Signatu introduces for its members "GDPR Privacy Policy Guide".This Guide provides a general introduction to how controllers (website and app owners) can meet GDPR requirements with regard to which information (content) and how information (quality, understandability and accessibility) must be provided to data subjects (end users) by controllers with regard to GDPR Art 13 and 14.This guide has the following table of contents:GDPR Privacy Policy GuideWhat to do?Privacy Policy Content: Is Article 13 or 14 information provided?Privacy Policy Content: Must information be linked?Privacy Policy Cont ..read more

The first guide has the following table of contents:Trackerdetect Legal GuideDuty to discover TrackersDuty to have a Tracker policyDuty to classify site owner and TrackerDuty when Tracker is “processor”Duty when site owner is joint controller with TrackerDuty to have legal basisDuty when Consent is the proper legal basisDuty when Legitimate Interest is the proper legal basisDuty when site visitors’ personal data are transferred outside the EUDuty to have a Processing Record with Tracker detailsDuty to risk assess TrackersDuty to include Tracker details in Privacy PolicyDuty to include Tracker ..read more

The first guide has the following table of contents:GDPR Consent: Legal GuideWhat to do?Upcoming GuidesGDPR attitudeDefinitionModalitiesPower dynamics“CONSENT-OMETER”Consent Request: Is information specific?Consent Request: Is specific information linked?Consent Request: Is specific purpose separate?Consent Request: Is a single specific purpose limited?Consent Request: Is information understandable?Consent Request: Is information accessible?Consent Dialogue: Clearly distinguishable from other information?Consent Dialogue: Consent actions provided?Consent Dialogue: Must object actions be provid ..read more

The first guide has the following table of contents:GDPR Consent: Legal GuideWhat to do?Upcoming GuidesGDPR attitudeDefinitionModalitiesPower dynamics“CONSENT-OMETER”Consent Request: Is information specific?Consent Request: Is specific information linked?Consent Request: Is specific purpose separate?Consent Request: Is a single specific purpose limited?Consent Request: Is information understandable?Consent Request: Is information accessible?Consent Dialogue: Clearly distinguishable from other information?Consent Dialogue: Consent actions provided?Consent Dialogue: Must object actions be provid ..read more

This blogpost will deal with Technology for ePrivacy requirements.Let´s start with the Planet 49 case and the issue of cookie consent and what the Advocate General says:Watch this space for more ..read more

How to meet legal obligations when site owners have 3rd parties on their sites?Until recently, many site owners believed that 3rd parties on websites count as data processors only, which, if correct, would trigger legal obligations regarding data processors only. A recent GA Opinion (Fashion ID Case) says that when a 3rd party embedded on a website receives site visitors' personal data (e.g. IP address, browser string), that 3rd party acts as a controller the site owner is towards its site visitors responsible for informing about the 3rd party requesting consent for using the 3rd party before ..read more