Outsource your Data Privacy Officer

By choosing a network of EU specialists, you will be adviced with the latest European regulation and local decision/law in mind. It is more than ever needed, without talking about GDPR Article 27 (EU local representative requirement).

What do we offer?

Depending of your organization complexity, we will adapt our services pack. If you want to be compliant with GDPR, you have to declare a local contact based in a EU country where you are mainly doing business with. Indeed, the control authorities want to talk with a representant reachable (same time zone) and speaking the local language. Furthermore, more than 50 items are country specific: the Social Security Number is considered as sensitive in France for instance. So you'd better use a local specialist team!

Multinational Corporation

We act on your behalf as the central point of contact of the local EU authority. As a DPO or your DPO assistant, we will serve as your relay in front of the local control authority and your employees.

US Company

As California Consumer Protection Act is slightly different with GDPR, you will need to adjust your documentation and user rights. We can assist you for doing that ponctually or on the long run.

Services On Demand

Audit, Training, PIA, DPO assistance, ISMS Setup/Assistance...

Latest News

Is California ready for CCPA 2.0?

The organization known as Californians for Consumer Privacy announced yesterday that it successfully secured enough signatures to qualify adding the California Privacy Rights Act (“CPRA”) to the state’s November 2020 ballot. The CPRA seeks to do the following:

  1. Sensitive Personal Information.  The law will add a new category of information known as “sensitive personal information” and provide new rights for California consumers, allowing them to stop businesses from using their sensitive personal information.
  2. Definitions.  The CPRA may further aim to clarify that sensitive personal information includes the person’s health, financial information, and geolocation data for collection of which there was no consent.
  3. Right of Correction.  The law will give Californians the right to ask businesses to make corrections of any personal information that is inaccurate.
  4. Data Breach Liability.  The law seeks to revise and clarify the CCPA as it relates to data breach liability.  Specifically, it states that any breaches in which a consumer’s email is compromised along with (1) their password or (2) a security question and answer—which would essentially provide hackers with unfettered access to the consumer’s account—can result in liability for the company.
  5. Children’s privacy.  The law seeks to enhance children’s’ privacy rights and to triple CCPA’s fines for collecting and selling private information of minors under 16 years of age.
  6. New Enforcement Arm.  The CPRA seeks to establish a new enforcement authority to help protect consumers’ rights, called “the California Privacy Protection Agency.”
  7. Increased Transparency.  With the help of this new agency and redefined legal requirements, the goal is to increase transparency and to give consumers greater control over their data.

Source: https://www.natlawreview.com/article/ccpa-20-announces-key-signature-threshold-ballot-initiative

The Swedish Data Protection Authority issues fine against the National Government Service Centre

The Swedish Data Protection Authority imposes an administrative fine of 200,000 Swedish kronor (approximately 18,700 euro) on the National Government Service Centre for failing to notify affected parties as well as the Data Protection Authority about a personal data breach in due time.

It is not so common that a public organization have to pay a fine. It is more symbolic than anything else as it is little money and will go from one pocket to another for the Swedish administration.