Data Privacy Blog
Artificial Intelligence Act adopted
On 13 March 2024, the proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules for artificial intelligence and amending certain Union legislative acts (hereinafter: The Artificial Intelligence Act or the EU AI Act) was...
The Hungarian Competition Authority (GVH) issued a statement following its proceedings against Viber, which we will summarise below:
The Hungarian Competition Authority (GVH) has corrected the behaviour of yet another global technology company with a complex package of measures that is in line with the latest data protection requirements.
Guidelines on personal data breach notification under GDPR
In this article, we would like to introduce Guidelines 9/2022 on personal data breach notification under GDPR, which was adopted 28 March 2023.
DPO series of articles, final part: Tasks of the Data Protection Officer
In this article, we would like to describe the tasks of the Data Protection Officer or DPO under the GDPR and practical issues related to them. Furthermore, we will briefly discuss the legal relationships that are not regulated by the GDPR but may occur in the course of everyday work within the scope of the DPO’s activities i.e. in the specific tasks of the DPO.
Determination of the data protection fine – Part 3
In the third and final part of this series of articles, we present Guidelines 04/2022 of the European Data Protection Board (hereinafter: EDPB), from Chapter 4 to Chapter 8.
DPO article series, part 4: The Legal Status of the data protection officer
In this article, we would like to present the most important parts of the status and duties of the Data Protection Officers (DPOs), mainly focusing on the DPOs participation in decisions, the provision of resources, the independence, the liability and possible sanctions, the obligation of confidentiality and finally, the conflict of interest.
DPO article series, Part 3: Who can be a data protection officer?
Defining the DPO and summarising the expectations of the position is a complex process that requires careful consideration by data controllers. In addition to the assessment of professional qualifications, the choice of the nature of the relationship is a key consideration. In this article, the characteristics of the internal and external DPO positions are compared, and specific contractual arrangements are discussed in relation to the latter
Major NAIH decisions on data protection in 2021
This year the National Authority for Data Protection and Freedom of Information (hereinafter: NAIH, or the Authority) celebrates the 10th anniversary of its establishment and has published its 2021 Activity Report. In this article, we briefly review the 9 major data protection cases covered by the Authority in the report and summarise the key lessons and our observations.
DPO article series, Part 2: Appointment of the Data Protection Officer
This article examines when it is mandatory to appoint a DPO, how to deal with an optionally appointed DPO, and what the options are if several organisations wish to appoint a DPO.
DPO article series, Part 1: Regulation regarding data protection officers and the importance of the position
In order to explain the legal framework for the position of DPO and the practicalities for data controllers, we are launching a series of articles analyzing the relevant issues in detail. In the first article, we will look at the importance and historical background of the position of data protection officer.