Changes
• GDPR - Exemptions
• GDPR – Rights
• Penalty
• Ten High Level Steps
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
An Overview of the new GDPR regulations including:
• Data Protection Frame Work
• GDPR – Responsibilities
• GDPR – Changes
• GDPR - Exemptions
• GDPR – Rights
• Penalty
• Ten High Level Steps
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
Presented on PHPID Online Learning 35.
Komunitas PHP Indonesia
Title: Enabling Data Governance - The Journey through Data Trust, Ethics, and Quality
Eryk B. Pratama
Global IT & Cybersecurity Advisor
General Data Protection Regulation (GDPR) - Cross-Border Data Transferspi
The General Data Protection Regulation will Impact all health data processing companies because of the growing importance of customer and patient data to the manufacturer’s business. All companies have to be compliant by 25th May 2018.
This presentation gives an overview of all the possibilities included in the GDPR to allow Cross-Border Data Transfers to third countries.
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
ControlCase discusses the following: - What is GDPR? - How will it impact me? - How can I become compliant? - What is the timeline? - What are consequences if not met?
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Accountability under the GDPR: What does it mean for Boards & Senior Management?IT Governance Ltd
This webinar provides an overview of:
- The principle of accountability and what it means
- Applying the principle of accountability
- Developing policies and procedures that comply with the Regulation
- Raising GDPR awareness and providing employees with training
- The board's responsibility to appoint a dedicated data privacy team of DPO
- The requirement to conduct data privacy audits and impact assessments
A recording of this webinar is available here:
https://www.youtube.com/watch?v=6KGeMwz7jro&feature=youtu.be
Data transfers to countries outside the EU/EEA under the GDPRIT Governance Ltd
These slides will cover:
-A brief overview of the Regulation and its impact
-The rights of data subjects and rights related to automated decision making and profiling.
-The international transfer of data and appropriate safeguards.
-The derogations from general prohibition of data transfers outside the European Union.
-The requirements that govern one-off and infrequent transfers of personal data.
-The role of the supervisory authority in international transfers.
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
In 2016, the European Union (EU) approved its General Data Protection Regulation (GDPR) to protect European citizens’ data. As a regulation, the GDPR does not require the implementation of legislation, and will immediately become an applicable law as of the 25th of May, 2018.
What is GDPR exactly trying to accomplish? According to the official documents, the goal is the “protection of natural persons with regard to the processing of personal data and on the free movement of such data.”
In short, organizations that conduct business in the EU will need to be compliant with GDPR, and must come to terms with the huge fines that non-compliance can carry. Fines can be up to €20M or 4% of the annual turnover. For companies that experience breaches that result in the loss of personal data (such as Talk Talk, which lost 170,000 people’s data), the fines will be tremendous.
Join us for discussion about GDPR to learn more about:
The principles that organizations that use personal data need to adhere to
The consequences organizations can face if that do not adhere to this new regulation
How your organization can prepare for the future
Data Privacy Trends in 2021: Compliance with New RegulationsPECB
The pandemic has changed the way the world works, shops, and interact; the consequences of this have included an increased reliance on technology for all of these activities and a corresponding increased sharing of personal information through technological mediums. Even before the pandemic, a global push was on to strengthen the protection of personal and health information and the results of these various influences has been an enhancement of privacy legislations globally. Compliance with global security laws is now also a larger concern for organizations everywhere.
The webinar will cover:
Global trends in privacy legislations
Some commonalities between privacy laws
Compliance requirements which can affect your organization
Recorded webinar > https://www.youtube.com/watch?v=BKWf6GTlgAM&feature=youtu.be
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/iso-27001...
https://pecb.com/en/education-and-cer...
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternat...
Slideshare: http://www.slideshare.net/PECBCERTIFI...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
Learn what the EU Global Data Protection Regulation means for your business – Carrot or Stick its your choice but with fines of €20m or up to 4% of Global Revenue (whichever is the larger) being applied for every data breach and every data mis-use after May 2018 the carrot is the better option.
Are you aware? Are you prepared? Do you comply?
To book a free non sales consultation about GDPR with Ian West contact us enquiry@digitalenterprisefest.com
This Webinar featuring guests from the EU Commission, the French data regulator CNIL, DLA Piper and IBM provided an overview of the new EU data protection and privacy perspective from the perspective of the regulation author, regulator, legal advisor and technology providers.
This breakfast club focused on the new Data Protection regime covering what the new regime will entail and what to be thinking about now in order to be ready for the new regulations.
https://www.brownejacobson.com/sectors-and-services/sectors/public-sector
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
Presented on PHPID Online Learning 35.
Komunitas PHP Indonesia
Title: Enabling Data Governance - The Journey through Data Trust, Ethics, and Quality
Eryk B. Pratama
Global IT & Cybersecurity Advisor
General Data Protection Regulation (GDPR) - Cross-Border Data Transferspi
The General Data Protection Regulation will Impact all health data processing companies because of the growing importance of customer and patient data to the manufacturer’s business. All companies have to be compliant by 25th May 2018.
This presentation gives an overview of all the possibilities included in the GDPR to allow Cross-Border Data Transfers to third countries.
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
ControlCase discusses the following: - What is GDPR? - How will it impact me? - How can I become compliant? - What is the timeline? - What are consequences if not met?
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Accountability under the GDPR: What does it mean for Boards & Senior Management?IT Governance Ltd
This webinar provides an overview of:
- The principle of accountability and what it means
- Applying the principle of accountability
- Developing policies and procedures that comply with the Regulation
- Raising GDPR awareness and providing employees with training
- The board's responsibility to appoint a dedicated data privacy team of DPO
- The requirement to conduct data privacy audits and impact assessments
A recording of this webinar is available here:
https://www.youtube.com/watch?v=6KGeMwz7jro&feature=youtu.be
Data transfers to countries outside the EU/EEA under the GDPRIT Governance Ltd
These slides will cover:
-A brief overview of the Regulation and its impact
-The rights of data subjects and rights related to automated decision making and profiling.
-The international transfer of data and appropriate safeguards.
-The derogations from general prohibition of data transfers outside the European Union.
-The requirements that govern one-off and infrequent transfers of personal data.
-The role of the supervisory authority in international transfers.
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
In 2016, the European Union (EU) approved its General Data Protection Regulation (GDPR) to protect European citizens’ data. As a regulation, the GDPR does not require the implementation of legislation, and will immediately become an applicable law as of the 25th of May, 2018.
What is GDPR exactly trying to accomplish? According to the official documents, the goal is the “protection of natural persons with regard to the processing of personal data and on the free movement of such data.”
In short, organizations that conduct business in the EU will need to be compliant with GDPR, and must come to terms with the huge fines that non-compliance can carry. Fines can be up to €20M or 4% of the annual turnover. For companies that experience breaches that result in the loss of personal data (such as Talk Talk, which lost 170,000 people’s data), the fines will be tremendous.
Join us for discussion about GDPR to learn more about:
The principles that organizations that use personal data need to adhere to
The consequences organizations can face if that do not adhere to this new regulation
How your organization can prepare for the future
Data Privacy Trends in 2021: Compliance with New RegulationsPECB
The pandemic has changed the way the world works, shops, and interact; the consequences of this have included an increased reliance on technology for all of these activities and a corresponding increased sharing of personal information through technological mediums. Even before the pandemic, a global push was on to strengthen the protection of personal and health information and the results of these various influences has been an enhancement of privacy legislations globally. Compliance with global security laws is now also a larger concern for organizations everywhere.
The webinar will cover:
Global trends in privacy legislations
Some commonalities between privacy laws
Compliance requirements which can affect your organization
Recorded webinar > https://www.youtube.com/watch?v=BKWf6GTlgAM&feature=youtu.be
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/iso-27001...
https://pecb.com/en/education-and-cer...
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternat...
Slideshare: http://www.slideshare.net/PECBCERTIFI...
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...CIO Edge
Learn what the EU Global Data Protection Regulation means for your business – Carrot or Stick its your choice but with fines of €20m or up to 4% of Global Revenue (whichever is the larger) being applied for every data breach and every data mis-use after May 2018 the carrot is the better option.
Are you aware? Are you prepared? Do you comply?
To book a free non sales consultation about GDPR with Ian West contact us enquiry@digitalenterprisefest.com
This Webinar featuring guests from the EU Commission, the French data regulator CNIL, DLA Piper and IBM provided an overview of the new EU data protection and privacy perspective from the perspective of the regulation author, regulator, legal advisor and technology providers.
This breakfast club focused on the new Data Protection regime covering what the new regime will entail and what to be thinking about now in order to be ready for the new regulations.
https://www.brownejacobson.com/sectors-and-services/sectors/public-sector
General Data Protection Regulation (GDPR) for Identity ArchitectsWSO2
https://wso2.com/solutions/regulatory-compliance/gdpr/
The EU General Data Protection Regulation (GDPR) has many identity architects uniquely positioned to help their organizations to comply with the ruling.
Effective from 25th May 2018, the regulation 2016/679 of the European parliament and of the council, replaces the Data Protection Directive 95/46/EC and is designed to harmonize data privacy laws across Europe. It aims to protect and empower all EU residents' data privacy and to reshape the way organizations across the region approach data privacy. GDPR is also quite prominent due to the heavy penalties introduced for violators — which could be as much as 4% of the annual global turnover or €20 million (whichever is greater).
In this webinar we will discuss all technical aspects of the regulation and what steps you as an identity architect can take to ensure that your security strategy is primed for GDPR.
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.
Introduction to EU General Data Protection Regulation: Planning, Implementat...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data. The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
GDPR – what does it mean for charities and what you need to consider - Iain P...m-hance
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, The European Council and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). EU members have until May 2018 to ensure that they are fully compliant with the new regulation. Regardless of Brexit, organisations in the UK that collect and use personal data will need to comply. In this slide deck Iain gives an overview of GDPR, what the requirements mean for charities and what charities need to consider to be compliant
MyComplianceOffice presents our Oct 26th webinar, “ Prepare Your Firm for GDPR", co-hosted by MCO and Emily Mahoney a Technology Lawyer at Mason Hayes & Curran
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
Gdpr demystified - making sense of the regulationJames Mulhern
Slightly out dated introduction to GDPR, that tries to move away from the headlines on fines and emphasises the global nature of the regulation, the numerous forms of lawful processing and the absolute need to manage privacy and be transparent. Goes on to show how using public cloud can help solve part of the problem.
Domain management and brand protection in the era of the EU's GDPRBartLieben
Overview on how the General Data Protection Regulation clashes with ICANN's obligations imposed upon registries and registrars to have a publicly accessible WHOIS
Key marketing impacts of the GDPR - Rosemary Smith, Director, Opt-4Adestra
From May 2018, the GDPR will affect all processing of personal data including email marketing. This session will outline the key impacts on marketing consent and profiling, and provide practical ideas on how to make your email campaigns legal.
GDPR clinic - A strategic approach for compliance with the European General Data Protection regulation
Paolo Balboni Ph.D. - Founding Partner at ICT Legal Consulting & President of the European Privacy Association
Nicola Franchetto LL.M. - Associate at ICT Legal Consulting &
Fellow of the European Privacy Association
On 25 May 2018 the new General Data Protection Regulation (GDPR) will come into force, replacing all existing data protection regulations.
Payroll bureaus process large amounts of personal data in relation to their customers, their customers’ employees, and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
BrightPay hosted a free CPD accredited webinar alongside Bright Contracts where we discussed everything that accountants, bookkeepers and payroll bureaus need to know about GDPR.
For more information visit https://www.brightpay.co.uk
DNA Testing in Civil and Criminal Matters.pptxpatrons legal
Get insights into DNA testing and its application in civil and criminal matters. Find out how it contributes to fair and accurate legal proceedings. For more information: https://www.patronslegal.com/criminal-litigation.html
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptxOmGod1
Victims of crime have a range of rights designed to ensure their protection, support, and participation in the justice system. These rights include the right to be treated with dignity and respect, the right to be informed about the progress of their case, and the right to be heard during legal proceedings. Victims are entitled to protection from intimidation and harm, access to support services such as counseling and medical care, and the right to restitution from the offender. Additionally, many jurisdictions provide victims with the right to participate in parole hearings and the right to privacy to protect their personal information from public disclosure. These rights aim to acknowledge the impact of crime on victims and to provide them with the necessary resources and involvement in the judicial process.
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxshweeta209
transfer of the P.I.L filed by lawyer Ashwini Kumar Upadhyay in Delhi High Court to Supreme Court.
on the issue of UNIFORM MARRIAGE AGE of men and women.
How to Obtain Permanent Residency in the NetherlandsBridgeWest.eu
You can rely on our assistance if you are ready to apply for permanent residency. Find out more at: https://immigration-netherlands.com/obtain-a-permanent-residence-permit-in-the-netherlands/.
PRECEDENT AS A SOURCE OF LAW (SAIF JAVED).pptxOmGod1
Precedent, or stare decisis, is a cornerstone of common law systems where past judicial decisions guide future cases, ensuring consistency and predictability in the legal system. Binding precedents from higher courts must be followed by lower courts, while persuasive precedents may influence but are not obligatory. This principle promotes fairness and efficiency, allowing for the evolution of the law as higher courts can overrule outdated decisions. Despite criticisms of rigidity and complexity, precedent ensures similar cases are treated alike, balancing stability with flexibility in judicial decision-making.
Introducing New Government Regulation on Toll Road.pdfAHRP Law Firm
For nearly two decades, Government Regulation Number 15 of 2005 on Toll Roads ("GR No. 15/2005") has served as the cornerstone of toll road legislation. However, with the emergence of various new developments and legal requirements, the Government has enacted Government Regulation Number 23 of 2024 on Toll Roads to replace GR No. 15/2005. This new regulation introduces several provisions impacting toll business entities and toll road users. Find out more out insights about this topic in our Legal Brief publication.
2. Topics
• What is the GDPR
• European Law Landscape
• Key dates
• GDPR Structure
• What is Personally Identifiable Information?
• Territorial Scope - Articles 1-3
• Remedies, Liabilities and Penalties - Articles 79, 82 & 83
• Data Collection Principles - Article 5
• Lawfulness Articles - 5 & 6
• Consent - Articles 7-9
• Transparency - Articles 12-18
• Data Security - Article 32
• Data Breach Notification - Articles 33 & 34
3. What is the GDPR• A complete overhaul of data protection regulation with extensive updates of
what can be considered identifiable information
• Applies across all member states of the European Union
• Applies to all organisations processing the data of EU data subjects –wherever
the organisation is geographically based
• Specific and significant rights for data subjects to seek compensation, rights to
erasure and accurate representation
• Compensation can be sought against organisations and individuals employed by
them
• Fines of up €20,000,00 or 4% global annual turnover
• Significant reduction in that amount based on the implementation of technical,
or organisational controls implemented
4. European Law Landscape
European Legislation can be separated into two main branches:
Directives
• Require individual implementation in each Member State (Each State can
implement rules in their own way)
• Implemented by the creation of national laws approved by the parliaments of
each Member State
• European Directive 95/46/EC (The current Data Protection Act) is a Directive
• Sets out a goal that a member state must achieve –room for tailoring
• 28 different variations among Member States
5. European Law Landscape
Regulations:
• Immediately applicable in each Member State in a uniform manner
• Binding Legislative Act
• Derogations allow for fine tuning, examples include the age of a child, and the definition
of large scale data processing
• EUGDPR is a Regulation
• Regulations are not negotiable by member states
• Regulations may apply to countries outside the EU if they affect EU subjects (people who
are originally from the EU)
6. Key Dates for GDPR
4 May 2016, the official text of the Regulation was published
in the EU Official Journal in all the official languages.
The Regulation entered into force on 24 May 2016, and
applies from 00:01 25 May 2018.
As it stands the United Kingdom will still be considered a
Member State at the time of inception and will therefore be
subject to the requirements of the EUGDPR
This Regulation shall be binding in its entirety and directly
applicable in all Member States.
7. GDPR Structure
European Data Protection Board
Lead Supervising Authority
(Information Commissioners Office)
Data Processor
Data Controller
(Organisation)
Data Subject
(Individuals)
3rd Countries 3rd Party
8. GDPR Structure
• The European Data Protection Board will issue guidance for
controllers and processors
• They will facilitate the use of Data Protection Impact
Assessments
• The ICO will oversee both Data Controllers and Data
Processors
• Breaches and Notifications will be made to the ICO
• 3rd Countries – countries to which data is transferred
• At the centre of the GDPR is the protection of Personally
Identifiable Information
9. Personally Identifiable Information
Can be defined as Information that can be used to identify a living individual.
Examples include (but are not limited to):
First & last name (combined) Home address Date/place of birth
Photos and videos Username/password National insurance/Social security
Number
Bank account details Credit card details Passport number
Medical records Financial records Non work related correspondence
Personal email addresses/emails Biometric data Cookies
MAC Address IP Address
10. High Risk Personal Information
Other information, while not individually useful as identifiable has been defined
as high risk and as such breaches involving high risk data should be notified.
High Risk data includes
• Racial and Ethnic Origin Trade Union Membership
• Religion Political Opinion
• Healthcare Data Genetic Data
• Sexual Orientation Location Data
• Disability Information Biometric Data
• Mental Health Status
• Gender
11. Territorial Scope
Articles 1-3 cover the applicability of the Regulation
• Data Subjects = living individuals aka natural persons. They have
rights associated with:
- The protection of personal data
- The protection of the processing of personal data
- Unrestricted movement of personal data throughout the
European Union (with consent)
• The scope of the GDPR includes personal data that is wholly or
partly by automated means and personal data that is part of a filing
system (or is intended to be)
• Any organisation that processes the data of EU citizens, are subject
to the Regulation
12. Remedies, Liabilities & Penalties
• Enforcement powers of ICO will be significantly enhanced with the
issuing of measures, notices and monetary fines intended to be
effective, proportionate and dissuasive
• Fines can be up to €10,000,000 for enterprise or 2% total
worldwide turnover for the preceding year, whichever is greater
• Fines are calculated based on several factors:
- Controls already in place
- Nature, gravity, extent and duration of infringement
- The types of personal data involved in the infringement
- Actions taken by the controller or processor to mitigate, negate or notify
affected parties (including the ICO) of a breach
13. Remedies, Liabilities & Penalties
• Data Subjects have the right to effective judicial remedy
against a controller or processor when the rights of the
data subject has been infringed as a result of processing
• Action can be sought either:
- In the courts of a Member state where the
processor has an establishment
- In the courts of a Member state where the subject
habitually resides
- Against a controller for the inadequate control of
data or a processor for processing
14. Data Collection Principles
The GDPR sets out 7 key principles for the collection of data:
• Data must be processed lawfully fairly and in a transparent manner
• Data must only be collected for specified explicit and legitimate purposes
• Collected data must be adequate, relevant and limited to what is
necessary
• Collected data must be accurate, and where necessary kept up to date
• Data must be retained only as long as necessary
• Data must be processed securely
• There must be accountably in all processing activity
15. Lawfulness of ProcessingThe Regulation introduces the concept of Lawfulness and places specific
obligations on the controller and processor:
• Data must be secured against accidental loss, damage or destruction
• Processing must be lawful which means inter alia:
- Data subject must provide explicit consent for processing for each service
- The processing to be performed is necessary for the performance of a
contract
- processing is necessary for compliance with a legal obligation
• Controllers have one month to process Subject Access Requests – no charges
(unless vexatious)
16. Lawfulness of ProcessingThe regulation seeks to clearly distinguish between the obligations placed upon
controllers and processors.
• Processors and Controllers must now have a legally binding contract
• Controllers responsible for ensuring processors comply with contractual terms
for processing information
• Processors, like controllers, are required to implement appropriate security
measures
• The lead processor is required to reflect the same contractual obligations it has
with the controller in a contract with any sub-processors and remains liable to
the controller for the actions or inactions of any sub-processor.
17. Consent• Consent must be clear and affirmative – no action on behalf of the data subject
no longer implies consent
• Controllers must be able to demonstrate that consent was given in a clear,
intelligible and easily accessible way or else it is not binding
• It must be possible for data subjects to withdraw consent at any time and must
be as easy to withdraw as it is to give. This has significant implications on how
data is processed
• Special conditions for children under the age of 16
• Separate, explicit consent must be given for high risk personal data along with
an outline of what the controller intends to do with it in terms of processing
(except in protecting the public interest)
• All information should be secured
18. TransparencyNew obligations placed on controllers on how they interact with data subjects
• Any communications need to be concise, transparent and intelligible
• Controllers must provide clear unambiguous information about how and why a
subjects’ data is collected and processed
• Controllers have an obligation to proactively provide information about
individuals within the organisation including the Data Controller and the Data
Protection Officer and the specific rights a subject has
• If data has been obtained indirectly (e.g. a mailing list), Controllers must take
specific steps to notify affected subjects
• All data subjects have rights to access their data including the right of erasure,
the right of transfer and the right of accuracy
19. Data SecurityA requirement on controllers and processors to implement a level of security
appropriate to the risk. Techniques:
• Pseudonymisation - Separation of data from direct identifiers so that linkage to
an identity is not possible without additional information that is held
separately.
• Encryption - Conversion of electronic data into another form, called ciphertext,
which cannot be easily understood by anyone except authorised parties.
• Minimisation - Reducing the data collection to the minimum required to deliver
the service agreed by the data subject
• Penetration Testing - Agreeing a process for regularly testing assessing and
evaluating the effectiveness of security measures
• Ensuring ongoing application of confidentiality, integrity and availability
controls
20. Data Breach NotificationThe GDPR stipulates specific requirements for breach notification
The legislation defines a breach as:
“a breach of security leading to the accidental or unlawful destruction, loss,
alteration, unauthorized disclosure of, or access to, personal data transmitted,
stored or otherwise processed.”
• Processors must notify Controllers of any breach
• Controllers must notify the Lead Supervisory Authority of high risk breaches
without undue delay and where feasible not later than 72 hours after
becoming aware of it
• How and when a notification is made has a significant impact on mitigation
from the Lead Supervisory Authority
21. Notification Requirements• Notification to the ICO without undue delay (within 72 Hours)
• Description of the nature of breach
• Specify categories of data subjects (gender, adult or child, patient, student etc.)
• The number of data subjects affected
• The number of personal records breached
• The likely implications of the breach
• Details of Data Protection Officer
• The measures taken to mitigate
• Currently no requirement to notify if the breach is not considered high risk and
the breach is unlikely to impact the rights and freedoms of data subject
(guidance on what constitutes high risk to be confirmed)
22. Notification RequirementsWhen a high risk breach has occurred, the data controller has specific obligations
regarding communication to affected data subjects
• Communication can be mandated by the supervisory authority
• Communication must be carried out without undue delay
• Communication must be in clear, plain language
• Exceptions if appropriate measures have been implemented to minimise risk
• Exceptions if communication would involve disproportionate effort compared
to risk
23. Why this is Important
Between January – March 2016 the ICO was notified of 448 significant data
breaches. Now more than ever before, the ethos needs to be that we will be
breached eventually, and we need to prepare for that eventuality.
Editor's Notes
This is a rather dry, formal definition but useful.
This is a rather dry, formal definition but useful.
This is a rather dry, formal definition but useful.