Use of employee images and video

It generally creates a lot of confusion as to whether it is permissible to use images and videos of employees on the website, on the intranet and in marketing campaigns. We highlight the rules here. The employer's website As an employer, you can easily publish the employee's name, work areas and contact information. The basis for processing in these cases will be the data protection regulation's article 6, subsection 1, letter f (for [...]

Your child's use of social media is restricted as well as three other changes to the Data Protection Act

The Data Protection Act is proposed to be amended on four points effective from 1 January 2024: Children and social media The background of the bill: On 29 June 2022, the then government set up an expert group on tech giants, which aims to support the government's work in dealing with issues, which is connected to the tech-giant agenda in a national and international perspective. The expert group recommends […]

GDPR – Data Protection for Small Businesses

How does GDPR compliance differ for large and small businesses?   Datatilsynet has just launched a "GDPR universe for small businesses" - but what really is the difference between whether you are a large or small business when it comes to complying with the rules in GDPR. The guide generally consists of 7 points: GDPR universe for small businesses (datatilsynet.dk) [...]

Google Analytics – illegal! What now?

Datatilsynet is now following in the footsteps of other regulatory authorities and declaring the use of Google Analytics virtually illegal in terms of GDPR compliance. It has stirred up the past week, and it can be difficult to find out what to do, including what options there are to continue with GA, [...]

NIS2: We have mapped the requirements to the relevant standards

This post is written for the practitioners out there who already now little by little want to get an overview of what NIS2 actually means when NIS2 is expected to be finally adopted this year, as well as what needs to be done in order to get a method in the task solution. As you know, the most important requirements for the units [...]

Lightning analysis: Datatilsynet enforces its cloud guidance

Datatilsynet issued a cloud guide in Danish and English in March this year. It was not only about transfer to the USA/unsafe third countries, although one would think so from what was subsequently focused on among the wise minds. For example, it was also about knowing your final processor (where is your data?), that [...]

Comment: Icelandic ban on cloud in the USA

In a new decision, the Icelandic Data Protection Authority has ruled that a school in Reykjavík may not use a US cloud provider: “[..] all processing in the Seesaw educational system should be seized and students' data deleted after being retrieved, if applicable, to be stored within each school. ” The order comes on top of all the controversy over shipments to the US […]

Drop the scare campaign: IT security only works with common sense

Summary When you need to establish information and cyber security, you must start by assessing how much security you need and how expensive it will be to achieve in relation to your maturity. For work, you can be inspired by a well-known standard (ISO270XX, NIST SP 800-XXX, CIS18 or similar). First to […]

Schrems II: You still probably don't have to do anything yet

Most organizations (public + private) transfer personal data outside the EU. This is not least typically the case if they use services from Microsoft. But it can also easily be done through other, smaller cloud tools. Unexpectedly, decisions have begun to emerge around the EU that actually take Schrems II seriously by imposing […]

Se Datatilsynets supervision questions and see if you can pass the test

"UNITAS has taken up simulated answering of the questions towards some existing customers, and can conclude that with that the customers work with UNITAS has done, it enables them to correspond practically to a 12-figure throughout. ” UNITAS have requested insight into Datatilsynets (DT) questioning framework that is used against […]

Contact Unitas – your partner in security and compliance

Unitas provides reliable advice in compliance, IT and information security. With a pragmatic approach, we help companies in regulated industries manage security and operational responsibility effectively. Contact us to discuss how we can help you.

Form for contact page

NIS 2 implementation calculates

We throw ourselves around with knowledge...

Order your free material here and receive it in a few minutes in your inbox. To be safe, check your SPAM folder if necessary.

Get material ordered on the website sent

Wanna join? Sign up Unitas' newsletter

Registration form for newsletter

UNITAS vulnerability scanning