Data Protection Bites 6/2019

PrintMailRate-it

 WORLDWIDE HOT TOPICS: INTERNATIONAL DATA PROTECTION UPDATES IN A NUTSHELL

SPAIN

A year of GDPR in Spain

A year has passed since the entry into force of the General Data Protection Regulation, which has been a major adaptation challenge for companies. The Spanish Data Protection Authority has published a Report that offers an overview of what happened this year and the challenges we face.

Click here to read the full article » 


LITHUANIA

Interim Conclusion after one Year GDPR: Data Security Complaints and Breaches 

The most common complaint reasons of individuals

A clear increase in queries and complaints to State Data Protection Inspectorate has been observed in recent months. This increase confirms the rise in awareness about General Data Protection Regulation (GDPR) among individuals. In the first year of the GDPR the number of the data protection complaints doubled in comparison to the previous years. 

Click here to read the full article » 


LATVIA

Implementation of the Newly Introduced Whistleblowing Law: GDPR Considerations 

The new Whistleblowing Law aiming to promote whistleblowing on any sort of violations going against public interests came into force in the Republic of Latvia on May 1st, 2019.
Click here to read the full article »  


ITALY

2 million euros fine for telemarketing and teleselling companies: they failed to provide an adequate privacy statement and for an unlawful processing of data for marketing purposes. 

The Data Protection Authority, by decision of April 11, 2019, issued an injunction to pay an administrative fine of 2 million and 18 thousand euros for Vincall S.r.l.s, an Italian company that carries out telemarketing and teleselling activities through call centers on behalf of several clients.

Click here to read the full article »


 DPA OBSERVATORY

ITALY

Data Protection Authority: Measure on data breach - 30 April 2019

The Data Protection Authority, by decision of April 11, 2019, issued an injunction to pay an administrative fine of 2 million and 18 thousand euros for Vincall S.r.l.s, an Italian company that carries out telemarketing and teleselling activities through call centers on behalf of several clients. but instead must contain precise information with regards to the nature of the data breach, its possible consequences and the measures to be taken to avoid further risks, to enable the affected persons to understand the risks and protect themselves from unlawful use of their data. Obviously, these provisions of the Privacy Authority also concern the company´s communication to its employees after an eventual data breach. 
Click here to read the full article (in Italian) »

The Data Protection Authority approved the Code of Conduct for the processing of personal data on business information presented by Ancic 

On the last 12 June, the Data Protection Authority approved the Code of Conduct for the processing of personal data on business information presented by Ancic (National Association of Business Information and Credit Management Enterprises).

Click here to read the full article »


 COURT PRECEDENTS

​SPAIN

The Spanish Constitutional Court has annulled the article which allowed the political parties to collect personal data relating to 'citizens' political opinions

On June 25, the expected Judgement of the Constitutional Court was published, which unanimously declared unconstitutional article 58 bis 1) of the Spanish Electoral Law, which allowed political parties to draw up political profiles to send electoral propaganda. Being the first time that the Court faces an appeal against a law approved unanimously by all political parties,

Click here to read the full article »


ITALY

Ministry of Labor, Ruling (“Interpello”), 31 May 2019, no. 4/2019
Health documentation in company databases – Agreement necessary

With its ruling, the Ministerial Commission provided clarification on the keeping of employees' health documentation on a company computer medium, stating that, in general, the use of automatic data processing systems for the retention of this data is permitted. In this context, the Ministry has specified that, with regard to the storage of health data registered by the company physician on a corporate database, it is necessary to adopt measures agreed between the employer and the company physician, in the form of an agreement, which ensure the accessibility of such health data only to the company physician and not to the employer or the system administrator, in order to ensure the respect of the medical confidentiality and the privacy of the personal data.
Click here to read the full article (in Italian) »


Contact

Contact Person Picture

Avv. Rita Santaniello

Partner

+39 02 6328841
+39 02 63288420

Invia richiesta

Contact Person Picture

Avv. e Head of Data Protection Italy Nadia Martini

+39 02 6328841
+39 02 63288420

Invia richiesta

 Data Protection Bites


Our newsletter aims at collecting updates, news and insights on data protection matters worldwide, with a special focus on the GDPR.
Utilizziamo i cookies per personalizzare il sito web e offrire all’utente un servizio di maggior valore. Tra le diverse finalità, i cookies ci permettono di analizzare il percorso di navigazione dell’utente per migliorarne l’esperienza sul sito web. Continuando a navigare su questo sito accetta la politica sui cookie. Ulteriori informazioni sono contenute nostra informativa privacy.
Deutschland Weltweit Search Menu