Schrems II judgment - is it over with personal data outside the EU?
We all have to make rubber figures My youngest daughter came home from kindergarten one day and showed me a brownish figure she had made at school. The figure was a bit uninteresting as it stood on the kitchen table, but you clap as you should as a father. What the elementary school says is always right and I should not […]
Microsoft (sub-) data processors - do you have control over them?
In continuation of Unitas'blog post about the supervision of data processors, we can inform you that it is now possible to subscribe to the list of Microsoft (sub-) data processors. Microsoft must first be praised for cutting back SELECTIVELY on the number of their (sub-) data processors back in September 2019. Now the list is much clearer. But what if […]
Do you screen or supervise your IT service provider?
With the many rules that apply today, it makes very good sense to conduct a screening of both current and new IT vendors. Imagine that you need a new provider of an administrative system for your business. What parameters do you choose according to today? 3. Price You have a good reputation I have used […]
Time for immersion - COVID-19
As a knowledge worker, you are probably used to working from home from time to time. But probably not all days of the week. Here after a week, you have probably - like us - found out that it requires something of us that we may not be used to to the same extent. But for many, it gives […]
A bit of insight request and an easy 1-2-3 guide
The number of reports of breaches of the GDPR is steadily rising. We can now state that more than 5.000 reports in DK have taken place in the first year. If we look at 2018 alone, there were 3.100 reports. Far below the 15.400 in the Netherlands, but still a lot. How do you actually handle a request for insight? Those who now have […]
Does Facebook have a responsibility for your illegal marketing?
For consideration: When sending targeted advertisements through Facebook, you must comply with section 3 of the Marketing Act (traders must demonstrate good marketing practice, taking into account consumers, traders and the public interest). That's what the Consumer Ombudsman says. If you still violate the rules, then Facebook must make you aware of it in accordance with the data protection rules? This may be the consequence of the following regulatory conditions […]
BREXIT - How to make it simple
Brexit means Brexit. And out they came. Finally. So now we dare to write a little about what Brexit means in relation to the data protection rules. The agreement between the EU and the United Kingdom / UK states that 2020 is a transitional period in which EU rules will continue to apply in the UK. Thus see Articles 126 - 127: Article 126: There is […]
KL vs. Datatilsynet: The tasks must be collected - and do not use consent as a basis
The match ended in a draw: Understandable frustrations were met by good answers. In addition to students not having to be cut out of pictures when they change schools, we were clarified once again that consent is always the worst possible legal basis. Use something else - anything else, just use something else. For example, the exercise of authority. Public authorities should simply […]
Datatilsynets New Standard Contractual Clauses: What's New? And what should you pay attention to?
UNITAS answers the most common questions here Datatilsynets standard contract provisions as well as highlighting a number of changes. The Standard Contractual Clauses replace the Data Processor Agreement Template The Standard Contractual Clauses are a revised version of Datatilsynets data processor agreement template and is hereinafter referred to as the Provisions. Overall, it must be agreed that the Provisions are made mandatory in their full extent if you want to achieve increased security [...]