GIG Working Paper 02/2017 - The Definition of Personal DataIAB Europe
This second output of the GIG focuses on the definition of Personal Data under the GDPR, explaining how it will affect companies in the online advertising space.
The third output of the GDPR Implementation Group focuses on the topic of consent, and its implications as for online advertising companies when used as a legal basis for processing.
Example Association Internal GDPR PolicyLen Murphy
Example Association Internal GDPR Policy. This example policy contains citations to the Articles and Recitals in the European Union's General Data Protection Regulation. The example contains references to other resources that will help drafters design their own policies while being able to examine the precise wording of the law and helpful reference sources.
The GDPR Compliance Primer has been prepared by the members of the IAB Europe GDPR Implementation Wroking Group, under the leadership of Improve Digital.
"The EU General Data Protection Regulation: GDPR" - workshop held by Beatrice Masserini (Studio Cassinis, Italy) at the TRA Annual Meeting 2018 in Athens
Privacy is not a choice and it should not be the price played for our access to internet. We live in an era where everything is digitalized and anybody and everybody, from a child to a 70 year old accesses the same on a regular basis. Great advances in the technological field constitute a greater danger to the privacy of every individual. The constant question that arises is whether the data principal consents to the information provided and disseminated Mercerization of personal information has opened pits of security breaches and data privacy problems. When one consents to provide his data, does he consent to the dissemination of the same The very idea that consumers must make a trade off between privacy and security has been wiped away by the very enactment of the General Data Protection Regulation. This paper stands as proof that, GDPR is the answer to all the data privacy questions and problems faced by the society. The author briefs through the history of enactment EU GDPR and its necessity. The paper brings out both the endless advantages of GDPR as well as the few disadvantages present. The extensive research on GDPR has prompted the author to attract attention to the key changes seen after the implementation of GDPR and the robust data privacy regime built by its awakening. The main cerebration of the authors by referring to the above submissions is that GDPR is a need of the hour and is for the betterment of the society as a whole. Pranaya Dayalu | M. Punnagai ""GDPR: A Privacy Regime"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23460.pdf
Paper URL: https://www.ijtsrd.com/humanities-and-the-arts/other/23460/gdpr-a-privacy-regime/pranaya-dayalu
GIG Working Paper 02/2017 - The Definition of Personal DataIAB Europe
This second output of the GIG focuses on the definition of Personal Data under the GDPR, explaining how it will affect companies in the online advertising space.
The third output of the GDPR Implementation Group focuses on the topic of consent, and its implications as for online advertising companies when used as a legal basis for processing.
Example Association Internal GDPR PolicyLen Murphy
Example Association Internal GDPR Policy. This example policy contains citations to the Articles and Recitals in the European Union's General Data Protection Regulation. The example contains references to other resources that will help drafters design their own policies while being able to examine the precise wording of the law and helpful reference sources.
The GDPR Compliance Primer has been prepared by the members of the IAB Europe GDPR Implementation Wroking Group, under the leadership of Improve Digital.
"The EU General Data Protection Regulation: GDPR" - workshop held by Beatrice Masserini (Studio Cassinis, Italy) at the TRA Annual Meeting 2018 in Athens
Privacy is not a choice and it should not be the price played for our access to internet. We live in an era where everything is digitalized and anybody and everybody, from a child to a 70 year old accesses the same on a regular basis. Great advances in the technological field constitute a greater danger to the privacy of every individual. The constant question that arises is whether the data principal consents to the information provided and disseminated Mercerization of personal information has opened pits of security breaches and data privacy problems. When one consents to provide his data, does he consent to the dissemination of the same The very idea that consumers must make a trade off between privacy and security has been wiped away by the very enactment of the General Data Protection Regulation. This paper stands as proof that, GDPR is the answer to all the data privacy questions and problems faced by the society. The author briefs through the history of enactment EU GDPR and its necessity. The paper brings out both the endless advantages of GDPR as well as the few disadvantages present. The extensive research on GDPR has prompted the author to attract attention to the key changes seen after the implementation of GDPR and the robust data privacy regime built by its awakening. The main cerebration of the authors by referring to the above submissions is that GDPR is a need of the hour and is for the betterment of the society as a whole. Pranaya Dayalu | M. Punnagai ""GDPR: A Privacy Regime"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23460.pdf
Paper URL: https://www.ijtsrd.com/humanities-and-the-arts/other/23460/gdpr-a-privacy-regime/pranaya-dayalu
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Michael Adamberry
This presentation outlines the issue of Direct Marketing, including the use of cookies, the opt-out register and the e-Privacy Directive (and Regulation). The focus is around the Gibraltar Data Protection Act 2004, and how this will change under the General Data Protection Regulation ("GDPR") as of 25th May 2018 and the upcoming e-Privacy Regulation
ISOLAS is pleased to offer assistance in conducting data audits and ensuring you are compliant before the deadline - the clock is ticking!
Who needs a EU representative according to GDPR article 27?idc-representative
One of the requirements under the GDPR ( Article 27 ) is the appointment of a representative in the EU for international companies that are not on the ground within the Union. According to the recitals , the EU representative must be designated in writing, and the obligation applies to both the “controller” (the company collecting the data and in some kind of customer relationship with the data subject) and any (sub-contracted) “processor” of the data. We give examples for which companies this obligation applies.
Common Data Protection Issues in Managing M&A DealsMatheson Law Firm
This article explores the potential application of the GDPR in running a typical Irish merger or acquisition and sets out some practical guidelines on how parties to the transaction can demonstrate compliance with the GDPR requirements.
A paper written in April 2016 for my Corporate Compliance & Enterprise Risk Management course on the switch from
the EU-US Safe Harbor to the EU-US Privacy Shield data privacy regimes.
Presentation on the Controller-to-Processor agreements under GDPR, with a main focus on article 28 GDPR and some reference to the standard contractual clauses for Controller-to-Processor agreements as established in 2010 (which are soon to be adapted).
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
This week, Europe's data protection rules will undergo their largest reform in several decades. The General Data Protection Regulation (GDPR) is set to replace the Data Protection Directive, effective as of May 25, 2018.
UK & EU Freedom of Information & Data Protection: Continuity & ChangeDavid Erdos
This presentation explores continuities and changes in the interface between freedom of information and personal information protection at pan-EU level and in the UK under the amended law of the Data Protection Act 2018 and Regulation 2018/1725. Comparing both regimes, it especially focuses on fairness and balancing, the requirement to demonstrate the "necessity" of processing, the position of the deceased and the relationship between disclosure, transparency and sensitive personal data rules.
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
Guide UK Data Protection Law EUROPA - Internal Market - Data Protection - Data Protection Guide – What are your rights as a citizen?http://ec.europa.eu/justice/policies/privacy/docs/guide/guide-ukingdom_en.pdf
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Andrea Omicini
Large-scale socio-technical systems (STS) inextricably inter-connect individual – e.g., the right to privacy –, social – e.g., the effectiveness of organisational processes –, and technology issues —e.g., the software engineering process. As a result, the design of the complex software infrastructure involves also non-technological aspects such as the legal ones—so that, e.g., law-abidingness can be ensured since the early stages of the software engineering process. By focussing on contact centres (CC) as relevant examples of knowledge-intensive STS, we elaborate on the articulate aspects of anonymisation: there, individual and organisational needs clash, so that only an accurate balancing between legal and technical aspects could possibly ensure the system efficiency while preserving the individual right to privacy. We discuss first the overall legal framework, then the general theme of anonymisation in CC. Finally we overview the technical process developed in the context of the BISON project.
Project presentation @ DMI, Università di Catania, Italy, 25 July 2016
6 Lesson GDPR Booklet from Varonis to help stay get compliant and stay compliant.
-Locate your sensitive data
-Prevent data breaches
-Rapidly alert to suspicious behavior
-Build long-term data Security
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
Data Protection Seminar 2_Marketing & GDPR_ISOLAS LLP_26-07-17Michael Adamberry
This presentation outlines the issue of Direct Marketing, including the use of cookies, the opt-out register and the e-Privacy Directive (and Regulation). The focus is around the Gibraltar Data Protection Act 2004, and how this will change under the General Data Protection Regulation ("GDPR") as of 25th May 2018 and the upcoming e-Privacy Regulation
ISOLAS is pleased to offer assistance in conducting data audits and ensuring you are compliant before the deadline - the clock is ticking!
Who needs a EU representative according to GDPR article 27?idc-representative
One of the requirements under the GDPR ( Article 27 ) is the appointment of a representative in the EU for international companies that are not on the ground within the Union. According to the recitals , the EU representative must be designated in writing, and the obligation applies to both the “controller” (the company collecting the data and in some kind of customer relationship with the data subject) and any (sub-contracted) “processor” of the data. We give examples for which companies this obligation applies.
Common Data Protection Issues in Managing M&A DealsMatheson Law Firm
This article explores the potential application of the GDPR in running a typical Irish merger or acquisition and sets out some practical guidelines on how parties to the transaction can demonstrate compliance with the GDPR requirements.
A paper written in April 2016 for my Corporate Compliance & Enterprise Risk Management course on the switch from
the EU-US Safe Harbor to the EU-US Privacy Shield data privacy regimes.
Presentation on the Controller-to-Processor agreements under GDPR, with a main focus on article 28 GDPR and some reference to the standard contractual clauses for Controller-to-Processor agreements as established in 2010 (which are soon to be adapted).
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
This week, Europe's data protection rules will undergo their largest reform in several decades. The General Data Protection Regulation (GDPR) is set to replace the Data Protection Directive, effective as of May 25, 2018.
UK & EU Freedom of Information & Data Protection: Continuity & ChangeDavid Erdos
This presentation explores continuities and changes in the interface between freedom of information and personal information protection at pan-EU level and in the UK under the amended law of the Data Protection Act 2018 and Regulation 2018/1725. Comparing both regimes, it especially focuses on fairness and balancing, the requirement to demonstrate the "necessity" of processing, the position of the deceased and the relationship between disclosure, transparency and sensitive personal data rules.
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
Guide UK Data Protection Law EUROPA - Internal Market - Data Protection - Data Protection Guide – What are your rights as a citizen?http://ec.europa.eu/justice/policies/privacy/docs/guide/guide-ukingdom_en.pdf
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Andrea Omicini
Large-scale socio-technical systems (STS) inextricably inter-connect individual – e.g., the right to privacy –, social – e.g., the effectiveness of organisational processes –, and technology issues —e.g., the software engineering process. As a result, the design of the complex software infrastructure involves also non-technological aspects such as the legal ones—so that, e.g., law-abidingness can be ensured since the early stages of the software engineering process. By focussing on contact centres (CC) as relevant examples of knowledge-intensive STS, we elaborate on the articulate aspects of anonymisation: there, individual and organisational needs clash, so that only an accurate balancing between legal and technical aspects could possibly ensure the system efficiency while preserving the individual right to privacy. We discuss first the overall legal framework, then the general theme of anonymisation in CC. Finally we overview the technical process developed in the context of the BISON project.
Project presentation @ DMI, Università di Catania, Italy, 25 July 2016
6 Lesson GDPR Booklet from Varonis to help stay get compliant and stay compliant.
-Locate your sensitive data
-Prevent data breaches
-Rapidly alert to suspicious behavior
-Build long-term data Security
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Codemotion
L’Application Economy obbliga l’IT a correre alla stessa velocità del business. Nel contempo l’entrata in vigore di nuove stringenti normative in ambito sicurezza impone l’adeguamento del Software Delivery LifeCycle affinché queste possano essere implementate e testate già dalle fasi iniziale dello sviluppo, ottimizzando i tempi di delivery e minimizzando il time to market.
Operational impact of gdpr finance industries in the caribbeanEquiGov Institute
A brief outline of the challenges that could be face by financial institutions with the implementation of the GDPR and recommendations to mitigate them
GDPR - Context, Principles, Implementation, Operation, Data Governance, Data ...Alan McSweeney
I have attempted to produce and summary and consolidated of GDPR across the following topics:
• Context of GDPR – this contains information on other directives and regulations relating to GDPR to provide details on its wider content
• Personal Information – this reiterates what is meant by personal information and so what is covered by GDPR
• Principles of GDPR – this identifies some of the key principles that underpin GDPR and will affect its operation
• Implementing and Operating GDPR – this discusses approaches to operationalising GDPR within organisations
• GDPR and Outsourcing – this contains details on the particular topic of outsourcing that will be impacted by GDPR
• Data Governance – this puts GDPR into wider Data Governance context
• Data Ethics – this briefly discusses the wider issue of data ethics is the context of GDPR
Impact of GDPR on the pre dominant business model for digital economiesEquiGov Institute
A brief description of the impact the General Data Protection Regulation (GDPR) could have on the proposed move towards a digital economy, especially for the Caribbean
What is GDPR?
To put it very simply, GDPR is the most important change in data privacy regulation in 20 years and will change the way in which websites will handle customer data.
GDPR stands for General Data Protection Regulation and is the European Union’s new set of laws and policies surrounding the privacy, control, and transfer of data for EU citizens. It will replace all existing national data protection laws across the EU, regulate the use of data in digital advertising and introduce data protection obligations on many digital ad. businesses for the first time.
Why will your company be concerned?
Even though it is focused on citizens of the European Union, GDPR compliance will have global implications as it will apply based on where an individual is located, not where a business is located. In other words, any company that processes personal data originating from the EU will have to comply with the GDPR.
Whether the European market represents a small or a big part of your visitors, the upcoming GDPR policies will have an effect on your business. Non-compliance under the GDPR may bring hefty fines of up to 4% of the company's annual global turnover or 20 million Euros (whichever is higher).
IMPORTANT: Next steps and suggestions
To learn more about GDPR, what it means for your business and which actions to put in place, please read our FAQ and detailed suggestions to implement a GDPR compliant approach in the advertising context.
This study provides guidance on some of the most important aspects of the GDPR for companies outside the EU and describes some of its key implications with regards to organisational IT and governance. It also offers some key practical advice on steps that can ensure compliance with the GDPR.
TrustArc Webinar-Advertising, Privacy, and Data Management Working TogetherTrustArc
Today, more and more companies use advertising technologies (AdTech) to reach their consumers and better understand their preferences. This can lead to multiple data protection risks. Data privacy awareness is increasing due to seismic developments in the industry brought about by key players such as Google and Apple. In parallel, global regulations set stricter guidelines around the collection, storage, and use of personal data.
This is not over. With the decisions coming out soon on analytics, how will the advertising technologies landscape adjust? Ultimately, how can advertising, privacy, and data management work together?
Our panel in this webinar explored the practical steps your organization should take to ensure that its digital advertising practices are compliant with data protection laws.
This webinar reviews:
- The current practices and developments in the AdTech industry
- The laws and regulations governing AdTech
- How to address the privacy issues related to advertising technology
In general, the GDPR applies to any business that processes personal data by automated or manual processing
A strategic approach is introduced to regulating personal data and the normative foundations of the European Unions General Data Protection Regulation (GDPR)
Existing Requirements imposed by the 1995 Data Protection Directive are refined.
It does this by establishing a uniform framework for data protection legislation across the EU
DOOH Presentation by OMD for DOOH and DA WebinarIAB Europe
Following their participation in the IAB Europe webinar on DOOH and Digital Audio, OMD have put together a brief presentation taking a deeper look into their DOOH campaign for HP.
Interact 2018 - Advertising that works for everyoneIAB Europe
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a keynote speech by Mark Howe, Managing Director Agencies Europe Middle East & Africa Google
Digital advertising has been helping businesses and brands grow for many years, yet the industry itself faced major growing pains over the past year. It is time for us to collectively set our ambitions higher — for consumers, advertisers, and content owners alike. In doing so, we’ll help ensure the internet remains the free, open, pluralistic place it is today and help businesses of all sizes grow. Join Google’s Mark Howe as he explores key areas of progress over the past year and outlines our vision and plans for the year ahead, as we work to build an advertising ecosystem that works for everyone.
Interact 2018 - Embracing an ever-changing future for digital advertisingIAB Europe
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a keynote speech by Amelia Torode, Founder of The Fawnbrake Collective.
The importance of digital advertising to business growth will only increase – but that doesn’t make the future of digital advertising any more predictable. To thrive, businesses must embrace the continual disruption that is characteristic of the digital landscape. Brand strategist Amelia Torode examines the practical changes that they can make, in order to do so: not just executing digital transformation programmes, but building business strategies, workplace cultures and supplier relationships that are optimised for on-going change.
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a training by Wilfried Schobeiri, Chief Technology Officer, MediaMath and Matthias Matthiesen, Director Public Policy & Privacy IAB Europe
Following up on the plenary session from DAY 1 on IAB Europe’s GDPR Transparency & Consent Framework this training session presented by IAB Europe will offer the opportunity to ask any questions you may still have regarding the implementation of the Framework from the Global Vendor List to ensuring the best possible User Experience.
Interact 2018 - GDPR for digital publishers, digital agencies and advertisersIAB Europe
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a training by Matthias Matthiesen, Director Public Policy & Privacy and Chris Hartsuiker, Public Policy Officer, IAB Europe. Which provisions in the General Data Protection Regulation are the most relevant to digital publishers and advertisers? What is the guidance of the European Data Protection Board (former Article 29 Working party) on these topics? This training session, provided by IAB Europe will provide insight into applying the GDPR to the digital advertising supply chain.
Interact 2018 - DOOH growth and barriersIAB Europe
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a presentation by Meindert van den Heuvel, Managing Director Interbest Outdoor Media
Overview of the DOOH developments in the Dutch market
Interact 2018 - Creativity & Interactivity: the perfect match to win user’s ...IAB Europe
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a presentation by Caroline Hugonenc, Global Vice President Research, Teads
The 10 rules to reinvent the ad experience on Mobile leveraging technology and data
Interact 2018 - Quo vadis Italy? The concentration of online time spent and t...IAB Europe
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a keynote speech by Fabrizio Angelini, CEO Sensemakers, comScore Italia
In a country still dominated by TV (with an average of 4 hours per user per day and more than 50% of media investment) online players are struggling to get consumers’ attention. While the shift to mobile is concentrating traffic on OTT, online video and entertainment players are showing great potential for growth. comScore will show the latest data and key trends in the Italian market, while Auditel will explain how it is building one of the most sophisticated cross-media measurement systems to foster market development.
Held in Milan on 23-24 May, IAB Europe’s annual 2-day conference Interact 2018 featured a keynote speech by Anita Caras, Director Sales Insights EMEA OATH.
Ever wonder where brand love comes from? So did Oath. Oath has found out by looking at the many underlying drivers of brand love in our latest global consumer research study. We all know what love feels like, and we know getting your consumers to love your brand is more important today than ever before. But WHY does a consumer love a brand? What does that relationship look like?
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
We all have good and bad thoughts from time to time and situation to situation. We are bombarded daily with spiraling thoughts(both negative and positive) creating all-consuming feel , making us difficult to manage with associated suffering. Good thoughts are like our Mob Signal (Positive thought) amidst noise(negative thought) in the atmosphere. Negative thoughts like noise outweigh positive thoughts. These thoughts often create unwanted confusion, trouble, stress and frustration in our mind as well as chaos in our physical world. Negative thoughts are also known as “distorted thinking”.
IAB Europe GIG: Working Paper on Controller - Processor Criteria (reupload)
1. WHITE PAPER
IAB Europe
Guidance
Date goes here
Five Practical Steps to help companies comply with the
E-Privacy Directive
IAB Europe
GDPR Implementation Working Group
Version 1.0
19 July 2018
CONTROLLER-PROCESSOR
CRITERIA
Working Paper 05/2018
2. About IAB Europe
IAB Europe is the voice of digital business and the leading European-level industry association for
the interactive advertising ecosystem. Its mission is to promote the development of this innovative
sector by shaping the regulatory environment, investing in research and education, and developing
and facilitating the uptake of business standards.
About the GDPR Implementation
Group
IAB Europe’s GDPR Implementation Working Group brings together leading experts from across the
digital advertising industry to discuss the European Union’s new data protection law, share best
practices, and agree on common interpretations and industry positioning on the most important
issues for the digital advertising sector. The GDPR Implementation Working Group is a member-
driven forum for discussion and thought leadership, its important contribution to the digital
advertising industry’s GDPR compliance efforts is only possible thanks to the work and leadership
of its many participating members.
Acknowledgements
This working paper on controller and processor definitions has been prepared by the members of
the IAB Europe GDPR Implementation Group under the leadership of Alan Chapell, of Chapell &
Associates.
Contacts
Townsend Feehan (feehan@iabeurope.eu)
CEO, IAB Europe
Matthias Matthiesen (matthiesen@iabeurope.eu)
Director, Privacy & Public Policy, IAB Europe
Chris Hartsuiker (hartsuiker@iabeurope.eu)
Manager, Privacy & Public Policy, IAB Europe
3. Working Paper 5 – Controller-Processor Criteria 3
Contents
Overview................................................................................................................................................ 3
Key Terms for this Guidance..................................................................................................................4
Client ................................................................................................................................................................. 4
Data Subject...................................................................................................................................................... 4
Data Controller.................................................................................................................................................. 4
Data Processor .................................................................................................................................................. 4
SubProcessor .................................................................................................................................................... 5
UID ..................................................................................................................................................................... 5
Processor vs. Controller – Criteria to consider for adtech companies ................................................5
1. UID Creation and Use .................................................................................................................................... 6
2. UID Segregation ............................................................................................................................................ 7
3. Data Use......................................................................................................................................................... 7
Overview
On 27 April 2016, the European Union adopted the General Data Protection Regulation (“GDPR”).1
The GDPR became directly applicable law in the European Union (“EU”) and European Economic
Area (“EEA”) on 25 May 2018, replacing previous national data protection laws.
The GDPR does not only apply to companies based in the EU but also to companies all over the
globe offering goods and services to people based in the territory of the Union, or monitor the
behaviour of individuals located within it. Data protection law regulates the processing of personal
data, defined broadly as any information that relates to an identified or identifiable natural person,
which may include, amongst others, online and device identifiers that can be used to single out a
natural person, for example for digital advertising purposes.
The GDPR grants data protection authorities the power to levy significant administrative fines
against businesses found in breach of the law. Depending on the severity of the infringement, fines
can reach up to €20,000,000 or 4 per cent of a company’s annual global turnover – whichever is
higher.
This document has been prepared by members of the IAB Europe GDPR Implementation Group
(GIG) to provide guidance to companies across the globe on the definition of controllers and
processors.
1
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with
regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data
Protection Regulation), hereinafter ‘GDPR’, available at http://eur-lex.europa.eu/eli/reg/2016/679/oj/.
4. Working Paper 5 – Controller-Processor Criteria 4
Key Terms for this Guidance
Client
As used herein, the term Client generally refers to an adtech platform’s customer.
Data Subject
The GDPR defines a data subject as “an identified or identifiable natural person.”2
Adtech
companies typically refer to data subjects as Internet users.
Data Controller
The GDPR defines a data controller as “the natural or legal person, public authority, agency or other
body which, alone or jointly with others, determines the purposes and means of the processing of
personal data.”3
In other words, the data controller is the entity that makes decisions about
processing activities, regardless of whether that entity actually carries out any processing
operations. Please note that the specific requirements for data controllers and data processors may
be addressed in separate guidance. As noted by the Article 29 Working Party, “[t]he determination
of the “means”of processingcanbe delegated by thecontroller, as far as technicalor organisational
questions are concerned.” 4
However, the working party also states that “[d]etermination of the
“purpose” of processing is reserved to the “controller”. Whoever makes this decision is therefore
(de facto) controller.”5
Data Processor
The GDPR defines the term “processor” as a “natural or legal person, public authority, agency or
other body which processes personal data on behalf of the controller.”6
In other words, while the
data controller is the entity that makes decisions about processing activities, the processor is any
entity contracted by the data controller for carrying out the processing. The data processor
generally cannot use the data except as directed in writing by the data controller. Processors might
still be entitled to determine some of the means of processing (it could even be delegated by the
controller), but not the purposes according to the Article 29 Working Party. Technical and
organizational measures might therefore be determined by a processor as long as they do not
constitute essential elements of processing.7
Please note that the specific requirements for data
controllers and data processors may be addressed in separate guidance.
2
GDPR Article 4(1)
3
GDPR Article 4(6)
4
Article 29 Working Party: Opinion 1/2010 on the concepts of "controller" and "processor" (“WP169”), 16/02/2010, p. 17 at
http://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2010/wp169_en.pdf.
5
Ibid. Seealsoexamplenumber3 onpage 14whichnotesthethe“decision to addan additionalpurposetothe oneforwhichthe personal
data were transferred converts MarketinZ into a data controller for this processing operation.”
6
GDPR Article 4(8)
7
Article 29 Working Party, WP169, p. 14.
5. Working Paper 5 – Controller-Processor Criteria 5
SubProcessor
The GDPR offers rules for a data processor that engages another data processor – the latter being
considered a sub-processor. In adtech, a sub-processor is often either a hosting company, a third-
party developer with some level of access to personal data, or another entity that otherwise assists
a data processor. The GDPR requires the data processor to obtain the data controller's
authorization to appoint sub-processors. This can be given in a general way, so long as the data
processor informs the data controller of any sub-processors so that the data controller may have
the opportunity to object.8
Sub-processors also are subject to the same requirements under the
GDPR.
UID
A User ID or UID is a pseudonymous identifier such as a cookie ID or mobile Advertising ID (e.g., IDFA
in iOS). A UID which is used to identify a browser, computer, or device over time is considered a
“digital identifier” under GDPR and is considered personal data.
Processor vs. Controller – Criteria
to consider for adtech companies
EU privacy law has only two primary categories of entities which collect and process data: data
controllers and data processors. Contrast the EU approach with the three classifications used
widely in the U.S. adtech world: First Parties (i.e., websites and advertisers), Third Parties (mostly
adtech companies) and Service Providers (essentially agents of the First Party). Advertisers are First
Parties in multiple contexts (i.e. when they interact with users directly on their sites, or if there is a
pre-existing relationship), but if they are loading in the context of another website than their own,
they act as Third Parties.
Service Providers in the U.S. are roughly analogous to Data Processors in the EU – in that both are
agents of the First Party /Data Controller. Thus, one of the key differences between U.S. adtech
privacy rules and EU privacy rules is that the two primary categories in the EU privacy rules (e.g.
who is the processor/controller) do not cleanly align with how data flows among, and the
relationship between, the parties in the adtech model. Some third-parties make use of First Party
data outside the ambit of the instructions provided by the First Party. This notion goes back to the
“ad network” model circa 1997 – where a network would take data from website 1 and website 2
and use that data to create a targeting segment for website 3.9
8
GDPR Article 28(2).
9
Note the ad network model dates back to 1997. Some of the very first ones include: ValueClick (1997 was its first ad server), FlyCast
(1997), Narrowline (1997), Advertising.com (launched 1998 as “Teknosurf.com”), and Specific Media (launched 1999 as
“advertisementbanners.com”).
6. Working Paper 5 – Controller-Processor Criteria 6
Adtech business models10
are unique in many respects. As a result, there’s been some marketplace
confusion regarding characterization of the various roles (i.e., controller vs processor) within the
adtech models. Moreover, a recent ruling by the Court of Justice of the European Union11
indicates
that EU Data Protection Law casts a wide net by design when it comes to apportioning
responsibilities across various roles when more than one entity is directly or indirectly involed in
the processing of data. Therefore, adtech companies need a set of criteria they may point to inorder
to ascertain whether they are a processor or a controller. After receiving input from data protection
regulators in the EU, and after considerable internal discussion, the GDPR Implementation Group’s
Controller / Processor Working Group offers the following considerations designed to assist adtech
companies in ascertaining whether they are acting as a controller or a processor of personal data.
While not providing legal advice, this working group offers a few criteria that may be helpful in
determining whether your company is acting as a processor or a controller.
1. UID Creation and Use
• Does your company create a UID solely or even partly for your company’s own purposes? If
your company creates a UID either solely or partly for your own purposes, the presumption
is that your company is a controller of that UID. Conversely, if your company creates a UID
solely for the purposes of your Client(s), the presumption is that your company is
considered a processor of that UID (unless your company shares or uses the same UID
across Clients in a manner that could make you a Controller, as provided in #2 below).
Companies leveraging the advertising IDs created by third-parties such as the mobile O/S
platforms have not “created” those UIDs and should look to the next set of criteria.12
A single UID may be tied to multiple separate sets of data processed by a single entity (eg.
behavioural data from a specific website processed on behalf of a particular Client, ad
serving data from publisher’s website used for service optimisation). In such cases, the
entity concerned may be considered both a controller and a processor of a UID forming part
of different data sets.
As an example, if your company creates a UID that is used or shared across Clients (and is
used solely for the purposes of your Clients) and that UID is synced with the UID of another
vendor as part of a transaction initiated by or on behalf of the Client, such syncing may be
considered part of the technical and organizational measures of processing. As a result,
such activity may be considered that of a processor.
10
The WG recognizes that there are many different digital advertising models which may find this guidance useful, including but not
limited to: ad servers, ad exchanges, SSPs, DSPs, DMPs, ad networks, attribution vendors, market research companies, data companies,
affiliate marketing companies and cross device vendors. Moreover, the WG group recognizes that each digital advertising company has
its own unique characteristics making it challenging to create guidance that perfectly fits all models. The guidance is intended to act as
a helpful tool for digital advertising companies to be used in conjunction with guidance and feedback from privacy counsel.
11
See generally, the EU Court of Justice opinion in Case C-210/16, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v
Wirtschaftsakademie Schleswig-Holstein GmbH at http://curia.europa.eu/juris/documents.jsf?num=C-210/16.
12
Mobile advertising companies that create and use their own UID (e.g., a fingerprint) in addition to the mobile advertising ID offered by
the mobile O/S companies are deemed to have created their own UID for the purposes of these criteria.
7. Working Paper 5 – Controller-Processor Criteria 7
2. UID Segregation
• Does your company silo its UIDs? In other words:
Does the UID referenced in paragraph 1 get shared or used across your company’s Clients
so that the same User ID is leveraged across one or more of those Clients,13
or:
Does each Client have their own UID for each user so that the same user might be UID123
for Client1 and UID456 for Client2?
Building on the above criteria, if your company creates a UID for its own purposes and/or
shares or uses the same UID across Clients and you are not contractually or technologically
restricted from using the UID for any purpose other than carrying out the instructions of a
Controller, the presumption is that your company is a Controller of that UID. As per the
Article 29 Working Party’s Opinion, determining the means in terms of technical and
organizational measures can, to an extent, be delegated to Processors as long as they do
not concern the essential elements of the means.14
If we consider the case of making use of the same UID across several clients, it could be the
case that a Controller has contractually delegated the technical and organizational means,
such as a ‘shared’ UID, to its processor, but at the same time provides specific instructions
on the purposes for which the UID can be processed for that Controller. However, it must
also be borne in mind that when the common UID could be considered an essential element
of the ‘means’ of processing, i.e. where the processing would not be possible with separate
UID’s per client, this may make the company using the ‘shared’ UID a controller.
3. Data Use
• Does your company insert or use an (additional) UID or co-mingle or otherwise combine
data across Clients, i.e. for ad serving optimization15
such as frequency capping across
multiple sites or apps? If YES, then you are likely to be considered a Controller of that data.
This working group has decided against compiling a comprehensive analysis of the
practices of the adtech marketplace. Instead, the members of the group agreed that
companies engaging in multi-site ad serving optimization across Clients are generally
considered controllers of that data. The working group opted to set the bar at ad serving
optimization and let each individual company determine how their use of data compares
to ad serving optimization after consultation with counsel.
13
Companies leveraging mobile advertising IDs are likely to be deemed as using that same UID across multiple clients.
14
Article 29 Working Party, WP169, 16/02/2010, p. 14.
15
In other words, if data is being co-mingled across clients even for ad serving optimization such as frequency capping, many EU
regulators have taken the position that this use case would indicate that the adtech company is a controller of that data.
8. Working Paper 5 – Controller-Processor Criteria 8
Accordingly, if your company: 1) creates or uses a UID for your own purposes, 2) uses the same UID
across Clients without restriction, and 3) uses the data associated with that UID across Clients for
ad serving optimization such as multi-site frequency capping, your company is likely to be
considered a controller. Any of the three criteria could cause a company to fall within the scope of
being a controller – but the concepts of controllers and processors are functional and will depend
on the circumstances. A given company may be a controller in relation to one set of data and a
processor in relation to another. In specific circumstances, the scopes of these separate data sets
can overlap to a certain extent. These criteria are meant as a guide to help indicate to which extent
a company in the online advertising ecosystem needs to consider their status.
9. IAB Europe’s GDPR Implementation Working Group brings together
leading experts from across the digital advertising industry to
discuss the European Union’s new data protection law, share best
practices, and agree on common interpretations and industry
positioning on the most important issues for the digital advertising
sector.
The GDPR Implementation Working Group is a member-driven
forum for discussion and thought leadership, its important
contribution to the digital advertising industry’s GDPR compliance
efforts is only possible thanks to the work and leadership of its
many participating members.
For more information please contact:
Townsend Feehan (feehan@iabeurope.eu)
CEO
IAB Europe
Matthias Matthiesen (matthiesen@iabeurope.eu)
Director, Privacy & Public Policy
IAB Europe
Chris Hartsuiker (hartsuiker@iabeurope.eu)
Manager, Privacy & Public Policy
IAB Europe
About the IAB Europe GDPR
Implementation Working Group