This tool enables the management of an entity’s processing operations in the following aspects: management of the Records of Processing Activities, generation of the Inventory of Processing Operations and the minimum bases for initiating risk analysis and management activities within the scope of the GDPR.
The document provides a detailed analysis of the “consent-or-pay” model, highlighting the connection between granting consent for data processing and the necessity of paying for services.
Irish DPA has developed the Fundamentals for a Child-Oriented Approach to Data Processing to enhance data protection standards for children using online and offline services, introducing principles and measures to mitigate risks and guide organizations in upholding GDPR obligations.
Data protection authority of Guernsey had published a Consent guidance.
This report attempts to contextualise the main design principles regarding protection of personal data and demonstrate how to engineer personal data protection through two use cases of an envisioned EU data space in the pharmaceutical domain.
Guidelines explain the legal requirements applicable to transfers of personal data by EU authorities to third countries and international organisations.
EDPB has published guidelines on the technical scope of Article 5(3) of the ePrivacy Directive.
The report emphasizes the usefulness of algorithms but also highlights the risks they pose, such as discrimination, unfair outcomes, deception, and lack of transparency.
The DPC’s case studies provides real-life examples of compliance with GDPR and data protection laws in Ireland.