Federica De Santis on Data Controller

Navigating Privacy and Data Security Challenges in the Hospitality Industry: Key Considerations for Hotel Management Agreements

Over the past decade, the hospitality industry has rapidly adopted intensive technologies to meet the rising expectations of guests, personalize each guest’s experience, and cultivate and enhance customer loyalty. Access to...more

9/25/2024 / California Consumer Privacy Act (CCPA) , Compliance , Consumer Privacy Rights , Data Controller , Data Privacy , Data Processors , Data Security , Data-Sharing , Hospitality Industry , Hotel Management Agreements , Hotels , Notice Requirements , Opt-Outs , Personal Data

Europe OPTS for Pragmatism with New SCCS and ICO Opens Consultations on UK SCCS — What Companies Need to Do Next

The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more

8/27/2021 / Court of Justice of the European Union (CJEU) , Data Controller , Data Privacy , Data Processors , Data Protection , Data Transfers , EU , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Impact Assessments , Information Commissioner's Office (ICO) , International Data Transfers , Personal Data , Schrems I & Schrems II , Standard Contractual Clauses , UK

Nowhere To Hide: Controllers have “Constructive Awareness” Of Processor Data Breaches

On December 15, 2020, Ireland’s Data Protection Commission (“DPC”) announced its decision to fine Twitter International Company (“Twitter”) €450,000 for failing to notify the DPC promptly of a data breach affecting EU...more

1/20/2021 / Cyber Incident Reporting , Cybersecurity , Data Breach , Data Controller , Data Processors , Data Protection , Data Protection Commissioner , Data Security , EU , Failure to Notify , General Data Protection Regulation (GDPR) , Personal Data , Policies and Procedures , Twitter

Déjà Vu All Over Again: EU High Court Invalidates Privacy Shield For EU – U.S. Data Transfers

Today (July 16) Europe’s highest court, the Court of Justice of the European Union (CJEU), in the case of Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (Schrems II) invalidated the EU–U.S. Privacy...more

7/17/2020 / Court of Justice of the European Union (CJEU) , Data Controller , Data Processors , Data Protection , EU , EU-US Privacy Shield , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , International Data Transfers , Standard Contractual Clauses

Federica De Santis

Goodwin

Popular Topics by This Author

Latest Posts › Data Controller

Navigating Privacy and Data Security Challenges in the Hospitality Industry: Key Considerations for Hotel Management Agreements

Europe OPTS for Pragmatism with New SCCS and ICO Opens Consultations on UK SCCS — What Companies Need to Do Next

Nowhere To Hide: Controllers have “Constructive Awareness” Of Processor Data Breaches

Déjà Vu All Over Again: EU High Court Invalidates Privacy Shield For EU – U.S. Data Transfers

Federica De Santis

Goodwin

Popular Topics by This Author

Latest Posts › Data Controller

Navigating Privacy and Data Security Challenges in the Hospitality Industry: Key Considerations for Hotel Management Agreements

Europe OPTS for Pragmatism with New SCCS and ICO Opens Consultations on UK SCCS — What Companies Need to Do Next

Nowhere To Hide: Controllers have “Constructive Awareness” Of Processor Data Breaches

Déjà Vu All Over Again: EU High Court Invalidates Privacy Shield For EU – U.S. Data Transfers

"My best business intelligence, in one easy email…"