Author Archives: laura.marretta

About laura.marretta

Avv. Laura Marretta Dopo aver conseguito la Maturità Classica presso l’Istituto Marcelline di Milano e la Laurea in Giurisprudenza presso l’Univeristà Cattolica del Sacro Cuore diventa Avvocato del Foro di Milano ed è Partner dello Studio Legale Internazionale Romolotti Marretta dal 2006. Svolge la propria attività professionale con particolare riferimento ai settori della Privacy e Data Security, Tutela del Segreto Industriale, Diritto della Moda, Energy, e Sistemi di Organizzazione Aziendale (normative UNI CEI ed ISO) nonché in ambito di Certificazioni e Marcatura CE. Svolge il ruolo di DPO presso enti associativi di rilevanza nazionale nonché per conto di società del settore industriale e dei servizi. E’ relatrice presso corsi e convegni sul territorio nazionale, con specifico riferimento ai settori della privacy e della video security. Collabora in pubblicazioni nazionali ed internazionali (www.romolottimarretta.com/pubblicazioni.html) tra le quali numerose edizioni annuali di Doing Business edito dalla World Bank Maturità Classica at Istituto Marcelline of Milan, Graduated in Law at Univeristà Cattolica del Sacro Cuore, Attorney at Law of the Milan Bar, is a Partner of Romolotti Marretta International Law Firm since 2006. Her professional activity is focused on Privacy and Data Security, Trade Secret Protection, Fashion Law, Energy Law, Enterprise Organization (UNI CEI and ISO standards), Certification and CE mark. She is DPO in associations at national level and companies of the industrial and services areas. Speaker at seminars and conferences with specific reference to privacy and videosecurity law, she is a contributor in national and international publications, included several editions of Doing Business edited by World Bank (www.romolottimarretta.com/lang2/publications.html)

Dpo certification scheme: Spain arrives first!!

AEDP is the first in EU to issue with ENAC a Dpo certification scheme
As below:

https://www.agpd.es/portalwebAGPD/index-ides-idphp.php
https://www.agpd.es/portalwebAGPD/revista_prensa/revista_prensa/2017/notas_prensa/news/2017_07_13-ides-idphp.php
https://www.agpd.es/portalwebAGPD/temas/reglamento/common/pdf/Certificacion/ESQUEMA_AEPD_DPD_PUBLICO_1.0.pdf

Monitoring of approved codes of conduct

Let us assume for a moment that we have a perfect code of conduct, the best that you could ever write, already approved, recorded and released by the supervisory authority, and so – at this point – you should only “hope” that itwill be adopted by users for which it was drawn. Here, we imagine… Read More »

Guidelines DPIA … for whom / for what ??

On 4.4.2017 the WP has adopted the “Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679” the question is  why, for whom and for what. The answer is inside the document and is not a secondary matter because if… Read More »

Ethically GDPR

On last 15 March, during the three-days Clusit Security Summit, has been held in a full room of Atahotel Expo Fiera Rho-Pero, a meeting entitled “Practically GDPR” presented and moderated by Dr. Vallega in the formula of the “round table” with speakers – in addition to the president of Clusit – from companies representative of… Read More »

DPO: the responses of the Privacy Authority to frequently asked questions

  Here come the answers of the Privacy Aythority to frequently asked questions asked about the DPO (ex art. 37 Reg UE 2016/679) Below the link in both Italian and English http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5930300 http://ec.europa.eu/information_society/newsroom/image/document/2016-51/wp243_annex_en_40856.pdf   Please find here below the answer n. 10 that in my opinion integrates and responds to the discussion that followed the… Read More »

When the “right to be forgotten” is an opportunity

Few days ago at the  Polytechnic of Milan, in the Aula Magna Carassa – Dadda, Campus Bovisa attended by nearly 450 people, it has been held an extremely interesting conference. During the event emerged – even if incidentally – a short debate on the “right to be forgotten” and its usefulness / viability  (here for… Read More »

Phishing: news from “Italian Data Protection Authority” in an schedule

In mid December the Italian Data Protection Authority (hereafter IDPA) in the framework of information items aimed to the raise of awareness in the privacy, edited a new schedule about phishing Phishing is a form of scam made on the Internet through deception of users, and is an unlawful technique used to steal confidential information… Read More »