Auteur: Cécile van der Heijden

  • Long story short: deletion can also be a personal data breach

    A hacker accessing personal data or an employee leaving a confidential list with patient data in its shopping cart are very obvious examples of personal data breaches under the GDPR. However, less obtrusive examples of personal data breaches may fly under the radar due to companies not recognizing them as personal data breaches. Last week, […]

  • To (privacy) shield or not to shield.

    The EU and US have entered into a preliminary political deal about a new transatlantic data transfer agreement between them, necessary due to the invalidation of the Safe Harbor agreement and Privacy Shield. The legal text for the so-called ‘Trans-Atlantic Data Privacy Framework’ is yet to be published, but Max Schrems (instigator of the Schrems […]

  • New standard contractual clauses – new roads or old ways?

    On June 4th 2021, the European Commission published the final working documents of the new standard contractual clauses (SCC). Since then, the new SCC have been published in the official journal of the European Union. Since the Schrems II decision of the European Court of Justice set stringent criteria for the use of the existing […]