Daniela Atanasovska, Author at GDPR Local

Article 14 Guide: Meeting Regulatory Requirements for Personal Data Not Directly Obtained from Data Subjects

Posted on April 9, 2024 (April 9, 2024)

Imagine a software-as-a-service (SaaS) company looking to grow its clientele by purchasing leads from a specialized lead generation firm. These leads come complete with contact details and demographic information of prospective customers. In a similar scenario, envision a real estate agency building a database of potential homebuyers through publicly accessible sources such as property listings […]

Empower Your AI Strategy: A Guide to ISO/IEC 42001 Implementation

Posted on April 4, 2024 (April 5, 2024)

In our recent blogs “The EU’s Artificial Intelligence Act and Its Implications for Business” and “Essential Guide for the New EU AI Act: Navigating through the AI Act” we delved into the transformative impact of the EU’s regulatory measures on companies, shedding light on significant milestones, regulatory requirements, and pertinent considerations. These blogs underscored the […]

Unraveling India’s Digital Personal Data Protection Bill 2023: A Comparative Study with GDPR – Part 2

Posted on February 22, 2024 (February 26, 2024)

In the first part of our blog series – India Enacted the Digital Personal Data Protection Bill in 2023: What is the Sentiment Around it? – Part 1, we delved into the structure, application, and basic concepts of the Digital Personal Data Protection (DPDP) Bill enacted in India in 2023. Now, in this part, we […]

The Rite Aid FTC Ban: A Wake-Up Call for Companies Using AI Facial Recognition Systems

Posted on January 3, 2024 (January 3, 2024)

The U.S. Federal Trade Commission (FTC) has recently taken a significant step into addressing issues of bias and discrimination in artificial intelligence (AI), as seen in a landmark case involving Rite Aid. In a groundbreaking move, the consumer protection agency addressed concerns about Rite Aid’s use of facial recognition technology for retail theft deterrence. Rite […]

Continuing the Journey: What are the Costs of EU-US Data Privacy Framework Program Certification

Posted on December 6, 2023 (December 6, 2023)

In our recent exploration of transatlantic data flow post-EU Adequacy Decision – Don’t Get Caught Out: How US Companies Can Comply with the GDPR after the Adequacy decision from the EU, we delved into the impact on US companies, categorizing them into three groups.Now, let’s dive into the intricacies of the EU-US Data Privacy Framework […]

Don’t Get Caught Out: How US Companies Can Comply with the GDPR after the Adequacy decision from the EU

Posted on August 31, 2023 (August 31, 2023)

In the recent blog Finally Unlocking Transatlantic Data Flow: How the Adequacy Decision Impacts US and EU Companies we explain how this EU decision unlocked the transatlantic personal data flow from EEA and in near future UK and Switzerland to the US. But what does this unlocked flow mean for US companies that receive personal […]

Finally Unlocking Transatlantic Data Flow: How the Adequacy Decision Impacts US and EU Companies

Posted on July 13, 2023 (July 13, 2023)

What is the adequacy decision for the EU-US Data Privacy Framework? An adequacy decision made by the European Commission under the General Data Protection Regulation (GDPR) determines whether a third country provides a level of data protection that is essentially equivalent to that guaranteed within the European Union. The decision is based on a comprehensive […]

GDPR and Lead Generation Companies: Building Trust and Boosting Performance

Posted on July 11, 2023 (July 11, 2023)

What are lead generation companies? Companies that use various marketing and advertising techniques to identify and capture individuals or businesses who express interest in a particular product or service and generate potential customer leads for businesses are so called “lead generation companies”. These companies then provide their clients with leads, often in the form of […]

Unlocking Compliance: Understanding the Significance of Data Retention in GDPR

Posted on July 5, 2023 (July 5, 2023)

The Essential Roadmap: Navigating Data Retention Policy and Schedule in GDPR Compliance Storage limitation is one of the fundamental principles of the General Data Protection Regulation (GDPR). It requires that personal data should be kept in a form that permits identification of data subjects for no longer than what is necessary for the purposes for […]

Author: Daniela Atanasovska

Posts by Daniela Atanasovska