DPIA - DPO Hub

AI (Act) resources

members – 12 min read

Apr 14, 2025

Sweden DPA: DPIA practical guidance

members – 1 min read

IMY has shared a DPIA guide, primarily for those with little or no experience. It sets out a clear 10-step process for conducting an "acceptable" DPIA, to be used alone or with their templates. Grab the documents here (Swedish and DeepL translation).

Feb 17, 2025

CJEU C-61/22 Landeshauptstadt Wiesbaden 21 Mar 2024

members – 1 min read

A ruling on Regulation 2019/1157 on ID card security, where the CJEU clarified that its adoption couldn’t violate Article 35 of the GDPR, as it wasn’t subject to a DPIA requirement. (They also concluded that the regulation was invalid!)

Dec 29, 2024

Denmark Google Workspace for Education Chromebook case (Helsingørgate)

members – 9 min read

[15 July: Municipalities complies with Jan order + 🚨 DPA asks for EDPB opinion on the scope of a controller's documentation obligations regarding a processor's use of sub-processors] The Danish DPA's landmark decision of 2022 to ban certain use of Google products and US transfers, is still ongoing.

Jul 15, 2024

Dutch DPA on education sector social media marketing

members – 4 min read

The DPA stresses that their advice applies generally to all social media and "of great importance" to all educational institutions and similar organisations in 🇳🇱.

Jun 17, 2024

Denmark DPA orders municipalities to ensure Google-sharing compliance

members – 1 min read

🔥 Danish DPA with new decision in their Helsingørgate/Chromebook case!

Jan 30, 2024