What to call "privacy policy"

Oct 4, 2023 — 1 min read

Read the full story

Already have an account? Sign in

Luxembourg DPA fines Amazon Europe €746m

members – 2 min read

13 March 2026: Amazon with big win – a Luxembourg appeals court has overturned the €746 million fine and referred the case back to the DPA.

Mar 19, 2026

🇮🇪 DPC fines TikTok €530m for China transfers

members – 3 min read

10 July: DPC launches new investigation into China transfers. Earlier: transparency breach by failing to disclose the third countries involved and didn't explain the nature of the transfers in its privacy policy --> get compliant in six months or stop the transfers (but order paused until Oct).

Jul 22, 2025

CJEU C-40/17 Fashion ID 29 Jul 2019

members – 4 min read

You’re a (joint) controller if you use third-party tools on your website that share personal data with the provider – but only for parts where you (jointly) determine purposes and means. If you collect the data, you must inform and get consent, and each controller must pursue a legitimate interest.

Jun 17, 2025