White Label

Our Blog

Personal data protection // Isometric Graphic // White Label Consultancy
Enforcement

What a seatbelt can teach us about data protection enforcement

We are seeing the introduction of new or updated “GDPR-inspired” data protection regulations across the Middle East and Africa. Although the European Union’s General Data Protection Regulation (GDPR) is driving an element of much needed global harmonisation, the GDPR also has the potential to restrict the vital free flow and aggregation of data in the region. This is something which

Read More »
Public sector

Not every man for himself: Risk assessments, transfers and ethical empowerment in the public sector

The saying ‘Every man for himself’ indicates not only a fundamental principle of competition along with an ambitious striving towards a goal. Much more, the saying enhances the idea of singularity and maybe even exclusion. ‘Every man for himself’ thus becomes the tale of insulation and maybe even lack of community-thinking. By ‘community-thinking’ we mean a set of common values

Read More »
Data Transfers
Data Transfers

Data transfers and standard contractual clauses in the light of Schrems II

  Introduction  Following the CJEU Schrems II court ruling, WLC focuses on a series of aspects relating to the ruling and its implications. In this article, we examine the legal basis requirement and why the European Commission’s Standard Contractual Clauses, otherwise known as the Model Clause or SCCs, are still alive – and what you need to be aware of when applying them.  Obviously, before transferring personal data out of the European Economic Area (EEA), a data exporter must ensure that there is a legal basis

Read More »
DIFC data protection law

Is GDPR compliance enough for the new DIFC data protection law?

The Dubai International Financial Centre (“DIFC”), a financial services free zone in the Emirate of Dubai in the UAE, recently released Data Protection Law DIFC No.5 of 2020. The law came into effect on 1 July 2020. Companies have a 3 month grace period to prepare for the new requirements. There is some good news though – the new law

Read More »
Personal data protection // Isometric Graphic // White Label Consultancy
Data Transfers

Schrems II – Implications beyond the US of A

Introduction This post continues a series of WLC commentaries following the recent Schrems II judgement by the CJEU. The judgement invalidated the Privacy Shield and confirmed the validity of Standard Contractual Clauses (“SCCs”) as a cross-border data transfer mechanism. It however imposed a requirement on the data exporter and the data importer to ensure, on a case-by-case basis, full compliance with a

Read More »
Transfer to the cloud // Isometric Graphic // White Label Consultancy
Data Transfers

How can I help my organisation manage the consequences of Schrems II Judgement

Intro This post is a continuation of our pragmatic advice on dealing with the consequences of the recent Schrems II judgement of CJEU, that have invalidated the Privacy Shield and put in question the way organisations transfer data outside of the EU/EEA. We are focusing on practical steps that the organisation should take internally as a reaction to the Schrems

Read More »
Data Transfers

10 key takeaways from Schrems II

We provide you with 10 key items you need to know about the Scherms II case court decision. Since our mission is to provide pragmatic advise we have refrained from long legal analysis, instead we give you insights on the most important consequences. Please stay tuned, we will continue reporting on the case in this manner, by publishing more bite

Read More »
White Label DPO // White Label Consultancy
Data Processing Agreement

DPA Negotiation: Top 6 Tips

Over the last few years we had our hands full discussing and negotiating Data Processing Agreements (DPAs). The 6 tips below are based on our practical observations and things we have learned. We hope this will offer useful insights to DPOs, legal, procurement and outsourcing stakeholders who come across DPAs in their daily work. Please note that the tips we

Read More »
Data Protection Roles

The importance of data protection roles in product development

Summary Correctly choosing whether you are a controller, a joint controller, or a processor is important not only from a compliance perspective. It should take into consideration the future needs for data for your product and will largely direct its development.  Intro The traditional division between the controller and the processor historically relied on a distinction between a party connected

Read More »
Data Protection Audit // White Label Consultancy
Business Value of Privacy

The Value of Privacy in a Business Context

The ever-increasing need for access to data for business development purposes and the increasing regulatory requirements, have catapulted data governance into the business environment. This means that data needs to be managed, controlled, and developed in accordance with existing business principles of asset management. However, the value of privacy in a business context must be  assessed using the same criterion

Read More »