Can't find what you're looking for? Try the search bar!
Amusing settlement decision by the Belgian DPA published yesterday: 500 EUR & 250 EUR respectively, plus adaptations to policies and procedures, so that when people book a table in a given restaurant by phone their data isn’t included automatically in a third-party table booking system and then used to send commercial e-mails. The lesson? If […]
7 points after giving another in-depth presentation to global businesses on the path to NIS2 compliance (with a flavour of DORA and GDPR): (i) Having a broad enough team (“multidisciplinary” / “multi-stakeholder” / however you wish to call it) is not easy for many organisations, irrespective of their size (this is nothing new, but it […]
Practical checklist: good practices for vendor/supplier risk management inspired by GDPR, NIS2, Data Governance Act and DORA. The underlying question: what good practices do these EU laws highlight and transform into legal obligations in certain cases, and how can we combine them? This checklist is *not* a comprehensive list of best practices, but it should […]