Privacy & data protection

EU Data Controller Processor

International companies headquartered outside the EU but established in several European Member States are facing the question how to determine their main establishment in the Union.

The extraterritorial scope of the GDPR

On 23 November 2018 the European Data Protection Board (EDPB) published its ‘Guidelines on the territorial scope of the GDPR’.

Atomium

The official final DPIA list of the Belgian Data Protection Authority has been published in the Belgian Official Journal on 22 March 2019 and has entered into force on 1 April 2019.

Amazon Kindle

If you place an order on the Amazon e-commerce platform, you will not receive a fax number prior to ordering and the phone number is difficult to access. According to a German consumer organisation, this is in breach of the information obligations under German consumer legislation

social media apps

Journalists are, to a certain extent, exempted from the application of the GDPR. Should everybody who publishes messages on Facebook, tweets on twitter, photos on Instagram or videos on YouTube, be qualified as “a journalist”?

Logo EC

Timelex proudly assisted the European Commission with its assessment leading to the EU adequacy decision for Japan. The decision has a huge commercial impact for European and Japanese companies.

data breach

Organizations may incur very high fines for failure to comply with the obligation to report data breaches. Therefore, make sure that your organization is well prepared for a possible personal data breach.

Logo CNIL

The French supervisory authority has imposed a fine of no less than € 50 million on Google for infringing the GDPR. What should companies remember from this CNIL decision?

Data processing

The (Belgian) Data Protection Authority (DPA) recently published an opinion on the concepts of data controller and data processor.