Guides | activeMind.legal

External and internal publishing of employee data

Klaus Foitzick 13 December 2020

Under what circumstances are employers entitled to share data of employees with other colleagues or the public, if at all? Two concise examples.

EDPB recommendations for third country data transfers

Klaus Foitzick 9 December 2020

What do companies have to pay attention to when exporting personal data to a third country? A summary and analysis of the EDPB’s recommendations!

Transfer to third countries according to Art. 49 GDPR

Klaus Foitzick 2 December 2020

The derogation in the GDPR allows data to be transferred to third countries without data protection guarantees. The question is under what conditions these exceptions apply.

CJEU ruling on data retention

Klaus Foitzick 12 October 2020

Mass data retention can only be made mandatory by EU Member States if public security is threatened. What are the consequences for companies in the communication sector?

GDPR-compliant data processing on behalf of a controller

Klaus Foitzick 27 August 2020

If a service provider processes personal data on behalf of a controller both sides have to comply with several obligations of the GDPR. Above all, they must conclude a contract defining the rights and obligations of all involved.

Data transfers between the EU and third states after the EU-U.S. Privacy Shield

Klaus Foitzick 19 August 2020

The CJEU invalidation of the EU-U.S. Privacy Shield posed a number of questions for companies and organisations transferring data to the U.S. or third countries, to which the EDPB provides answers in a recently published statement.

EDPB Guidelines on consent under the GDPR

Klaus Foitzick 27 July 2020

The requirements a consent solution has to meet to be GDPR-compliant, the new but expected opinion of the EDPB, and a practical checklist for website owners.

Information that must be provided under the GDPR

Klaus Foitzick 23 July 2020

Data subjects must be informed before their personal data is processed. But how do controllers best fulfill these information requirements? What must the respective information contain? A practical guide.

CJEU strikes down EU-U.S. Privacy Shield while SCCs remain valid

Klaus Foitzick 17 July 2020

What the verdict means for European companies, which alternatives are available and why it does not only affect data transfers to the U.S.

Data breach or data theft: What you have to do immediately according to GDPR

Martin Röleke 10 July 2020

Handling your company’s data breach quickly, carefully and legally

Group Data Protection

AI Compliance

Whistleblower System

Our Experts

Guides and Articles

Munich

Berlin

Services

Resources

About

Group

Contact us!

Secure the knowledge of our experts!