June 8, 2020

Data minimization is a principle of personal data processing under GDPR (Article 5(1)(c)). In M&A, the acquiror tends to send the target a very comprehensive list of data to be shared. As data protection compliance and awareness grows, these lists are becoming more nua...

June 8, 2020

All mergers and acquisitions - M&A - are prefaced by a due diligence process. In most cases, this starts with a discrete investigation, and grows into a major shopping list of documents to be shared. These are typically placed in a virtual data room (VDR), which is an...

June 8, 2020

Transparency is a data processing principle (GDPR Article 5(1)(a)), and the GDPR Chapter III obligations stem from that principle. Processing of personal data as part of M&A due diligence must be disclosed to the data subjects, and this can be done through a privacy po...

March 1, 2020

A. Vital Interest and massive personal data sharing

With the scary spread of COVID-19, data protection is not typically everyone’s number-one concern, and rightly so. However, this is a good opportunity to discuss the role of data protection in epidemiology and major...

June 11, 2019

DISCLAIMER: same as on other blog posts. This isn't legal advice. This isn't even advice...

Session replay data is information about how you browse on a given website. It could include scrolling, touching, mouse movements, clicks, and anything you type. This includes wh...

May 22, 2019

DISCLAIMER: same as on other blog posts. This isn't legal advice. This isn't even advice...

Prior to GDPR’s going into force in May 2018, English football powerhouse Manchester United asked its fans to opt-in to Man United continuing to hold their email addresses and...

May 13, 2019

Hedge funds and asset managers are constantly seeking Alpha, that is, an edge that enables them to beat the market. They have always looked for better information and especially for information that others don’t have. That gives Alpha. While many funds and managers tur...

February 21, 2019

Our organization runs and hosts various events. We take photos and use them for our marketing material. Do we need to get participants’ consent?

When considering the data protection ramifications of these photographs, there are three main issues to consider:

  1. Special...

August 21, 2018

So the infamous 'Right to be Forgotten' (RTBF), also called 'Right to Erasure'  is now law. It is commonly thought to be an innovation of GDPR, but in fact this has been the law in the EU since the Google Spain decision in 2014

What does it mean to delete ('erase') in...

May 31, 2018

Until recently, for most of us, cookies were something best enjoyed fresh out of the oven and with plenty of chocolate chips. However, with the commencement of GDPR this month and the race for compliance, you can’t visit the most basic website without being flashed wit...

Please reload

May 31, 2018

Please reload

Featured Posts

MYEDPO - EUROPEAN DATA PROTECTION OFFICER SERVICES

Data Protection and Privacy Policy and Notice

©2017-2020 MYEDPO LTD