The European Data Protection Board (“EDPB”) has published draft guidelines on the concepts of controller and processor in the GDPR (“Guidelines”). They replace the previous guidelines on the concepts of controllers and processors which the Art. 29 Working Party, i.e. basically the EDPB’s predecessor, had published in 2010. The Guidelines are open for public consultation until October 19, 2020, after which the final version will be issued.

This is the sixth in a series of guidance notes on what the “Schrems II” decision means for companies that rely on EU-U.S. Privacy Shield, controller-to-processor standard contractual clauses, SCCs for transfers to controllers, derogations/exceptions to transfer restrictions, and binding corporate rules, as well as what “Schrems II” means for Brexit and what companies can expect with the road ahead on these issues.

For four months we have been providing you with regular updates on all relevant legal developments regarding the Coronavirus disease in Germany. In the future you will be informed by our team about changes in specific topics. Please don’t hesitate to get in contact with our experts. The guide line…

From July 12, 2020 the Regulation (EU) 2019/1150 of the European Parliament and of the Council of June 20, 2019 on promoting fairness and transparency for business users of online intermediation services (P2B Regulation) will apply. It will have direct effect in EU member states. Providers of online intermediate services…

We will provide you with regular updates on all relevant legal developments regarding the Coronavirus disease in Germany. Please find on the link below our tenth edition of our guideline. Our team is ready to navigate you through these challenging times. Please don’t hesitate to get in contact with our…

We will provide you with regular updates on all relevant legal developments regarding the Coronavirus disease in Germany. Please find on the link below our eighth edition of our guideline. Our team is ready to navigate you through these challenging times. Please don’t hesitate to get in contact with our…

We will provide you with regular updates on all relevant legal developments regarding the Coronavirus disease in Germany. Please find on the link below our sixth edition of our guideline. Our team is ready to navigate you through these challenging times. Please don’t hesitate to get in contact with our…

In December 2019, the Directive on the protection of persons who report breaches of Union law (“Whistleblowing Directive”) entered into force. Member States are required to transpose the Whistleblowing Directive into national laws (“National Implementation Acts”) and to apply such National Implementation Acts as of 17 December 2021. The National…

EDPB – Guidelines on the Territorial Scope of the GDPR (Art. 3) and on Representatives (Art. 27) – Now adopted after public consultation The European Data Protection Board (“EDPB”) has published the adopted version of its guidelines on the territorial scope of the General Data Protection Regulation (“GDPR”). The guidelines…

In October 2019, the German Data Protection Authorities (“DPAs”) published guidelines on how they are going to determine the amount of a fine in case of a violation of the GDPR. The guidelines explain the concept applied by the German DPAs when determining an appropriate fine. According to the press…