FRANCE: NEW GUIDANCE FOR DATA RETENTION

On 4 September 2020
CNIL, Data Protection, DATA RETENTION, France, GDPR, health data, Privacy, standards

By Denise Lebeau-Marianna – Partner and Yaël Hirsch – Senior Associate The French Supervisory Authority (the “CNIL”) has issued new updated guidelines on data retention during the month of July (the “CNIL’s Guidelines”)[1]. They provide more practical guidance and update the CNIL previous Recommendations dated 11 October 2005 on the conditions of archiving personal data[2]. […]

On 27 August 2020

The Brazilian Senate, in the voting of MP 959/20 decided on 26 August 2020, to reject the article of the MP that provided for the extension of the enforceability of the Brazilian General Data Protection Law (LGPD). Based on this decision, the LGPD will be in force within 15 business days (after the approval or […]

On 27 August 2020

The Commissioner for Data Protection and Freedom of Information for the German State of Baden-Württemberg (Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg – “LfDI BW”) recently published guidance for international transfers of personal data in the post-Schrems II era. Background The Court of Justice of the European Union (“CJEU”) not only invalidated the EU-U.S. Privacy Shield […]

On 12 August 2020
CNIL, Data Protection, Data Security, France, GDPR, sanctions

On 28 July 2020, the French Supervisory Authority (the “CNIL”) sanctioned the online shoes retail company, SPARTOO SAS, by a €250,000 fine and an injunction to comply with GDPR within 3 months under penalty for various non-compliances with the GDPR of the personal data processing related to clients, prospects and employees[1]. I. Factual background and […]

On 7 August 2020
Data Protection

Thailand’s Personal Data Protection Act (“PDPA“) is in the process of being updated, and full implementation and compliance are expected by 1 June 2021. This comes by way of the Notification of the Ministry of Digital Economy and Society Re: Personal Data Security Standards B.E. 2563 (2020) (“Notification“) which was recently released by the Thai […]

On 3 August 2020
personal information

The Japanese Diet has recently approved a bill to amend the APPI. This is expected to result in a strengthening of rights for data subjects while making data breach notifications mandatory and increasing penalties for noncompliance. Is your business ready for these upcoming changes? Overview of the Amendment On 5 June 2020, the Japanese […]

On 29 July 2020

Until recently, most decisions of the Belgian Data Protection Authority (Belgian DPA) concerned national companies or individuals. However, on 14 July 2020, the Belgian DPA imposed a fine of EUR600,000 on Google Belgium SA/NV (Google Belgium) for not respecting a Belgian resident’s right to be forgotten. This is the highest fine ever imposed by the […]

On 27 July 2020

On 23 July, the European Data Protection Board issued a set of Frequently Asked Questions with regard to the Schrems II decision of the Court of Justice of the European Union. More information on the Schrems II decision can be found in our Privacy Matters blogpost of 16 July 2020. The main takeaways from these […]

Page 1 of 5612 3 ›»

About this site

Categories

Key publications

Brazil – Enforceability of the LGPD

Germany: Schrems II: And now? First German supervisory authority provides guidance on data transfers

Thailand: Personal Data Protection Act (PDPA) Amendments on the way: What does this mean for your company?

Japan: Protection of Personal Information (APPI) Act to be Amended: Is your Business Ready?

Belgium: Belgian DPA imposes a EUR600,000 fine, its highest fine ever, on Google Belgium for non-compliance with right to be forgotten

Europe: EDPB issues FAQs on Schrems II – No Grace Period for Privacy Shield Transfers; Case-by-Case Assessments Required to Continue with SCCs