Adequacy decisions

Adequacy decisions

members 3 min read
16 Sep: Republic of Korea EU adequacy decision | 5 Sep: Commission with 🇧🇷 Brazil draft adequacy decision – Up next: EDPB Opinion, Member States reps approval and EP "right of scrutiny" | 22 July: Commission deems 🇬🇧 UK DUAA adequate.
GDPR 2.0?

GDPR 2.0?

members 6 min read
Commission outlines digital simplification plans at LIBE meeting | Have your say on the upcoming Digital Omnibus (deadline 14 Oct.) | Commission proposes to simplify the European Single Market, including the GDPR Articles 4, 30, 40 and 42.
CJEU C-655/23 Quirin Privatbank 4 Sep 2025

CJEU C-655/23 Quirin Privatbank 4 Sep 2025

members 3 min read
GDPR offers no judicial remedy outside erasure requests to stop future unlawful processing, but Member States may. Non-material damage covers negative feelings – if proven. A controller’s fault doesn’t affect compensation, and a court order banning repeat GDPR violations can’t reduce or replace it.
CJEU C-383/23 ILVA (GDPR fine) 13 Feb 2025

CJEU C-383/23 ILVA (GDPR fine) 13 Feb 2025

members 4 min read
2 Sep: 💸 ILVA fined €201k | When fining a controller in a corporate group, DPAs must base the maximum fine on the *group’s* total worldwide turnover from the prior business year. A crucial ruling for anyone in a company group – here's also text you can copy for an email to your Management/Board.
Welcome! Start here 👇

Welcome! Start here 👇

members 2 min read
Bumping this as reminder – to make the most out of your subscription, read through this post: How to use DPO Hub effectively and find your way around.
The UK Data (Use and Access) Act (DUAA) 2025

The UK Data (Use and Access) Act (DUAA) 2025

members 9 min read
ICO launches consultations for amendments | Get quickly up to speed on the new UK Data (Use and Access) Act. 💬 "there is no need to panic. Many of the changes empower rather than require, and even if embraced could be done so incrementally."