Timelex
Leading law firm
Menu

Blog

Cybersec 3

Who do I need to notify, what are my legal obligations?

01/12/2019
Cybersecurity Series

When a cybersecurity incident occurs, the notification obligations resting on a company are generally multi-fold and weighty. Often, a company will have to comply with several legal and contractual incident reporting obligations at the same time and will be obliged to notify the same incident to several authorities and/or third parties. 

Cybersecurity Seminar

Cybersecurity Online Seminar

01/12/2019
Cybersecurity Series

Check out our free online seminar here on Belgium's Cybersecurity Act.

deutsche-wohnen

German real estate company fined 14.5 million EUR for storing all personal data of tenants indefinitely in an archive system

11/11/2019
Privacy & data protection

On 30 October 2019, the Berlin Data Protection Authority (DPA) issued a big fine of 14.5 million EUR against Deutsche Wohnen SE. It is the biggest fine imposed by a German DPA so far.

gdpr-brexit

Do I have to take into account the GDPR after Brexit?

17/10/2019
Brexit

Yes, but there will be a difference between a deal scenario and a no-deal scenario. The difference between the two scenarios will be explained below.

processing-activities-brexit

How to identify whether your processing activities are impacted by Brexit?

17/10/2019
Brexit

In order to identify whether and how Brexit will impact processing activities in your company, there are several questions that should be asked.

brexit-3

Which personal data transfer mechanisms can you use?

17/10/2019
Brexit

In case of a no-deal Brexit, the UK will become a third country within the meaning of the GDPR. This would mean that, as of the withdrawal date, any transfer of personal data to the UK would have to be based on one of the transfer mechanisms listed in Chapter V of the GDPR.

implement-data-transfer-mechanism

How to implement a personal data transfer mechanism?

17/10/2019
Brexit

Even if the UK does not provide an adequate level of protection of personal data as required by the GDPR, a transfer of personal data to the UK will still be possible if you choose and implement one of the available personal data transfer mechanisms.

update-privacy-policy

How to update your privacy policy and internal documents?

17/10/2019
Brexit

The changes that you may have to make following Brexit will need to be reflected in your privacy policy/information notice towards data subjects, and in your internal policies and your GDPR-related documents.

which-supervisory

Which supervisory authority is competent after Brexit?

17/10/2019
Brexit

Brexit may have an impact on which supervisory data protection authority is competent for one or more of your data processing activities. After Brexit this will depend on whether you perform cross-border processing, and where you are established.

Stay up to date

Timelex newsletter. On signup you agree to our privacy policy.

follow timelex