When is there an obligation to appoint an EU representative under the GDPR?
Representative of controllers or processors not established in the Union. There is a difference between a "contact point" and an EU representative. Pursuant to Article 3(2) of the GDPR, the geographical scope of application of the GDPR also extends to [...]
‚Right to erasure‘ – an overview
In principle, the Controller must delete personal data, i.e. irrespective of a request from the data subject, when the personal data are no longer necessary for the purposes for which they were collected or otherwise processed. Where a data subject [...]
Privacy & Marketing
Targeted advertising is more interesting for both the company and the advertising recipient. However, advertising targeted at the addressee also raises data protection issues, and a tension arises between address-related marketing and data protection. The General Data Protection Regulation (GDPR), [...]
GDPR – Prohibition law with constituent elements of permissibility
As under the Federal Data Protection (BDSG) act old version, the principle of "prohibition subject to permission" applies. This means any form of data processing is prohibited - unless a legal basis legitimises the data processing or the data subject [...]