Blog

Does the EU GDPR Apply to Your Business? What International Companies Need to Know

The EU General Data Protection Regulation (GDPR) is one of the most comprehensive data privacy laws in the world.

Beyond financial penalties, companies risk regulatory investigations, damage to their reputation, and even restrictions on operating in the EU. Any of these can be catastrophic — and so the need for compliance with the EU GDPR should be a high priority for all businesses that it applies to.

This article helps you understand whether the EU GDPR applies to your business and provides steps you can take to ensure compliance if it does.

DSA Timeline of Reporting Requirements

The first Transparency Reporting deadline under the DSA is on 16 April 2025. This DSA timeline explains what needs to be done when so that businesses can ensure compliance.

Data Privacy Day 2025: Strengthening Trust Through Privacy Excellence

Data Privacy Day, which is observed every year on 28 January, isn’t just another calendar event; it’s a rallying cry for organizations, individuals, and governments worldwide to prioritise data protection.

Whether you’re tackling data protection requirements under the GDPR, the CCPA, or any other privacy regulation, managing data subject requests navigating international data transfers, or you’re simply future-proofing your operations, strong privacy frameworks are no longer optional — they’re essential.

The EU Digital Services Act: Are you ready to meet your reporting obligations?

The Digital Services Act (DSA) applies to companies providing intermediary services which include mere conduit, caching, and hosting services as well as search engines. For hosting services, the DSA introduced the additional category of online platforms and of course special rules apply on VLOPs/VLOSEs. The obligations under the DSA increase depending on the type of business. This article explains more.

DSA Checklist: Information to be included in the Transparency Report under the Digital Services Act

Providers of all types of intermediary services are required to publish Transparency Reports at least once a year. However, this obligation differs greatly for the various types of intermediary services with the goal of applying proportionate obligations to their societal impact. Therefore, the reporting obligations follow a staggered approach of increasing scrutiny when moving up the ladder of the criticality of the business types.