GDPR at the End of 2020

When it comes to processing personal data, 2020 was quite an eventful year. The effort to reduce the spread of COVID-19 had a direct impact on businesses in all industries. The implementation of emergency measures to ensure the health and safety of employees and contractors has led to a massive increase of collecting and processing […]

The European Data Protection Board launches a series of recommendations following the CJEU’s decision C-311/18 (Schrems II)

EDPB (European Data Protection Board) brings new light upon the recent decision of the CJEU (The Court of Justice of the European Union), named C-311/18 Schrems II (after the Austrian activist Max Schrems), which clarifies the transfer of personal data to third countries and continues to validate the standard contractual clauses. The CJEU emphasizes once […]

CNIL fines Google LLC and Google Ireland with a total of €100 million for Using Cookies illegally

Google has been fined by CNIL (Commission Nationale de l’informatique et des Libertés) on the 7th of December 2020, for placing advertising cookies in the users’ computers without obtaining their consent. Following the investigation, it was found that the ‘’Privacy reminder from Google’’ banner did not inform the user about the cookies that were already […]

Vodafone Italy Fined with over €12 million for Violating the GDPR Through Abusive Telemarketing

Vodafone Italy has been fined more than €12 million for illegally processing users’ personal data for commercial purposes. As EDPB (European Data Protection Board) specifies in their report on this case, hundreds of complaints have been sent to the Italian Garante following the marketing calls made by Vodafone to its users. The Italian authority demonstrated […]

The European Data Protection Board launches a series of recommendations following the CJEU’s decision C-311/18 (Schrems II)

EDPB (European Data Protection Board) brings new light upon the recent decision of the CJEU (The Court of Justice of the European Union), named C-311/18 Schrems II (after the Austrian activist Max Schrems), which clarifies the transfer of personal data to third countries and continues to validate the standard contractual clauses. The CJEU emphasizes once […]