Category Archives: Legal framework

101 … but not only!

Before the Legislative Decree 101/2018 (the official text can be found at the following address: http://www.gazzettaufficiale.it/eli/id/2018/09/04/18G00129/sg.) capture us totally, I report herebelow the extremes of two recent and relevant judgments published during the summer, and concerning to areas of particular interest for those working daily with Data Protection – that is, the scope of marketing… Read More »

The butcher and privacy

In the past few days, a picture circulating around showed a poster in a butcher shop that said: In our butchery, we could sometimes ask your name and remember your tastes in terms of meat. If this annoys you, please enter shouting: “I deny my consent”. From now on, we’ll pretend not to know you.… Read More »

Record of the processing activities: semplification for SME

At the AssoDPO Congress, Luigi Montuori (Authority’s office), talking about the most recent WP29’s activities, cited a recent “position paper” on the exemption from the Records of processing activities. I remind that article 30(5) states: “The obligations referred to in paragraphs 1 and 2 shall not apply to an enterprise or an organisation employing fewer… Read More »

Some news from the website of Italian Data Protection Authority

In these last days, the privacy Italian Data Protection Authority’s website has published some important news visible at the following links http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/8036793 http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7322292 http://194.242.234.211/documents/10160/0/Guida+all+applicazione+del+Regolamento+UE+2016+679.pdf It is about: 1)      New Faq on the DPO 2)      Model of data communication of the DPO ex article 37 paraf. 7 GDPR 3)      Guide to the application of EU Regulation… Read More »

DATA RETENTION POLICY

One of the most discussed topics in conferences and workshops is the proper management of personal data retention periods. Tha fact that this topic generates such an interest is actually an anomaly. In fact, the GDPR doesn’t introduce any innovation (except for sanctions) to the current privacy legislation, which rules at article 11 that data… Read More »

Right to oblivion and indexing of non-EU websites: the position of Persona Data Protection Authoriy.

Google privacy saga concerning right to obivion continues with the measure of Italian Persona Data Protection Authority n. 557 dated December 21st, 2017 concerning the remova of certain Url from the list of European and non-European results of the widely-known search engine. It is very interesting the fact that the data subject is an Italian… Read More »

PRIVACY LAWS

My job allows me to attend many diverse workshops and events on GDPR. My overall impression is that most of the attendees have never really read a privacy legislation text, whether it’s the current legislation or the GDPR. This state of things is quite detrimental because the questions asked are often absolutely irrelevant (for instance,… Read More »