In many companies, it is common for employees to use their own devices for professional purposes. This practice is called BYOD (Bring Your Own Device). But what happens if such a device puts the security of the infrastructure at risk and the employees’ private devices need to be examined in IT forensic? Is that allowed?… […]
Privacy Policy and Information Obligations
The Communication Act 2003 demanded even before the GDPR that website users have to be informed about the usage of personal data in a privacy policy. The GDPR demands in that data subjects have to be informed of the usage of their personal data when gathering it. demands that the data subjects have to be… […]
EU-US Privacy Shield
The EU-US Privacy Shield is an informal agreement in the data protection field that has been negotiated from 2015 until 2016 between the European Union and the United Nations of America. It consists of a number of confirmations of the US-American Federal Government and a resolution from the European Commission. The Commission has decided on July 12th, 2016… […]
Storage limit according to GDPR and storage requirement
According to the GDPR, personal data must be stored in a form that allows the identification of data subjects only for as long as is strictly necessary for processing purposes. At the same time, there is a lot of legislation that requires keeping the data for a long time. This limitation of storage is a… […]