GDPR Implementation

EU Standard Contractual Clauses (SCCs) Deadline is Looming

November 28, 2022 By Wim Nauwelaerts and Paul Greaves

Companies relying on the SCCs as a data transfer tool have less than a month to update their existing contracts (if they haven’t done so already). WHAT HAPPENED? The EU General Data Protection Regulation (GDPR) allows companies that want to transfer personal data protected by the GDPR to third countries outside the EU/EEA to do […]

EDPB Emphasizes Joint Controllership between Social Media Providers and ‘Targeters’ in Draft Guidance

September 10, 2020 By Paul Greaves

On September 7, 2020, the European Data Protection Board (‘EDPB’) published its draft guidelines on targeting of social media users (the ‘Guidelines’). The EDPB is accepting feedback from stakeholders on the Guidelines until October 19, 2020. The Guidelines not only provide guidance on the obligations of social media providers (‘Providers’) under the EU General Data […]

Wim Nauwelaerts Authors Summary of EDPB’s Guidelines of the GDPR

January 9, 2020 By Privacy, Cyber & Data Strategy Team

Wim Nauwelaerts, Brussels partner and leader of the firm’s EU Privacy and Data Protection practice, has authored a summary of the European Data Protection Board’s (EDPB) guidelines on the territorial scope of the GDPR. On November 12, 2019, the EDPB adopted the final version of its guidelines – almost one year after they had been […]

German DPA Announces GDPR Compliance Survey of Large Companies – Translation Provided

July 2, 2018 By Daniel Felz

Following a two-year grace period, EU General Data Protection Regulation (GDPR) entered into force on May 25, 2018. For many companies, preparing for the GDPR was a multi-year project involving multiple teams and input or assistance from across the organization. On this blog, we have outlined the items we have seen as particularly time- or […]

GDPR Fragmentation May Appear More Significant than Intended

June 26, 2018 By Privacy, Cyber & Data Strategy Team

With the entry into application of the GDPR on May 25, 2018, the EU Member States were expected to have adopted national legislation implementing the regulation. To date, however, only 30% of Member States have effectively passed legislation, which still leaves the legal landscape to be precarious. The GDPR allows for deviations and specifications in […]