Personal data protection in Europe
•
1 like•74 views
The document summarizes a presentation on personal data protection in the European Union. It includes an agenda for the presentation covering topics such as a brief history of data protection in Europe, a comparison of data protection laws in South Korea and Europe, GDPR basics for international startups, and processing and transferring personal data. It provides overviews of key aspects of the GDPR such as its territorial scope, definition of personal data, lawful bases for data collection, consent requirements, data processing and security obligations, and international data transfers. The presentation aims to educate attendees on personal data protection laws and compliance.
Report
Share
Report
Share
Recommended
How GDPR will change Personal Data Control and Affect Everyone
The proposed new EU data protection regime extends the scope of the EU data protection law to all foreign companies processing data of EU residents. It provides for a harmonisation of the data protection regulations throughout the EU, thereby making it easier for non-European companies to comply with these regulations; however, this comes at the cost of a strict data protection compliance regime with severe penalties of up to 4% of worldwide turnover.�
GDPR READY SOLUTION FOR UNSTRUCTURED DATA
Several companies may be well on the way to define how to handle GDPR compliance for structured data. But many companies still haven't come up with a good way to handle GDPR compliance for unstructured data..
This whitepaper provides the main information about unstructured data and the Xenit solution to manage documents under the regulation.
GDPR: A ticking time bomb is approaching - Another Millennium Bug or is this ...
This document discusses the General Data Protection Regulation (GDPR) which imposes new rules on organizations that offer goods and services to people in the European Union or collect and analyze EU resident data. It notes that more data has been created in recent years than the previous 5000 years of humanity. The GDPR enhances personal privacy rights, increases duty to protect data, and mandates breach reporting with significant penalties for noncompliance. Benefits of complying with the GDPR include improved business reputation and customer loyalty through greater data security, and more accurate data through customer validation.
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPRICCA (International Congress and Convention Association)
The document discusses data protection and the General Data Protection Regulation (GDPR) 150 days after its implementation. It provides an overview of GDPR including its key principles of lawfulness, fairness and transparency. It discusses how GDPR aims to protect individuals' personal data and provides examples of its impact and best practices for compliance, noting organizations should maintain momentum on compliance, refine internal processes, and monitor external regulatory developments. Speakers from MCI Benelux and Aventri shared their perspectives on GDPR 150 days after implementation.Do You Have a Roadmap for EU GDPR Compliance?
The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.
Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?
Join this webinar to learn:
• Case study and legal/regulatory impact to GDPR
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
Presenters : Ulf Mattsson, David Morris, Ian West. and Khizar Sheikh
Date & Time : Aug 17 2017 5:00 pm
Timezone : United States - New York
Privacy & Analytics: Yeti or Snow Fairy?
Presentation by Aurélie Pols at Superweek Hungary 2014. This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
EU General Data Protection Regulation - White Paper
This document discusses network printing risks and compliance with the upcoming EU General Data Protection Regulation (GDPR). It notes that the GDPR aims to harmonize data protection rules across the EU and introduces fines for non-compliance. Network printing poses several data protection risks including unencrypted transmission of personal data, unencrypted storage on servers/printers, and documents containing personal data being output to the wrong printer or accessed by unauthorized parties. The document recommends using ThinPrint's encryption solutions to secure printing processes and ensure compliance by eliminating these weaknesses without costly new hardware investments.
4th EDPD 2014 European Data Protection Days
This document provides information about the 4th European Data Protection Days conference taking place on 12-13 May 2014 in Berlin, Germany. The conference will address global privacy law developments and practical compliance issues. Over the two days, there will be best practice reports, panels on privacy laws in various countries, and discussions on the European data protection reform process and implementing a risk-based approach to privacy. The event aims to help participants expand their knowledge on dealing with privacy challenges that arise from operating globally.
Recommended
How GDPR will change Personal Data Control and Affect Everyone
The proposed new EU data protection regime extends the scope of the EU data protection law to all foreign companies processing data of EU residents. It provides for a harmonisation of the data protection regulations throughout the EU, thereby making it easier for non-European companies to comply with these regulations; however, this comes at the cost of a strict data protection compliance regime with severe penalties of up to 4% of worldwide turnover.�
GDPR READY SOLUTION FOR UNSTRUCTURED DATA
Several companies may be well on the way to define how to handle GDPR compliance for structured data. But many companies still haven't come up with a good way to handle GDPR compliance for unstructured data..
This whitepaper provides the main information about unstructured data and the Xenit solution to manage documents under the regulation.
GDPR: A ticking time bomb is approaching - Another Millennium Bug or is this ...
This document discusses the General Data Protection Regulation (GDPR) which imposes new rules on organizations that offer goods and services to people in the European Union or collect and analyze EU resident data. It notes that more data has been created in recent years than the previous 5000 years of humanity. The GDPR enhances personal privacy rights, increases duty to protect data, and mandates breach reporting with significant penalties for noncompliance. Benefits of complying with the GDPR include improved business reputation and customer loyalty through greater data security, and more accurate data through customer validation.
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPR
57th ICCA Congress | 12.11.2018 | Data Protection - 150 days after GDPRICCA (International Congress and Convention Association)
The document discusses data protection and the General Data Protection Regulation (GDPR) 150 days after its implementation. It provides an overview of GDPR including its key principles of lawfulness, fairness and transparency. It discusses how GDPR aims to protect individuals' personal data and provides examples of its impact and best practices for compliance, noting organizations should maintain momentum on compliance, refine internal processes, and monitor external regulatory developments. Speakers from MCI Benelux and Aventri shared their perspectives on GDPR 150 days after implementation.Do You Have a Roadmap for EU GDPR Compliance?
The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.
Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?
Join this webinar to learn:
• Case study and legal/regulatory impact to GDPR
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
Presenters : Ulf Mattsson, David Morris, Ian West. and Khizar Sheikh
Date & Time : Aug 17 2017 5:00 pm
Timezone : United States - New York
Privacy & Analytics: Yeti or Snow Fairy?
Presentation by Aurélie Pols at Superweek Hungary 2014. This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
EU General Data Protection Regulation - White Paper
This document discusses network printing risks and compliance with the upcoming EU General Data Protection Regulation (GDPR). It notes that the GDPR aims to harmonize data protection rules across the EU and introduces fines for non-compliance. Network printing poses several data protection risks including unencrypted transmission of personal data, unencrypted storage on servers/printers, and documents containing personal data being output to the wrong printer or accessed by unauthorized parties. The document recommends using ThinPrint's encryption solutions to secure printing processes and ensure compliance by eliminating these weaknesses without costly new hardware investments.
4th EDPD 2014 European Data Protection Days
This document provides information about the 4th European Data Protection Days conference taking place on 12-13 May 2014 in Berlin, Germany. The conference will address global privacy law developments and practical compliance issues. Over the two days, there will be best practice reports, panels on privacy laws in various countries, and discussions on the European data protection reform process and implementing a risk-based approach to privacy. The event aims to help participants expand their knowledge on dealing with privacy challenges that arise from operating globally.
Data Protection and Trade Policy: A Conceptual Framework to Assess Data Prote...
Data Protection and Trade Policy: A Conceptual Framework to Assess Data Prote...FSR Communications and Media
Presentation delivered during 9th Seminar on Media and the Digital Economy (21-22 March 2019, Florence).
http://fsr.eui.eu/event/annual-scientific-seminar-on-media-and-the-digital-economy-9th-edition/
Next generation data protection and security for oracle users - the block cha...
Title: Next Generation Data Protection and Security for Oracle users: the Block Chain Advantage
Summary: You will learn how Oracle blockchain can help securing PII (Personally Identifiable Information), PCI data and Healthcare data.
You will learn about compliance for PII, PCI and Healthcare data impact Oracle blockchain users.
You will learn if there is a material difference in the use of block chaining IoT data in different industries and the compliance and privacy implications for Oracle users.
Abstract: You will learn how blockchain is applicable to securing PII (Personally Identifiable Information), PCI data and Healthcare data in Oracle.
You will learn about compliance for PII, PCI and Healthcare data impact Oracle blockchain users.
You will learn if deleting the Oracle data encryption key would be GDPR compliant.
You will learn the pros and cons of utilizing Tokenization vs encryption for Oracle blockchain data.
You will learn if we are dealing with very sensitive PII data; would a private Oracle blockchain. be more secure, manageable and presents a much smaller attack surface.
You will learn if there is a material difference in the use of block chaining IoT solutions in different industries and if so what is the compliance and privacy implications for Oracle users.
You will learn how Oracle blockchain can minimize a ransomware attack.
You will learn how the Estonia country in Europe is the future model for utilizing blockchain to prevent nation state attacks on Oracle data.
You will learn how to be GDPR compliant managing some of the data outside of the Oracle block chain.
Presenter Biography: Ulf is the Head of Innovation at TokenEx, previously Chief Technology Officer at Atlantic BT, and earlier CTO at Compliance Engineering. Ulf was the CTO and a founder of Protegrity Technology. He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security.
Ulf is the inventor of more than 50 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention. One line of his research during the last 15 years is in the area of managing and enforcing security policies for databases, including joint projects with research and development teams at Oracle, IBM, Microsoft, Hewlett-Packard, Sybase, Informix, Teradata, and RSA.
Next generation data protection and security for oracle users - gdpr blockc...
Next Generation Data Protection and Security for Oracle users - the Block Chain Advantage. Positioning data security alternatives
How Enterprises Can Gain Data Privacy, and Build their Bottom Lines, By Compl...
Transcript of a sponsored discussion on Europe's new data-privacy regulation and how it can be turned to a competitive advantage.
Winning the Cybersecurity Battle
In ways yet to be seen, cybersecurity has already affected the “agency of the future.” Today, the world is interconnected like never before. As a nation, we must work collaboratively to ensure that cyber defense strategies are robust and effective to secure our way of life.
President Obama said during remarks at the White House, “the cyber threat is one of the most serious economic and national security challenges we face as a nation” and that “America’s economic prosperity in the 21st century will depend on cybersecurity.”
Throughout his tenure, President Obama has directed agencies to conduct a thorough analysis of the Federal Government’s efforts to protect data, information, communication and critical infrastructure. Often, we forget that every day Americans rely on cyber defense for our economic viability and security.
Cyber includes much more than just our personal identity and social security numbers. Every day, cyber defense is used to protect:
Broadband networks
Information networks that power business, hospitals and schools
Critical infrastructure
Classified government intelligence and documents
http://www.govloop.com/profiles/blogs/the-govloop-guide-winning-the-cybersecurity-battle
Ifc gdpr strat digit mai 2021
This document provides an agenda for a presentation on GDPR and digital strategy. It includes an introduction of the presenter, Jacques Folon, and his background and publications on privacy. The agenda covers the basic principles of GDPR, questions from attendees, and how GDPR relates to digital strategy. Specific topics that will be discussed include the purpose and requirements of GDPR, how it applies in Belgium, practical implementation steps, important points like privacy by design, and exercises. The presentation aims to help attendees understand GDPR and provide reassurance that being non-compliant is not too late to address.
ZyLAB ACEDS Webinar- GDPR
The document discusses requirements and challenges around complying with the General Data Protection Regulation (GDPR). It provides an overview of GDPR, how it will apply, relevant technology for compliance including redaction and pseudonymization, and 5 use cases where GDPR intersects with eDiscovery. Text mining technology can help identify personal data for redaction or anonymization to ensure data can be safely transferred. Pseudonymization is encouraged under GDPR to protect personal data.
Data protection
Ø Data protection principles set out the main responsibilities for organizations handling personal data, including processing data fairly and lawfully, only collecting data needed for the purpose, keeping data accurate, not storing it longer than needed, securing the data, and being accountable.
Ø Organizations must have a lawful basis to process personal data and do so in a transparent way by providing privacy notices. They can only use data for the specified purpose, not indefinitely or for new unspecified purposes. They must also minimize the data collected, keep it accurate, securely delete unneeded data, and keep records demonstrating compliance.
GDPR - Applift firstscreen june 2016
1. The GDPR significantly changes data protection requirements for companies doing business in the EU and increases obligations for advertisers and networks/publishers who can now be jointly liable. It comes into effect in May 2018 with fines up to 4% of global revenue.
2. Under the GDPR, personal data is more broadly defined and users have more rights around consent, access, and removal of their data. Requirements around ad profiling and tracking remain unclear as guidance is still pending.
3. Companies should map their data flows, review consents and policies, and engage regulators to understand impacts on their business from the GDPR. Industry alignment with the FTC is also discussed.
EY Human Capital Conference 2012: Global HR - Data privacy and global mobility
This presentation explores the management of international transfer of data: complex rules/selection of a transfer strategy and existing tools. The security of personal data is critical and subject to public scrutiny: this presentation looks at examples of data breaches/best practices. Plus how to anticipate the new EU data protection framework requirements.
INFOMAGAZINE 8 by REAL security
The article discusses the importance of data identification as the first step in achieving GDPR compliance. It states that organizations should begin by describing their personal data through definitions, algorithms, and sampling from existing records. They should then conduct a data discovery process to inventory all locations where personal data is stored, including scattered files and databases. Identifying personal data locations will help organizations respond to individual data requests and deletions as required by GDPR. The data identification process sets organizations on the path to implementing the remaining GDPR requirements by the May 2018 deadline.
Privacy
Americans are highly concerned about the privacy and security of their personal data, with 58% reporting they are very concerned. This level of concern is greater than for issues like gun violence and climate change. The rollout of 5G is expected to increase privacy and security concerns further. People feel stuck and overwhelmed trying to manage their data privacy, and they are conflicted - expressing concern but not taking many proactive steps. Existing regulations to protect privacy are not reassuring to most people, as the majority are unaware of laws like GDPR and CCPA. Customers continue doing business with companies after data breaches, despite feeling resigned that further breaches will occur.
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
This is Aurélie Pols presentation at Strata London Conference last 11-13 November.
It is in English and starts by revisiting the common best practices related to digital analytics in order to measure digital asset’s effectiveness to increase conversion, common data feeds between tools and possibly data flows between continents for analysis.
These practices are then put in parallel with legal requirements, showing which steps need to be undertaken to assure legal compliance of said practices, how digital responsibles should be trained in data protection matters and what contracts are needed with both data providers & collectors so as to assure minimal liability for these routinely undertaken tasks.
This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
Digital analytics & privacy: it's not the end of the world
This document discusses digital analytics and privacy. It begins by noting expectations around a lack of new privacy legislation. It then discusses privacy as a human right and how public opinion around privacy is changing. It notes concerns around democracy being in danger since the passage of laws like the Patriot Act. The document is authored by Aurélie Pols and discusses bridging analytics and data protection in Europe under upcoming regulations. It stresses the importance of a risk-based approach, identifying intersections between professionals, and developing a privacy culture.
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
This presentation starts by revisiting the common best practices related to digital analytics in order to measure digital asset’s effectiveness to increase conversion, common data feeds between tools and possibly data flows between continents for analysis.
These practices are then put in parallel with legal requirements, showing which steps need to be undertaken to assure legal compliance of said practices, how digital responsibles should be trained in data protection matters and what contracts are needed with both data providers & collectors so as to assure minimal liability for these routinely undertaken tasks.
This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
Data_Privacy_Protection_brochure_UK
This document discusses data privacy and protection. It provides insights from internal and external experts on this topic. It addresses issues like how new European guidelines will affect information managers and what IT teams need to know about data retention. Specific topics covered include the safe harbour ruling between European and US data privacy laws, defining personal data and retention policies, and how new data privacy laws impact records managers and what IT needs to know.
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The European Union’s proposed General Data Protection Regulation (GDPR) has left even the most informed confused. This new regulation is designed to update the current legislation which was drafted in a time that was in technology terms, prehistoric.
The Data Protection Directive, drafted back in 1995, harks back to a time when data processing was more about filing
cabinets than data rack enclosures. It’s time to evolve.
5 key steps for SMBs for reaching GDPR Compliance
In this GDPR Compliance presentation, you can learn more about the key steps to take for GDPR Compliance, including:
- What are data management processes and how to identify them at small and medium sized businesses
- What is personal data under the GDPR and how to establish a record of processing activities to map personal data
- How does encryption help with safeguarding personal data and ensuring GDPR compliance
- What your business should do to get ready for the new General Data Protection regulation on time
Smart Data Module 5 d drive_legislation
The document provides an overview of ethics, legislation, and privacy issues related to big data. It discusses the necessity of regulating big data and the differences between privacy and data protection. It also provides details on the General Data Protection Regulation (GDPR), including its goals, requirements for companies, and individual rights it aims to protect.
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?
Description : The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.
Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?
Webcast URL : https://www.brighttalk.com/webcast/14723/259741
Introduction to GDPR for Startups
This document summarizes statistics and perspectives on compliance with the General Data Protection Regulation (GDPR) from companies and regulators. Around 60% of companies do not fully understand their data and lifecycles, and over 40% incorporate privacy by design. Most companies use consent for processing but do not obtain separate consent for different operations. Regulators in some countries report lacking funds or power to fully enforce GDPR. The broad scope and significant penalties of GDPR mean companies now view data as both an asset and liability requiring new processes for collection, use, storage and deletion to manage risks of non-compliance.
Scaling to New Markets
Presentation for Russian startups as a mentor at the PWC Russia Accelerator program powered by Yellow Rockets. Talked about main aspects of horizontal growth: the right timing, preparation, issues investors pay attention to.
More Related Content
Similar to Personal data protection in Europe
Data Protection and Trade Policy: A Conceptual Framework to Assess Data Prote...
Data Protection and Trade Policy: A Conceptual Framework to Assess Data Prote...FSR Communications and Media
Presentation delivered during 9th Seminar on Media and the Digital Economy (21-22 March 2019, Florence).
http://fsr.eui.eu/event/annual-scientific-seminar-on-media-and-the-digital-economy-9th-edition/
Next generation data protection and security for oracle users - the block cha...
Title: Next Generation Data Protection and Security for Oracle users: the Block Chain Advantage
Summary: You will learn how Oracle blockchain can help securing PII (Personally Identifiable Information), PCI data and Healthcare data.
You will learn about compliance for PII, PCI and Healthcare data impact Oracle blockchain users.
You will learn if there is a material difference in the use of block chaining IoT data in different industries and the compliance and privacy implications for Oracle users.
Abstract: You will learn how blockchain is applicable to securing PII (Personally Identifiable Information), PCI data and Healthcare data in Oracle.
You will learn about compliance for PII, PCI and Healthcare data impact Oracle blockchain users.
You will learn if deleting the Oracle data encryption key would be GDPR compliant.
You will learn the pros and cons of utilizing Tokenization vs encryption for Oracle blockchain data.
You will learn if we are dealing with very sensitive PII data; would a private Oracle blockchain. be more secure, manageable and presents a much smaller attack surface.
You will learn if there is a material difference in the use of block chaining IoT solutions in different industries and if so what is the compliance and privacy implications for Oracle users.
You will learn how Oracle blockchain can minimize a ransomware attack.
You will learn how the Estonia country in Europe is the future model for utilizing blockchain to prevent nation state attacks on Oracle data.
You will learn how to be GDPR compliant managing some of the data outside of the Oracle block chain.
Presenter Biography: Ulf is the Head of Innovation at TokenEx, previously Chief Technology Officer at Atlantic BT, and earlier CTO at Compliance Engineering. Ulf was the CTO and a founder of Protegrity Technology. He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security.
Ulf is the inventor of more than 50 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention. One line of his research during the last 15 years is in the area of managing and enforcing security policies for databases, including joint projects with research and development teams at Oracle, IBM, Microsoft, Hewlett-Packard, Sybase, Informix, Teradata, and RSA.
Next generation data protection and security for oracle users - gdpr blockc...
Next Generation Data Protection and Security for Oracle users - the Block Chain Advantage. Positioning data security alternatives
How Enterprises Can Gain Data Privacy, and Build their Bottom Lines, By Compl...
Transcript of a sponsored discussion on Europe's new data-privacy regulation and how it can be turned to a competitive advantage.
Winning the Cybersecurity Battle
In ways yet to be seen, cybersecurity has already affected the “agency of the future.” Today, the world is interconnected like never before. As a nation, we must work collaboratively to ensure that cyber defense strategies are robust and effective to secure our way of life.
President Obama said during remarks at the White House, “the cyber threat is one of the most serious economic and national security challenges we face as a nation” and that “America’s economic prosperity in the 21st century will depend on cybersecurity.”
Throughout his tenure, President Obama has directed agencies to conduct a thorough analysis of the Federal Government’s efforts to protect data, information, communication and critical infrastructure. Often, we forget that every day Americans rely on cyber defense for our economic viability and security.
Cyber includes much more than just our personal identity and social security numbers. Every day, cyber defense is used to protect:
Broadband networks
Information networks that power business, hospitals and schools
Critical infrastructure
Classified government intelligence and documents
http://www.govloop.com/profiles/blogs/the-govloop-guide-winning-the-cybersecurity-battle
Ifc gdpr strat digit mai 2021
This document provides an agenda for a presentation on GDPR and digital strategy. It includes an introduction of the presenter, Jacques Folon, and his background and publications on privacy. The agenda covers the basic principles of GDPR, questions from attendees, and how GDPR relates to digital strategy. Specific topics that will be discussed include the purpose and requirements of GDPR, how it applies in Belgium, practical implementation steps, important points like privacy by design, and exercises. The presentation aims to help attendees understand GDPR and provide reassurance that being non-compliant is not too late to address.
ZyLAB ACEDS Webinar- GDPR
The document discusses requirements and challenges around complying with the General Data Protection Regulation (GDPR). It provides an overview of GDPR, how it will apply, relevant technology for compliance including redaction and pseudonymization, and 5 use cases where GDPR intersects with eDiscovery. Text mining technology can help identify personal data for redaction or anonymization to ensure data can be safely transferred. Pseudonymization is encouraged under GDPR to protect personal data.
Data protection
Ø Data protection principles set out the main responsibilities for organizations handling personal data, including processing data fairly and lawfully, only collecting data needed for the purpose, keeping data accurate, not storing it longer than needed, securing the data, and being accountable.
Ø Organizations must have a lawful basis to process personal data and do so in a transparent way by providing privacy notices. They can only use data for the specified purpose, not indefinitely or for new unspecified purposes. They must also minimize the data collected, keep it accurate, securely delete unneeded data, and keep records demonstrating compliance.
GDPR - Applift firstscreen june 2016
1. The GDPR significantly changes data protection requirements for companies doing business in the EU and increases obligations for advertisers and networks/publishers who can now be jointly liable. It comes into effect in May 2018 with fines up to 4% of global revenue.
2. Under the GDPR, personal data is more broadly defined and users have more rights around consent, access, and removal of their data. Requirements around ad profiling and tracking remain unclear as guidance is still pending.
3. Companies should map their data flows, review consents and policies, and engage regulators to understand impacts on their business from the GDPR. Industry alignment with the FTC is also discussed.
EY Human Capital Conference 2012: Global HR - Data privacy and global mobility
This presentation explores the management of international transfer of data: complex rules/selection of a transfer strategy and existing tools. The security of personal data is critical and subject to public scrutiny: this presentation looks at examples of data breaches/best practices. Plus how to anticipate the new EU data protection framework requirements.
INFOMAGAZINE 8 by REAL security
The article discusses the importance of data identification as the first step in achieving GDPR compliance. It states that organizations should begin by describing their personal data through definitions, algorithms, and sampling from existing records. They should then conduct a data discovery process to inventory all locations where personal data is stored, including scattered files and databases. Identifying personal data locations will help organizations respond to individual data requests and deletions as required by GDPR. The data identification process sets organizations on the path to implementing the remaining GDPR requirements by the May 2018 deadline.
Privacy
Americans are highly concerned about the privacy and security of their personal data, with 58% reporting they are very concerned. This level of concern is greater than for issues like gun violence and climate change. The rollout of 5G is expected to increase privacy and security concerns further. People feel stuck and overwhelmed trying to manage their data privacy, and they are conflicted - expressing concern but not taking many proactive steps. Existing regulations to protect privacy are not reassuring to most people, as the majority are unaware of laws like GDPR and CCPA. Customers continue doing business with companies after data breaches, despite feeling resigned that further breaches will occur.
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
This is Aurélie Pols presentation at Strata London Conference last 11-13 November.
It is in English and starts by revisiting the common best practices related to digital analytics in order to measure digital asset’s effectiveness to increase conversion, common data feeds between tools and possibly data flows between continents for analysis.
These practices are then put in parallel with legal requirements, showing which steps need to be undertaken to assure legal compliance of said practices, how digital responsibles should be trained in data protection matters and what contracts are needed with both data providers & collectors so as to assure minimal liability for these routinely undertaken tasks.
This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
Digital analytics & privacy: it's not the end of the world
This document discusses digital analytics and privacy. It begins by noting expectations around a lack of new privacy legislation. It then discusses privacy as a human right and how public opinion around privacy is changing. It notes concerns around democracy being in danger since the passage of laws like the Patriot Act. The document is authored by Aurélie Pols and discusses bridging analytics and data protection in Europe under upcoming regulations. It stresses the importance of a risk-based approach, identifying intersections between professionals, and developing a privacy culture.
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
This presentation starts by revisiting the common best practices related to digital analytics in order to measure digital asset’s effectiveness to increase conversion, common data feeds between tools and possibly data flows between continents for analysis.
These practices are then put in parallel with legal requirements, showing which steps need to be undertaken to assure legal compliance of said practices, how digital responsibles should be trained in data protection matters and what contracts are needed with both data providers & collectors so as to assure minimal liability for these routinely undertaken tasks.
This presentation is NOT about security and goes beyond the over-blown cookie debate in order to highlight how the upcoming EU Personal Data Protection Regulation will influence digital analytics to hopefully start embracing Privacy by Design ways of working.
Data_Privacy_Protection_brochure_UK
This document discusses data privacy and protection. It provides insights from internal and external experts on this topic. It addresses issues like how new European guidelines will affect information managers and what IT teams need to know about data retention. Specific topics covered include the safe harbour ruling between European and US data privacy laws, defining personal data and retention policies, and how new data privacy laws impact records managers and what IT needs to know.
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The European Union’s proposed General Data Protection Regulation (GDPR) has left even the most informed confused. This new regulation is designed to update the current legislation which was drafted in a time that was in technology terms, prehistoric.
The Data Protection Directive, drafted back in 1995, harks back to a time when data processing was more about filing
cabinets than data rack enclosures. It’s time to evolve.
5 key steps for SMBs for reaching GDPR Compliance
In this GDPR Compliance presentation, you can learn more about the key steps to take for GDPR Compliance, including:
- What are data management processes and how to identify them at small and medium sized businesses
- What is personal data under the GDPR and how to establish a record of processing activities to map personal data
- How does encryption help with safeguarding personal data and ensuring GDPR compliance
- What your business should do to get ready for the new General Data Protection regulation on time
Smart Data Module 5 d drive_legislation
The document provides an overview of ethics, legislation, and privacy issues related to big data. It discusses the necessity of regulating big data and the differences between privacy and data protection. It also provides details on the General Data Protection Regulation (GDPR), including its goals, requirements for companies, and individual rights it aims to protect.
Do You Have a Roadmap for EU GDPR Compliance?
Do You Have a Roadmap for EU GDPR Compliance?
Description : The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.
Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?
Webcast URL : https://www.brighttalk.com/webcast/14723/259741
Similar to Personal data protection in Europe (20)
Data Protection and Trade Policy: A Conceptual Framework to Assess Data Prote...
Data Protection and Trade Policy: A Conceptual Framework to Assess Data Prote...
Next generation data protection and security for oracle users - the block cha...
Next generation data protection and security for oracle users - the block cha...
Next generation data protection and security for oracle users - gdpr blockc...
Next generation data protection and security for oracle users - gdpr blockc...
How Enterprises Can Gain Data Privacy, and Build their Bottom Lines, By Compl...
How Enterprises Can Gain Data Privacy, and Build their Bottom Lines, By Compl...
EY Human Capital Conference 2012: Global HR - Data privacy and global mobility
EY Human Capital Conference 2012: Global HR - Data privacy and global mobility
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
Aurélie Pols en Strata Conference: Digital analytics & privacy - it’s not the...
Digital analytics & privacy: it's not the end of the world
Digital analytics & privacy: it's not the end of the world
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
Is Big Data killing Privacy? Nop, it's inducing a paradigm shift
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
More from Dr. Mira Suleimenova, CIPPe
Introduction to GDPR for Startups
This document summarizes statistics and perspectives on compliance with the General Data Protection Regulation (GDPR) from companies and regulators. Around 60% of companies do not fully understand their data and lifecycles, and over 40% incorporate privacy by design. Most companies use consent for processing but do not obtain separate consent for different operations. Regulators in some countries report lacking funds or power to fully enforce GDPR. The broad scope and significant penalties of GDPR mean companies now view data as both an asset and liability requiring new processes for collection, use, storage and deletion to manage risks of non-compliance.
Scaling to New Markets
Presentation for Russian startups as a mentor at the PWC Russia Accelerator program powered by Yellow Rockets. Talked about main aspects of horizontal growth: the right timing, preparation, issues investors pay attention to.
New rules of the game: privacy conscious world
The document discusses the changing landscape around privacy regulations and consumer expectations. It notes that 91% of adults feel they have lost control over how companies collect and use personal information. It argues that trustworthiness is now a key factor in driving business success. Finally, it outlines three new rules for organizations: 1) responsible use of personal data, 2) maintaining user trust, and 3) building new products with privacy in mind from the start. Organizations that follow these principles of being privacy conscious will be the winners moving forward.
European GDPR for Good Technology Collective (GTC)
Presentation for a meeting organised by GTC on ethics and legal deliberations behind the European data protection law.
User Perspective: Right to be forgotten
This document provides an overview of the right to be forgotten (RTBF) under the General Data Protection Regulation (GDPR) from a user perspective. It discusses the key aspects of an RTBF claim, including that it requires a written request, erasure of personal data must be done for free and without undue delay, and certain legal exemptions apply. Steps for exercising RTBF rights with Facebook and Google are outlined. The document concludes by advising users to first request deletion from the app developer and delete the app only after receiving confirmation, in order to fully remove their data.
EU General Data Protection Regulation
This document summarizes key aspects of the EU General Data Protection Regulation (GDPR) which takes effect on May 25, 2018. It notes the global reach of the law, expanded definitions of personal data, increased individual rights, and roles and responsibilities of data controllers and processors. Statistics are presented on European companies' readiness, including that only 34% of EU websites and 67% of German websites are compliant. The document outlines actions required to comply with individual rights requests, security breach notifications, regulatory audits, and includes a checklist for compliance steps.
Privacy by Design: legal perspective
Privacy by Design and GDPR require implementing appropriate technical and organizational measures to protect personal data throughout the entire data lifecycle. This includes designing and operating systems to only collect and process the minimum amount of personal data needed (data minimization), as well as ensuring security safeguards are built-in by default and ongoing (Privacy by Design). The GDPR also gives certain rights to data subjects over their personal data, such as rights to access, rectify, and delete data. Implementing Privacy by Design is considered a best practice when complying with GDPR requirements as it takes a proactive rather than reactive approach to data protection.
More from Dr. Mira Suleimenova, CIPPe (7)
European GDPR for Good Technology Collective (GTC)
European GDPR for Good Technology Collective (GTC)
Recently uploaded
Pushing the limits of ePRTC: 100ns holdover for 100 days
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
20240605 QFM017 Machine Intelligence Reading List May 2024
Everything I found interesting about machines behaving intelligently during May 2024
GridMate - End to end testing is a critical piece to ensure quality and avoid...
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
By Design, not by Accident - Agile Venture Bolzano 2024
As presented at the Agile Venture Bolzano, 4.06.2024
Mind map of terminologies used in context of Generative AI
Mind map of common terms used in context of Generative AI.
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Climate Impact of Software Testing at Nordic Testing Days
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Full-RAG: A modern architecture for hyper-personalization
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentationsみなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
ここ3000字までしか入らないけどタイトルの方がたくさん文字入ると思います。
Epistemic Interaction - tuning interfaces to provide information for AI support
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Communications Mining Series - Zero to Hero - Session 1
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Recently uploaded (20)
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
Personal data protection in Europe
- 1. PERSONAL DATA PROTECTION IN THE EUROPEAN UNION 17 SEPTEMBER 2018 BETAHAUS X & KIC EUROPE DR. MIRA SULEIMENOVA, LL.M.
- 2. AGENDA FOR TODAY 15:00 - 15:15 15:15 - 15:30 15:50 - 16:00 16:00 - 16:40 16:40 - 17:00 15:30 - 15:50 Introduction A Brief History of Data Protection in Europe Data Protection in South Korea (PIPA) vs Situation in Europe (GDPR) Coffee Break GDPR Basics for International Startups Q&A
- 3. A BRIEF HISTORY OF DATA PROTECTION IN EUROPE Source: Ernst-Oliver Wilhelm A Brief History of the General Data Protection Regulation via iapp.org
- 4. Key info for GDPR became BINDING on 25 May 2018 concerns ALL EU citizens and residents PERSONAL DATA means any information relating to an individual, whether it relates to his or her private, professional or public life Territorial scope: GLOBAL
- 5. Data Protection in South Korea
- 6. Data Protection in South Korea developed IT infrastructure || heavy use of SNSs || technology-literate population South Korea is the most innovative country in the world according to Bloomberg Innovation Index 2011 Personal Data Protection Act (PIPA) is among strictest world wide Breach of Data Protection Laws can result in administrative fines as well as in criminal penalties, up to imprisonment
- 7. PIPA vs GDPR
- 8. PIPA vs GDPR
- 9. PIPA vs GDPR
- 10. PIPA vs GDPR
- 11. BREAK
- 12. personal data flows Co.LLC ONLINE OFFINE corporate customers retail customers corp. customers employees online users personal contact fairs networking website email social media Co.LLC's employees
- 13. personal data flows Co.LLC ONLINE OFFINE corporate customers retail customers corp. customers employees online users personal contact fairs networking website email social media Co.LLC's employees Korea Korea + EU EU Korean [+ EU] citizens
- 14. Bases for collection of personal data c o n s e n t c o n t r a c t l e g a l o b l i g a t i o n v i t a l o r p u b l i c i n t e r e s t s l e g i t i m a t e i n t e r e s t
- 15. Consent I n f o r m e d : w h o , w h y , h o w U n a m b i g u o u s : c l e a r l a n g u a g e F r e e l y g i v e n : n o t r a d e o f f s O b v i o u s : d o n ' t h i d e i t G r a n u l a r : s e n s i t i v e d a t a , d i r e c t m a r k e t i n g , e t c . R e q u i r e a p o s i t i v e a c t i o n : o p t - i n
- 17. Processing internal safeguards external safeguards crisis response Privacy policy Clauses on data protection in 3rd- party contracts (affiliates, partners, subcontractors) make sure to have: establish:make sure that: Data is minimised Processing is documented Security is strong Mechanisms to notify 3rd parties of changes in data processing are in place Mechanisms to access, rectify, delete data Procedures to detect, report & investigate a data breach
- 18. International Data Transfers Co.LLC ONLINE OFFINE corporate customers retail customers corp. customers employees online users personal contact fairs networking website email social media Co.LLC's employees Korea Korea + EU EU Korean [+ EU] citizens
- 19. Q & A
- 20. Thank you Dr. Mira Suleimenova, LL.M. medium.com/@miranova www.linkedin.com/in/mirasuleimenova mira.suleimenova@gmail.com