Blog

picture

From CCPA to CPRA:

New Year, new consumers’ rights for Californian residents. With 1 January, 2023, the CPRA, sometimes also referred to as CCPA 2.0, entered into force. Main changes are related to privacy rights of Californian residents with the CPRA introducing new rights as well as amending rights already granted under CCPA.

Man called Andreas in a suit.
Women called Charlotte in a pantsuit.

Andreas Maetzler, Charlotte Mason

Europe and China Flag displayed on seperate shipping containers

Series on Implementing PIPL: (1) Cross-Border Data Transfers and Draft Standard Contract

Analysis of the recent guidance from the Cyberspace Administration of China (“CAC”) regarding cross-border transfers in particular China’s version of the Standard Contractual Clauses.

Man called Michael in a suit.
Women called Charlotte in a pantsuit.

Michael Schweiger, Charlotte Mason

UK DP reform.jpg

UK publishes proposals for new Data Protection Reform Bill

The UK Government has recently announced plans to reform UK data protection laws. Read this article for an update of what the reform plans contain and what the effect of the reform may be.

Women called Charlotte in a pantsuit.

Charlotte Mason

Illustration of the Turkish flag.

Turkish Data Protection Law (KVKK), VERBIS registration and what to do before December 31st, 2021!

Compliance with the Turkish data protection law (KVKK) is getting serious. 31 December 2021 is the deadline for the registration with the Data Controller Registry (VERBIS) and for the appointment of a representative in Turkey. From 2022 onwards the Turkish data protection authority may issue heavy fines for non-compliance.

Man called Andreas in a suit.
Man called Michael in a suit.

Andreas Maetzler, Michael Schweiger

Illustration of a camera on a concrete wall.

“The bad guys do not appoint Art. 27 representatives” but get fined!

Commentary on the Dutch Data Protection Authority imposing a fine of up to EUR 645,000.

Man called Andreas in a suit.
Women called Clara in a pantsuit.

Andreas Maetzler, Clara Sator

Illustration of a European map.

NIS Representation in the EU and UK – Is the March 31 deadline a turning point?

Digital service providers needed to appoint a Network and Information System representative by March 31, 2021, in the U.K. Read the following to find out if this obligation is relevant for you, what the background of it is, and what are the requirements in the EU and the UK.

Man called Andreas in a suit.

Andreas Maetzler

Illustration of a weathercock.

The Role of a Representative under EU and UK GDPR after Brexit

Up until the end of the transition period the obligation to appoint a representative for privacy related matters was applicable only for non-EU companies. From January 1st, 2021, this obligation became relevant for EU and UK companies as well. Read more about the legal obligation to appoint a privacy representative in the EU or the UK whether your company is located in the EU the UK or outside of Europe.

Man called Andreas in a suit.

Andreas Maetzler

illustration of the European and British flag In the context of Brexit.

Brexit and UK Privacy Representation

We put together information on the most burning questions when it comes to Brexit and UK Privacy Representation. To get the topic off your mind in an easy and hands-on way.

Man called Andreas in a suit.

Andreas Maetzler