New General Data Protection Regulation (Agnes Andersson Hammarstrand)Nordic APIs
This is a session given by Agnes Andersson Hammarstrand at Nordic APIs 2016 Platform Summit on October 25th, in Stockholm Sweden.
Description:
This spring a new EU General Data Protection Regulation was adopted to replace the current personal data legislations. Companies that break the rules risk fines of up to 4 % of the worldwide group turnover. The new regulations entail a large number of news that all companies should be informed about. Among other things, IT systems need to be adapted to privacy under the principles of privacy by design.
Agnes Hammarstrand, partner at Delphi Law firm and expert within IT and online provides an introduction to the new regulations and what you need to do.
General Data Protection Regulation: what do you need to do to get prepared? -...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Helena Wootton looks at the things you need to do to get prepared for the new data protection regulation.
http://qonex.com/east-midlands-cyber-security-forum/
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
New General Data Protection Regulation (Agnes Andersson Hammarstrand)Nordic APIs
This is a session given by Agnes Andersson Hammarstrand at Nordic APIs 2016 Platform Summit on October 25th, in Stockholm Sweden.
Description:
This spring a new EU General Data Protection Regulation was adopted to replace the current personal data legislations. Companies that break the rules risk fines of up to 4 % of the worldwide group turnover. The new regulations entail a large number of news that all companies should be informed about. Among other things, IT systems need to be adapted to privacy under the principles of privacy by design.
Agnes Hammarstrand, partner at Delphi Law firm and expert within IT and online provides an introduction to the new regulations and what you need to do.
General Data Protection Regulation: what do you need to do to get prepared? -...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Helena Wootton looks at the things you need to do to get prepared for the new data protection regulation.
http://qonex.com/east-midlands-cyber-security-forum/
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
Preparing for the new General Data Protection Regulation? Here is a presentation to help you to engage your employees with their new information security requirements. In this ppt presentation, you will find out: why GDPR, steps to manage compliance, important information security facts and some of the key articles.
On 14/4/2016 EU Data Privacy had been approved the regulation which is, nowadays, mandatory. However companies have 2 years to carry out its suitability before receiving an economic penalty for not having completed it - deadline: 25/05/2016
EU General Data Protection: Implications for Smart Meteringnuances
This presentation provides the reader with an insight into the politics of EU Data protection as well as an overview of the key stakeholders. We focus on the implication for the smart metering industry.
This webinar gives an overview of:
- The regulation landscape
- Territorial scope
- Remedies, liabilities and penalties
- Privacy notices
- The right of data subject
- Consent
- Data processing
- Profiling or "automated individual decision-making"
- International marketing and data transfers
A recording of this webinar is available here:
https://www.youtube.com/watch?v=Vr_CT24v2iI
In this Story, we follow Sophie in her life and job. In her new job, she meets Marco, who chose Microsoft Solutions to be as compliant as possible with GDPR.
If you want to hear the story behind the slides, feel free to get in touch via www.thedataprotectionoffice.eu
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
This free Lasa webinar looks at why data protection is important in a digital world, and what practical things charities and civil society organisations can do to prepare for when the EU General Data Protection Regulations come into force in May 2018.
It is vital charities use the next 12 months to understand their new responsibilities and put the required processes in place.
Our webinar gives you the opportunity to ensure you are prepared for what’s to come by putting your #GDPR questions to our data protection expert and published author, Paul Ticher.
Lasa does lots more charity tech help and advice - find out more at: Twitter: @lasaict
Acknowledgements:
Lasa actively promotes and supports the Way Ahead – Civil Society at the Heart of London. See www.citybridgetrust.org.uk/publications/way-ahead/
This webinar is supported by the City of London Corporation's charity, City Bridge Trust. www.citybridgetrust.org.uk
What is the new data protection regulation GDPR and why should you care? Jesp...Exove
What is the new data protection regulation GDPR and why should you care? by Jesper Nevalainen, Bird & Bird
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
• In mei 2018 wordt de nieuwe Europese privacywetgeving van kracht. De Algemene Verordening Gegevensbescherming is een geheel van regels om de gegevens van Europese burgers beter te beschermen. Deze regelgeving is ook van toepassing op verenigingen. We verwelkomen Karel Holst van het GDPR-experten kantoor IFORI die ons op een toegankelijke wijze wegwijs zal maken in deze complexe materie. Je mag je verwachten aan praktische tips en advies.
I.s.m. de adviesraden en Katrien Dossche.
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Lilian Edwards looked at the basics on what you need to know about the new regulation.
http://qonex.com/east-midlands-cyber-security-forum/
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
Preparing for the new General Data Protection Regulation? Here is a presentation to help you to engage your employees with their new information security requirements. In this ppt presentation, you will find out: why GDPR, steps to manage compliance, important information security facts and some of the key articles.
On 14/4/2016 EU Data Privacy had been approved the regulation which is, nowadays, mandatory. However companies have 2 years to carry out its suitability before receiving an economic penalty for not having completed it - deadline: 25/05/2016
EU General Data Protection: Implications for Smart Meteringnuances
This presentation provides the reader with an insight into the politics of EU Data protection as well as an overview of the key stakeholders. We focus on the implication for the smart metering industry.
This webinar gives an overview of:
- The regulation landscape
- Territorial scope
- Remedies, liabilities and penalties
- Privacy notices
- The right of data subject
- Consent
- Data processing
- Profiling or "automated individual decision-making"
- International marketing and data transfers
A recording of this webinar is available here:
https://www.youtube.com/watch?v=Vr_CT24v2iI
In this Story, we follow Sophie in her life and job. In her new job, she meets Marco, who chose Microsoft Solutions to be as compliant as possible with GDPR.
If you want to hear the story behind the slides, feel free to get in touch via www.thedataprotectionoffice.eu
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
This free Lasa webinar looks at why data protection is important in a digital world, and what practical things charities and civil society organisations can do to prepare for when the EU General Data Protection Regulations come into force in May 2018.
It is vital charities use the next 12 months to understand their new responsibilities and put the required processes in place.
Our webinar gives you the opportunity to ensure you are prepared for what’s to come by putting your #GDPR questions to our data protection expert and published author, Paul Ticher.
Lasa does lots more charity tech help and advice - find out more at: Twitter: @lasaict
Acknowledgements:
Lasa actively promotes and supports the Way Ahead – Civil Society at the Heart of London. See www.citybridgetrust.org.uk/publications/way-ahead/
This webinar is supported by the City of London Corporation's charity, City Bridge Trust. www.citybridgetrust.org.uk
What is the new data protection regulation GDPR and why should you care? Jesp...Exove
What is the new data protection regulation GDPR and why should you care? by Jesper Nevalainen, Bird & Bird
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
• In mei 2018 wordt de nieuwe Europese privacywetgeving van kracht. De Algemene Verordening Gegevensbescherming is een geheel van regels om de gegevens van Europese burgers beter te beschermen. Deze regelgeving is ook van toepassing op verenigingen. We verwelkomen Karel Holst van het GDPR-experten kantoor IFORI die ons op een toegankelijke wijze wegwijs zal maken in deze complexe materie. Je mag je verwachten aan praktische tips en advies.
I.s.m. de adviesraden en Katrien Dossche.
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Lilian Edwards looked at the basics on what you need to know about the new regulation.
http://qonex.com/east-midlands-cyber-security-forum/
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
In 2016, the European Union (EU) approved its General Data Protection Regulation (GDPR) to protect European citizens’ data. As a regulation, the GDPR does not require the implementation of legislation, and will immediately become an applicable law as of the 25th of May, 2018.
What is GDPR exactly trying to accomplish? According to the official documents, the goal is the “protection of natural persons with regard to the processing of personal data and on the free movement of such data.”
In short, organizations that conduct business in the EU will need to be compliant with GDPR, and must come to terms with the huge fines that non-compliance can carry. Fines can be up to €20M or 4% of the annual turnover. For companies that experience breaches that result in the loss of personal data (such as Talk Talk, which lost 170,000 people’s data), the fines will be tremendous.
Join us for discussion about GDPR to learn more about:
The principles that organizations that use personal data need to adhere to
The consequences organizations can face if that do not adhere to this new regulation
How your organization can prepare for the future
The EU’s General Data Protection Regulation (GDPR) is the most significant change to consumer privacy laws in decades and the enforcement date is approximately 1 month away. The standards for data collection and use in the EU will significantly differ from those in the United States. This session will breakdown the differences and discuss methods for compliance going forward.
PRESENTER
Gary Kibel, Partner, Davis & Gilbert LLP @GaryKibel
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Michael Adamberry
This presentation outlines the issue of Direct Marketing, including the use of cookies, the opt-out register and the e-Privacy Directive (and Regulation). The focus is around the Gibraltar Data Protection Act 2004, and how this will change under the General Data Protection Regulation ("GDPR") as of 25th May 2018 and the upcoming e-Privacy Regulation
ISOLAS is pleased to offer assistance in conducting data audits and ensuring you are compliant before the deadline - the clock is ticking!
CMR - GDPR - general introduction for marketeersThe CMR Agency
Some general information by The CMR Agency on GDPR - General European Protection Regulation - from a marketing perspective - meant for non-legal persons
European government in 2016 adopted General Data Protection Regulation (GDPR) and was
put into effect on May 25, 2018, replacing the 1995’s Data Protection Directive to protect the
personal information of EU citizens. GDPR aims to govern personal data processing and ensure
processing is fair and lawful. It is also designed to emphasize the fundamental right to privacy.
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
The European Union’s proposed new data protection regulation aims to update Europe’s data protection laws and to provide a more consistent data protection framework across the Continent.
But the new regulation, which replaces the EU’s existing data protection directive and member states’ data protection laws, will put some new demands on organisations holding personal data. Breach disclosure and “the right to be forgotten” will force businesses to update their data protection and retention policies.
This presentation will:
- Review the current EU laws, and contrast them with laws in other parts of the world;
- Examine the arguments for strengthening data protection in Europe, and the likely outcomes;
- Look at what security teams should already be doing to put themselves ahead of legislative changes;
- Outline strategies and technologies organisations need to meet current and future data protection requirements
- Help infosecurity teams to explain the changes – and their consequences – to their boards
Introducing New Government Regulation on Toll Road.pdfAHRP Law Firm
For nearly two decades, Government Regulation Number 15 of 2005 on Toll Roads ("GR No. 15/2005") has served as the cornerstone of toll road legislation. However, with the emergence of various new developments and legal requirements, the Government has enacted Government Regulation Number 23 of 2024 on Toll Roads to replace GR No. 15/2005. This new regulation introduces several provisions impacting toll business entities and toll road users. Find out more out insights about this topic in our Legal Brief publication.
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxshweeta209
transfer of the P.I.L filed by lawyer Ashwini Kumar Upadhyay in Delhi High Court to Supreme Court.
on the issue of UNIFORM MARRIAGE AGE of men and women.
Car Accident Injury Do I Have a Case....Knowyourright
Every year, thousands of Minnesotans are injured in car accidents. These injuries can be severe – even life-changing. Under Minnesota law, you can pursue compensation through a personal injury lawsuit.
PRECEDENT AS A SOURCE OF LAW (SAIF JAVED).pptxOmGod1
Precedent, or stare decisis, is a cornerstone of common law systems where past judicial decisions guide future cases, ensuring consistency and predictability in the legal system. Binding precedents from higher courts must be followed by lower courts, while persuasive precedents may influence but are not obligatory. This principle promotes fairness and efficiency, allowing for the evolution of the law as higher courts can overrule outdated decisions. Despite criticisms of rigidity and complexity, precedent ensures similar cases are treated alike, balancing stability with flexibility in judicial decision-making.
Responsibilities of the office bearers while registering multi-state cooperat...Finlaw Consultancy Pvt Ltd
Introduction-
The process of register multi-state cooperative society in India is governed by the Multi-State Co-operative Societies Act, 2002. This process requires the office bearers to undertake several crucial responsibilities to ensure compliance with legal and regulatory frameworks. The key office bearers typically include the President, Secretary, and Treasurer, along with other elected members of the managing committee. Their responsibilities encompass administrative, legal, and financial duties essential for the successful registration and operation of the society.
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
A "File Trademark" is a legal term referring to the registration of a unique symbol, logo, or name used to identify and distinguish products or services. This process provides legal protection, granting exclusive rights to the trademark owner, and helps prevent unauthorized use by competitors.
Visit Now: https://www.tumblr.com/trademark-quick/751620857551634432/ensure-legal-protection-file-your-trademark-with?source=share
DNA Testing in Civil and Criminal Matters.pptxpatrons legal
Get insights into DNA testing and its application in civil and criminal matters. Find out how it contributes to fair and accurate legal proceedings. For more information: https://www.patronslegal.com/criminal-litigation.html
4. 4
Fundamental Rights
EU Charter of Fundamental Rights, article 8(1): “Everyone has the right to the
protection of personal data concerning him or her.”
[≠ ECHR/UDHR] [≠ right to privacy]
Through the expansion of the ‘information society’ the public and private
sector increasingly process larger quantities of Personal Data (e.g.
HR/Customer-data)
EU and national legislative initiatives
5. 5
1995: Directive
‒ Requires national
implementation
‒ EU Data Protection Directive
(95/46/EC)
E.g. Belgium: The Privacy Act
EU Legislative Acts
2016: Regulation
‒ Direct effect in the EU
‒ From the day it enters into force
GDPR: 24 May 2016, but applies from 25
May 2018 (2 year transitional period)
6. 6
Why a new overriding Regulation?
Directive 95/46/EC sought to harmonize national legislations and ensure
free flow of data within the EU
But:
– Still differences in national implementation and application
– Limited cooperation between Data Protection Authorities (‘DPA’)
– Many technological & societal changes in the 20 years since Dir. 95/45/EC
– Strengthen Data Subject's rights
7. 7
Personal Data are everywhere!
“Any information relating to an identified or identifiable natural person”
E.g. Name, location data, IP-address, customer number, …
Stricter rules for special categories of Personal Data (general
prohibition)
‒ Racial or ethnic origin
‒ Political options
‒ Genetic and biometric data, solely for identification purposes
‒ Health data
‒ …
Personal Data
8. 8
Processing
Personal Data
e.g. Customer Data
‒ Name
‒ Date of birth
‒ Address
‒ …
Controller
Determines the purposes
and the manner of the
processing
e.g. iFORi
For marketing purposes,
through an online registration
form
Data Subject Processor
Separate legal
entity
processes on behalf
of the Controller
e.g. Marketer
carries out mail
marketing
9. 9
Main objective
Ensure the right of an individual to make his own decisions regarding the
information that relates to him.
Principles of processing:
‒ Fair, lawful and transparent
‒ Purpose limitation
‒ Data minimization
‒ Accuracy
‒ Storage limitation
‒ Integrity and confidentiality
11. 11
I. Territorial Scope
The GDPR applies when:
‒ Processing in the context of activities of an establishment in the EU
‒ When the data subjects are located in the EU, and the processing is
related to:
• Offering goods or services
• Monitoring of their behavior (in the EU)
12. 12
II. Lawfulness
A valid legal basis to process the data is required:
‒ Consent
• Freely given, specific, informed and unambiguous
• It must be given by a statement or a clear affirmative action (thus opt-
out NOT possible)
• Proof of consent to be provided by Controller
• Withdrawable
• Obtained separately
• Children: when offering information society services, processing is only
lawful where the child is at least 16 years old. Younger = consent by
holder of parental responsibility
13. 13
III. Rights of the data subject
‒ Transparency
‒ Access
‒ Rectify
‒ Erasure (right to be forgotten)
‒ Restriction
‒ Portability
‒ Object
‒ Not be subject to automated decision making/profiling
14. 14
IV. Controllers and Processors
Controllers
‒ Privacy by default & design
‒ Records (Notification)
• Not where <250 employees, unless high risk
• Including general description of security measures
‒ Data breach notification
‒ Privacy Impact Assessment(PIA)/Prior consultation of DPA
‒ Data Protection Officer (DPO)
‒ Data security
15. Data Breach Notification
To Data Protection Authority (DPA)
– 72h deadline
– Specific information
– Documentation
To data subject
– High risk to rights and freedoms
– Clear and plain language
– Exceptions
16. Data Protection Officer (DPO)
When?
‒ Public authority or body
‒ Regular and systematic monitoring of data subjects
‒ Processing of special categories of data
Tasks?
‒ Inform and advise on the obligations pursuant the GDPR
‒ Monitor compliance
‒ Advise on draft of PIA
‒ Cooperate with DPA
‒ External contact
Who?
17. Data Security
Ensure confidentiality, integrity, availability, resilience
By implementing appropriate technical and organizational measures
Risk based approach (the state of the art, the costs of implementation, …)
– Encryption/Pseudonymisation
– Audits
– Back-up and redundancy
18. Pseudonymisation
“The processing of personal data in such a way that the data can no longer be
attributed to a specific data subject without the use of additional information”
– Process beyond original collection purposes;
– Safeguard for processing personal data for scientific, historical and statistical purposes;
– Feature of data protection by design;
– Helps meet Data Security requirements;
– Limits the rights of Data Subjects
19. 19
Processors
‒ Comply with specific obligations
• Records
• Data Security
• PIA/DPO
• Breach notification to Controller
‒ Directly liable
20. 20
V. Transfers
General prohibition on transfers outside EEA (28+3)
– Adequacy Decision
• White list
• Privacy Shield (US)
– Appropriate Safeguards
• Model Clauses (EC/DPA/Ad hoc)
• Binding Corporate rules
• Codes of conduct/ Certification
– Derogations (e.g. explicit consent)
21. 21
VI. Sanctions
Administrative Fines by DPA: effective, proportionate & dissuasive
– Up to, the greater of €20.000.000 or 4% of total worldwide annual turnover of
an undertaking
Private claims by data subjects
– DPA
– Courts for compensation from Controller or Processor
Criminal penalties possible where provided by member states
22. 22
VII. “One-stop-shop”
Controllers and Processors answer to a ‘lead supervisory authority’
– Based on their single or main establishment in the EU
– For cross-border processing
But supervisory authorities may still address infringements
– If it relates to an establishment in its MS or;
– If it substantially affects data subjects in its MS
Consistency through cooperation between DPA’s with EDPB oversight
24. 24
Directive on privacy and electronic communications - Telecoms Law
– Information
– Consent
GDPR
– Processing of personal data
‒ Controller: You/Third party cookie provider
‒ Processor: Third party cookie provider
Cookies
25. 25
Strengthening Cybersecurity within the EU
For sectors which are vital for economy and society:
– Operators Of Essential Services
– Energy
– Transport
– Banking
– Financial market infrastructures
– Health sector
– Drinking water supply and distribtuion
– Digital infrastructure
– Digital Service Providers
– Online Marketplaces
– Online search engines
– Cloud computing services
NIS: Network and Information Security Directive
26. 26
Monitoring E-mail: Belgium: CAO nr. 81 & Privacy Act
Principles: Finality, Proportionality, Transparency
– Professional communications(?): Access (?)
– Non-professional communications: Individualization Procedure
See also recommendations by Privacy Commission
GDPR allows for more specific national rules in the context of employment
Employees
28. 28
Take Action
Not everything has changed, just as not everything has been harmonized
New obligations but also removal of some administrative burdens and
further guidance
(New) technologies introduce new compliance risks, but technologies can
also be used to mitigate risk and/or ensure compliance
Take action now!
GDPR applies from 25 May 2018
In sum, it is a privacy-enhancing technique where directly identifying data is held separately and securely from processed data to ensure non-attribution.
Still personal data!
Other purposes: Encryption and pseudo
Encryption: adhere to Data security principles + no breach notification + for other purposes (appropriate safeguards)
Niet voor: technische cookies
ookies over de inhoud zelf van de transactie/uitdrukkelijk gevraagd: de taalkeuze, de inhoud van een formulier of een winkelmandje; er kan gesteld worden dat deze cookies in feite gedekt zijn door de impliciete toestemming van de betrokken persoon, op voorwaarde dat die persoon geïnformeerd is over het gebruik en dat ze niet langer worden bewaard dan de tijd die nodig is of dat ze door de bezoeker zelf kunnen gewist worden.
protection of privacy in the electronic communications sector
electronic communications networks and services (Framework Directive)