GDPR: Over and out? Or not?
We promised not to leave you out in the cold after 25 May 2018, and we want to keep that promise. Our GDPR Countdowns helped you in the run-up to that important date, and they will remain available on our website as the “GDPR toolkit”. Furthermore, we’ll make sure that you stay up to date and keep a finger on the pulse via this Privacy Talk. You’ll be able to find best practices, recommendations and decisions from the data protection authorities ... And a special point of attention is of course the e-privacy regulation. It will be worth following this important legislative initiative through the Privacy Talk.
What you need to know.
Before 25 May 2018, you probably mapped out the personal data of your employees, customers and suppliers. So you undoubtedly included the various processing activities for which you need these people’s data in your record of processing activities, provided them with a privacy notice and so on. But have you also thought about the personal data of your shareholders and directors? And what about your accounting?
What you need to do.
Companies mustn’t overlook the fact that they also collect and use personal data in the context of e.g. their corporate housekeeping. Articles of association, minutes, proxy forms and the like are generally a source of personal data. The same applies to documents that are used in the accounting context. So make sure that no processing activities slipped through the net during the "data mapping" exercise (see GDPR toolkit 02). You should go through the different points of our toolkit for these processing activities as well. Maybe do a quick check to be sure that this point is under control?
Please consult our website or contact one of our team members if you have questions or require more information:
In the Picture - July 2021
Forum selection and choice of law clauses: they’re not just boilerplates...