Organisations must provide individuals with information on the specific recipients of their data upon request.
The Court of Justice of the European Union (CJEU) has ruled that organisations must generally disclose the...more
Online retailers storing credit card data for the sole purpose of facilitating further purchases will likely need to obtain consumer consent.
Online shopping has boomed in recent years. In 2020, the European statistics...more
7/8/2021
/ Credit Cards ,
Data Collection ,
Data Processors ,
Data Storage ,
E-Commerce ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Internet Retailers ,
New Guidance ,
PCI-DSS Standard ,
Prior Express Consent ,
Retailers
As contactless transactions boom, EU regulators publish draft guidelines on the interplay between the GDPR and PSD2.
Last year, more than half of all payments in the UK were made by card and contactless methods, while cash...more
11/4/2020
/ Anti-Money Laundering ,
Anti-Terrorism Financing ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
Financial Institutions ,
General Data Protection Regulation (GDPR) ,
Member State ,
New Guidance ,
Payment Systems ,
Personal Data ,
PSD2
A ruling by the EU’s top court invalidates the key mechanism for transferring personal data from the EU to the US and imposes additional conditions for use of the standard contractual clauses.
On 16 July 2020, the Court of...more
After the recent two-year anniversary of the GDPR, one fundamental question remains — who does the GDPR apply to?
Last month marked the two-year anniversary of the General Data Protection Regulation (GDPR), but its...more
Das ICO kündigt an, Bußgelder gegen British Airways und Marriott zu verhängen. Was ist passiert, wie geht es weiter?
Am 8. Juli 2019 kündigte das Information Commissioner’s Office (ICO) an, gegen British Airways wegen...more
GDPR and PSD2 are two legal initialisms that have both generated a great deal of press coverage in recent months, but they are seldom considered together.
There were around 122 billion non-cash payments in the European...more
The EU General Data Protection Regulation (GDPR) will come into force in May 2018, changing how businesses and the public sector manage customer information. With seven months before the deadline, governments, supervisory...more
On October 3, 2017, the Irish High Court announced that it will make a reference to the Court of Justice of the European Union (CJEU) for a preliminary ruling on the validity of the Standard Contractual Clauses, which allow...more
The General Data Protection Regulation (GDPR or Regulation) will become applicable in one year, as of May 25, 2018. A lot has happened since we set out the key provisions of the Regulation last year....more
The European Banking Authority (EBA) has published its consultation document on security measures for operational and security risks under the revised Payment Services Directive (PSD2).
The WannaCry ransomware attack that...more
The Article 29 Working Party (WP29) – the group that represents the data protection authorities of all EU Member States – has published guidance and FAQs on a number of issues under the General Data Protection Regulation...more