Timelex
Leading law firm
Menu

Privacy & data protection

deutsche-wohnen

German real estate company fined 14.5 million EUR for storing all personal data of tenants indefinitely in an archive system

11/11/2019

On 30 October 2019, the Berlin Data Protection Authority (DPA) issued a big fine of 14.5 million EUR against Deutsche Wohnen SE. It is the biggest fine imposed by a German DPA so far.

checkbox cookies

CJEU rules: pre-ticked checkboxes do not constitute valid cookie consent

01/10/2019

Does your cookie pop-up still rely upon a pre-checked consent tick box for installing cookies? Then you are no longer in compliance with the ePrivacy Directive, nor Directive 95/46/EC or the General Data Protection Regulation.

facebook like

Joint controller whether you Like it or not...

27/09/2019

Do you use one of the Facebook plugins, such as the ‘Like’ button, to anticipate your website visits? Then you might be a joint controller with Facebook. This follows from a recent judgment of the European Court of Justice (‘CJEU’) in the Fashion ID judgment (C-40/17).

archief

€ 200.000 GDPR fine: the importance of retention periods under the GDPR

08/08/2019

The Danish supervisory authority proposes to impose a fine of DKK 1.5 million (approximately € 200,000) on a Danish furniture manufacturer (IDDesign) for failing to comply with the obligations regarding the retention periods of personal data.

facebook

The Schrems saga continues – international transfers

25/07/2019

On the 9th of July, the hearing of the so-called Schrems 2.0 case took place before the Grand Chamber of the European Court of Justice (“CJEU”).

CyberSec4EU

CyberSec4EU organises panel on the proposed NCCC regulation

16/07/2019

On Thursday the 4th of July 2019, Cyber Security for Europe (CyberSec4EU) hosted a panel on the Proposal for a Regulation establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres, the NCCC regulation.

British Airways

GDPR fine British Airways: hacked company double victim?

11/07/2019

The British Supervisory Authority, the British Information Commissioner's Office (ICO), announced its intention to impose a GDPR fine of £183 million (equivalent to €243.47 million) on British Airways.

paris

The CNIL and the online marketing and web profiling sector – an update

03/07/2019

The French data protection authority (the CNIL) has announced that it will soon communicate to data controllers a clarification of the legal obligations in terms of obtaining consent for cookies, as well as all for all other tracking devices and techniques.

1 year GDPR

One year GDPR: an overview of enforcement, warnings and fines

19/06/2019

About a year ago, on 25 May 2018, the General Data Protection Regulation (GDPR) became applicable. Today, one year later, we draw up a balance sheet of the enforcement actions taken by the supervisory authorities across the EU.

Stay up to date

Follow Timelex

Subscribe to Privacy & data protection