Drafting a GDPR-compliant data processing agreement (DPA) should be dead simple. After all, GDPR Art. 28 provides a specific roadmap of what to include. Yet DPAs – which are required under the GDPR whenever a processor is processing personal data on behalf of a controller – can sometimes be the tail that wags the dog … Read More » about Top Five Pain Points in Data Processing Agreements
In the last couple of years, there’s been a flurry of activity around standard contractual clauses (clauses permitting the transfer of personal data to countries that haven’t been determined to provide an “adequate” level of protection). Just to recap: A lot to keep track of! If you’re behind the curve, don’t worry – you have … Read More » about Developments and Deadlines under the Standard Contractual Clauses
If you’ve been in the privacy business for long enough, you may recall when the Safe Harbor Framework permitted the free flow of personal data between the EU and the United States. Those halcyon days lasted from 2009 until 2015. In 2015, the Court of Justice of the European Union (CJEU) invalidated the Safe Harbor … Read More » about A “New” Privacy Shield?