AML et Protection des données : un mariage difficile? 26 September 2017
|
|
- Kathleen Muriel Nash
- 6 years ago
- Views:
Transcription
1 AML et Protection des données : un mariage difficile? 26 September 2017
2 Outline 1. Data protection current regime 2. GDPR overview & key novelties 3. GDPR and AML Attempt for peaceful coexistence Potential frictions and conflicting areas 4. In practice: points of attention regarding implementation 2
3 1. Data Protection current regime v Core principles 1) Legitimacy 2) Purpose limitation 3) Proportionality 4) Transparency v Rule of thumb What is the reasonable privacy expectation of the data subject? 3
4 1. Data Protection current regime v Core concepts Data subject: natural person whose data is being processed Personal data: information relating to an identified or identifiable natural person Processing: collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction Data controller: determines the purposes and means of the processing Data processor: processing personal data on behalf of the controller 4
5 1. Data Protection current regime v Role based approach Data subject Data controller Data processor 5
6 2. GDPR - overview v What is it about? General Data Protection Regulation 2016/679 Règlement relatif à la protection des personnes physiques à l égard du traitement des données à caractère personnel et à la libre circulation de ces données, et abrogeant la Directive 95/46/CE Why a new Regulation? o Need to adapt to the digital age o Direct applicability + uniformity o Penalties not effective enough o Need to enhance harmonization 6
7 2. GDPR overview v By when? o Regulation adopted 27 April 2016 o Entry into force 24 May 2016 o 2-year transition period: applicable from 25 May April May May 2018 Adopted Entry into force Applicable 7
8 2. GDPR key novelties 1) New privacy rights for the data subject: Transparency (art ) Right to erasure / Right to be forgotten (art. 17) à Google Spain case Right to data portability (art. 20) Right to receive the personal data, which they have provided to a controller, in a structured, commonly used and machine-readable format, and to transmit them to another data controller - If the processing is based on (i) consent of (ii) a contract - Supports user choice, user control and consumer empowerment - Facilitate switching between service providers Recent guidance of the Article 29 Working Party 8
9 2. GDPR: key novelties 2) Enhanced responsibilities for the data controller and processor Accountability principle (art. 5.2) Data protection by design and by default (art. 25) e.g. data minimisation, pseudonymisation More responsibilities for the processor (art. 28) Implementation of security measures: DC/DP Record of processing activities : DC/DP Notification of any data breach to the DC 9
10 2. GDPR: key novelties 3) Additional operational obligations: Records of processing activities (art. 30) : DC/DP Data Protection Impact Assessment (art. 35) o o o High risk processing: Processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons Supervisory authority shall establish and make public a list of the kind of processing operations which are subject to the PIA requirement High risk à Prior consultation of supervisory authority 10
11 2. GDPR: key novelties Appointment of a Data Protection Officer ( DPO ) (art ) Compulsory a. Processing carried out by a public authority or body b. Processing operations which require regular and systematic monitoring of data subjects on a large scale c. Processing on a large scale of special categories of sensitive data Voluntary Recent guidance from the 29 Article WP Notification of personal data breaches (art ) è GDPR = very process-driven 11
12 2. GDPR: key novelties Significant fines and enforcement: Up to 4% of total worldwide annual turnover New powers to national DPA s Cooperation and consistency mechanisms between DPA s New European Data Protection Board Need for additional guidance by national DPA s 12
13 3. GDPR & AML Attempt for peaceful coexistence Directive AML 4 Recital (42): Directive 95/46/EC of the European Parliament and of the Council, as transposed into national law, applies to the processing of personal data for the purposes of this Directive [ ] Belgian AML Act of 6 July 2017 implementing AML 4 ( Belgian AML Act ) Article 64 : Le traitement des données à caractère personnel en vertu de la présente loi est soumis aux dispositions à (sic) la loi du 8 décembre 1992 relative à la protection de la vie privée à l égard des traitements de données à caractère personnel, ainsi qu à celles des règlements européens directement applicables. 13
14 3. GDPR & AML Attempt for peaceful coexistence Proposal Directive AML 5 Explanatory memorandum - [ ] balancing the need to increase security with the need to protect fundamental rights, including data protection [ ] - Consistency with other Union policies: the proposed amendments to the 4 AMLD are in line with [ ] the GDPR Preamble - (40) This Directive respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, in particular the rights to respect for private and family life (Article 7 of the Charter), the right to the protection of personal data (Article 8 of the Charter) [ ] 14
15 3. GDPR & AML Potential frictions and conflicting areas 1) Purpose limitation Personal data may only be collected for specified, explicit and legitimate purposes and not further processed in a manner which is incompatible with those purposes (art 5.1.b) GDPR) Art 64 2 Belgian AML Act: les données à caractère personnel ne sont traitées en application de la présente loi, par des entités assujetties, qu aux fins de la prévention du BC/FT et ne font pas l objet d un traitement ultérieur d une manière incompatible avec lesdites finalités. Le traitement des données à caractère personnel recueillies sur la base de la présente loi pour toute autre finalité que celle prévue par cette loi, notamment à des fins commerciales, est interdit. BUT AML 5 : new policy purposes : fights against tax evasion Various controllers: authorities in charge of investigating anti-money laundering, tax evasion, authorities investigating terrorism, FIUs, press and public at large Uncertainty as to the purpose(s) pursued 15
16 3. GDPR & AML Potential frictions and conflicting areas 2) Proportionality Digital Right Ireland case : Fight against terrorism = public interest BUT measure must be proportionate Data retention : data cannot be kept for longer than necessary for the purposes for which personal data are processed (art 5.1.e) GDPR) // EU : 10 y (art. 60 Belgian AML Act) Access right to the UBO register: legitimate interest? Necessity to implement differentiated access 16
17 3. GDPR & AML Potential frictions and conflicting areas 3) Data subjects rights Information obligation / transparency obligation: Art 13 GDPR Art 64 3 Belgian AML Act : les entités assujetties communiques à leurs clients les informations [...] Access right (art 15 GDPR), right to rectification (art 16 GDPR), right to erasure (art 17 GDPR), right to data portability(art 20 GDPR), right to object (art 21 GDPR), communication of a personal data breach to the data subject (art 34 GDPR) Art 65 Belgian AML Act Art 23 GDPR : Are the conditions met? 17
18 3. GDPR & AML Potential frictions and conflicting areas 4) High risk processing Processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons Stricter obligations under the GDPR: Appropriate technical and organisational security measures Notification of data breaches Data Protection Impact Assessment & Prior consultation Data Protection Officer Avis 24/2017 Commission vie privée: obligation pour les entités assujetties de procéder à une analyse d impact relative à la protection des données de leur risk-based approach 18
19 3. GDPR & AML Potential frictions and conflicting areas 5) International (intra-group) data transfers Article 13 1 Belgian AML Act: Les entités assujetties qui font partie d un groupe sont tenues de mettre en oeuvre des politiques et des procédures de prévention du BC/FT à l échelle du groupe, qui incluent, notamment, des politiques de protection des données [ ] ECJ Schrems case, C-362, 6 October 2015 Avis n 12/2017 Commission pour la protection de la vie privée 19
20 4. In practice: points of attention Compliance Being compliant offers a competitive advantage Increasing enforcement Corporate reputation is at stake Increased attention Privacy by design AML and GDPR compliance / legal teams need to work in close collaboration 20
21 Questions? 21
22 Contact details Carol Evrard Associate TMT/IP T M carol.evrard@stibbe.com Sarah De Dijn Associate Corporate/Finance T M sarah.dedijn@stibbe.com
23 Thank you Stibbe.com 23
Member Circular March Implementation of the EU General Data Protection Regulation 2016/679 General Guidance to Members
Member Circular March 2018 Implementation of the EU General Data Protection Regulation 2016/679 General Guidance to Members Introduction Regulation (EU) 2016/679 containing the General Data Protection
More informationCHARITY & NFP LAW BULLETIN NO. 419
CHARITY & NFP LAW BULLETIN NO. 419 APRIL 25, 2018 EDITOR: TERRANCE S. CARTER IMPLICATIONS OF THE EU S GENERAL DATA PROTECTION REGULATION IN CANADA By Esther Shainblum & Sepal Bonni * A. INTRODUCTION The
More informationThe New EU General Data Protection Regulation (GDPR)
The New EU General Data Protection Regulation (GDPR) The clock has started on the biggest change to the European data protection regime in 20 years. After four years of negotiation, the new EU General
More informationEuropean Savings Directive 2003/48/EC
European Savings Directive 2003/48/EC Information The ALFI Taxation of Savings Working Group was asked to look at practical ways in which some of the provisions of the European Savings Directive 2003/48/EC
More informationAegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy
Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy Contents Definitions.. 2 The Product... 2 Fund Board Governance... 2 Delegation of the Processing of Personal Data... 2 Data Protection
More informationWHY SHOULD YOUR ORGANISATION WORRY ABOUT DATA PROTECTION?
WHY SHOULD YOUR ORGANISATION WORRY ABOUT DATA PROTECTION? Friday, September 26, 2014 Luncheon, Hôtel Métropole, Geneva Isabelle Hering Attorney-at-law Nyon WHO IS CONCERNED AND SHOULD WORRY? Natural persons
More informationGROUP PRIVACY POLICY. Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ).
GROUP PRIVACY POLICY Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ). 1 PURPOSE AND SCOPE 1.1 The aim of this policy is to establish uniform,
More informationGDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS
GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS WHO SHOULD EXECUTE THIS DPA: If you have determined that you qualify as a data controller under the GDPR, and need a data processing addendum
More informationCNPD Course: Data Protection Basics
CNPD Course: Data Protection Basics The obligations of controllers Esch-sur-Alzette (Belval) Mathilde Stenersen 4-6 July 2017 Legal department Introduction to data protection 1. Introduction 2. Basic concepts
More informationPension Trustees. Final Countdown to the GDPR
Pension Trustees Final Countdown to the GDPR Introduction The General Data Protection Regulation (GDPR) will come into force in all EU Member States in May 2018. It is not a radical departure from the
More informationAppropriate Policy Document
Appropriate Policy Document Schedule 1, Part 4, Data Protection Act 2018 July 2018 Privacy Notice - Appropriate Policy Document v2.docx Page 1 of 8 Contents 1 Introduction... 3 2 Relevant Schedule 1 conditions
More informationThe General Data Protection Regulation (GDPR): action plan for pension scheme trustees
The General Data Protection Regulation (GDPR): action plan for pension scheme trustees July 2017 (revised March 2018) Pension briefing HIGHLIGHTS The European General Data Protection Regulation (GDPR)
More informationARE YOU READY FOR THE NEW DATA PROTECTION LAWS?
ARE YOU READY FOR THE NEW DATA PROTECTION LAWS? GETTING READY FOR THE GDPR PART ONE DATA PROTECTION LAWS ARE CHANGING DATA PROTECTION LAWS ARE CHANGING On 25 May 2018, the General Data Protection Regulation
More informationEU General Data Protection Regulation vs. Swiss Data Protection Act (in the Private Sector 1 )
EU General Data Protection Regulation vs. Swiss Data Protection Act (in the Private Sector 1 ) October 26, 2017 Version 4.01 David Rosenthal (david.rosenthal@homburger.ch) Updates and more infos: http://www.homburger.ch/dataprotection
More informationMichael R. Cohen CIPP/US, CIPP/E Gray Plant Mooty. Overview of the EU General Data Protection Regulation (GDPR)
Michael R. Cohen CIPP/US, CIPP/E Gray Plant Mooty Overview of the EU General Data Protection Regulation (GDPR) WHAT YOU NEED TO KNOW ABOUT THE EU GENERAL DATA PROTECTION REGULATION (GDPR) What is the GDPR?
More informationAll Sorts UK Limited Data Protection Policy 17 th May 2018
All Sorts UK Limited Data Protection Policy 17 th May 2018 1. Introduction This Policy sets out the obligations of All Sorts UK Limited, a company registered in England under number 03534972, whose registered
More informationData Processing Addendum
Data Processing Addendum This Data Processing Addendum ( DPA ) forms part of the Agreement(s) and is entered by and between the Customer and the Service Provider on the Effective Date. For the avoidance
More informationRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR Richard Campo, CISM GRC Consultant IT Governance Ltd 1 Sept 2016 www.itgovernance.co.uk TM Introduction Richard Campo GRC consultant Data protection
More informationInternational data transfers and Schrems White & Case. Aqeel Kadri and Tim Hickman
International data transfers and Schrems White & Case Aqeel Kadri and Tim Hickman 9 March 2016 Overview of EU data protection law Currently, each EU Member State has its own national data protection law,
More informationThe French supplemental Finance Bill for end 2012
Peter Harris Friday 7 th July, 2012 The French supplemental Finance Bill for end 2012 The Minefi Press Release of yesterday needs checking carefully: http://www.economie.gouv.fr/files/dp_plfr_2012.pdf
More informationMan and Machine - Data Protection Policy
Man and Machine - Data Protection Policy 1. Introduction This Policy sets out the obligations of Man and Machine Ltd, whose registered office is at Unit 8 Thame 40, Jane Morbey Road, Thame, Oxfordshire,
More informationArticle 29 Working Party
Article 29 Working Party 06/EN Press Release on the SWIFT Case following the adoption of the Article 29 Working Party opinion on the processing of personal data by the Society for Worldwide Interbank Financial
More informationGDPR : We protect your data
GDPR : We protect your data Dear customer, From the 25th May 2018 the new law of Personal Data Protection (GDPR) will enter into force. At Almagest Wealth Management S.A., we understand your need to be
More informationPERSONAL DATA PROCESSOR AGREEMENT
1 PERSONAL DATA PROCESSOR AGREEMENT PARTIES This personal data processor agreement ( Processor Agreement ) has been entered into between: Buyer/Client/Customer ( Controller ), and The company within the
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement ( DPA or Agreement ), entered into by the CPI customer identified on the applicable CPI services agreement for CPI services ( Customer ) and the
More informationSUPPLEMENT N 2 DATED 25 JANUARY 2017 TO THE BASE PROSPECTUS DATED 27 JULY 2016 CRÉDIT MUTUEL ARKÉA 13,000,000,000 EURO MEDIUM TERM NOTE PROGRAMME
SUPPLEMENT N 2 DATED 25 JANUARY 2017 TO THE BASE PROSPECTUS DATED 27 JULY 2016 CRÉDIT MUTUEL ARKÉA 13,000,000,000 EURO MEDIUM TERM NOTE PROGRAMME This supplement (the Second Supplement ) is supplemental
More informationThe Tax Information, Exchange Agreement between France and Jersey. in force as of 11th October, 2010
The Tax Information, Exchange Agreement between France and Jersey in force as of 11th October, 2010 Date: valid as at 28 th December, 2010 This short article is a summary of certain, not all, advantages
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement (the DPA ), entered into by the Customer and the company Ganttic OÜ (company registration number 11979702) having its registered office at Lai tn
More informationThematic Legal Study on assessment of data protection measures and relevant institutions Luxembourg
FRA Thematic Legal Study on assessment of data protection measures and relevant institutions Luxembourg Luxembourg, Luxembourg February 2009 DISCLAIMER: This thematic legal study was commissioned as background
More informationAlert Franchise & Distribution/ Cybersecurity, Privacy & Crisis Management
Alert Franchise & Distribution/ Cybersecurity, Privacy & Crisis Management EU General Data Protection Regulation: What Impact for Franchise Businesses? November 2017 One of the most important assets that
More informationInformation on the Collection and Processing of your personal data
Information on the Collection and Processing of your personal data Care and transparency is the basis for a trusting cooperation with our customers. We therefore inform you about how we process your data
More informationMoxtra, Inc. DATA PROCESSING ADDENDUM
Moxtra, Inc. DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Terms of Service found at http://moxtra.com/terms-of-service/, unless Company has entered into a superseding
More informationArchived Content. Contenu archivé
Archived Content Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived
More informationNOTIFICATION FOR PRIOR CHECKING INFORMATION TO BE GIVEN(2)
To be filled out in the EDPS' office REGISTER NUMBER: 73 NOTIFICATION FOR PRIOR CHECKING Date of submission: 20/12/2005 Case number: 2005/407 Institution: COMMISSION Legal basis: article 27-5 of the regulation
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) is made between Cognito, LLC., a South Carolina corporation ( Cognito Forms ) and {OrganizationLegalName} ( Customer or Controller or {Organization}
More informationWhat does GDPR and the new Data Protection Act mean to Brokers/Intermediaries?
YYYYYYYYYYY The New Class 2016-2017 Report 2: General Date Protection Regulation (GDPR) What does GDPR and the new Data Protection Act mean to Brokers/Intermediaries? 1 2 Contents The Insurance Institute
More informationLAMP Services Limited Privacy Notice v1.2 4 th March Controller
1. Controller LAMP Services Limited is the Controller under the EU General Data Protection Regulation (EU GDPR). LAMP Services Limited is incorporated in England, company registration number 04967967.
More informationGDPR: Frequently Asked Questions to Brokers Ireland, February 2018.
GDPR: Frequently Asked Questions to Brokers Ireland, February 2018. 1. Does my Firm require a Data Protection Officer ( DPO )? Not necessarily, but the legislation and current guidance is not definitive.
More informationOpinion 8/2009 on the protection of passenger data collected and processed by duty-free shops at airports and ports
ARTICLE 29 Data Protection Working Party 02318/09/EN WP167 Opinion 8/2009 on the protection of passenger data collected and processed by duty-free shops at airports and ports Adopted on 1 December 2009
More informationData Processing Addendum
Data Processing Addendum Based on the General Data Protection Regulation (GDPR) and European Commission Decision 2010/87/EU - Standard Contractual Clauses (Processors) This Data Processing Addendum ( DPA
More informationEuropean Union General Data Protection Regulation
European Union General Data Protection Regulation Policy 25 May 2018 Bendigo and Adelaide Bank Limited ABN 11 068 049 178 General Data Protection Regulation (GDPR) Application This GDPR section of our
More informationData Privacy Notice. Who are we and why do we register and use personal data?
Data Privacy Notice Who are we and why do we register and use personal data? Danske Bank A/S is a financial institution that offers financial advice and services to its clients. In the course of our business,
More informationPersonal Data. Protection Policy
Personal Data Protection Policy Version 1 May 2018 Contents Terms Definitions... 3 1. Objective and Scope... 4 2. What are Personal Data?... 4 3. Who are affected by Personal Data Processing?... 4 4. What
More informationFirefighters Pension Scheme
Compliance Firefighters Pension Scheme General Data Protection Regulation Privacy Notices As confirmed in bulletin 7 (April 2018) the LGA Bluelight team commissioned Squire Patton Boggs to produce a template
More informationAutomatic inter-state exchange of data: Safeguarding data protection and fundamental rights
Automatic inter-state exchange of data: Safeguarding data protection and fundamental rights Giuseppe Busia Secretary General of the Italian Data Protection Authority Article 29 Working Party 1 The Article
More informationPrivacy Statement v 1.1
Privacy Statement v 1.1 Context and Overview This notice will take effect from 25/05/2018 Burke Insurances Ltd. is committed to protecting and respecting your privacy. It is the intention of this privacy
More informationCLOUDINARY DATA PROCESSING ADDENDUM
CLOUDINARY DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms part of the agreement for the subscription by the Customer to the Cloudinary Service ("Subscription Agreement") between Cloudinary
More informationHOW TO EXECUTE THIS DPA:
DATA PROCESSING ADDENDUM (GDPR, and EU Standard Contractual Clauses) (Rev. April 20, 2018) This Data Processing Addendum ( DPA ) forms part of the Master Subscription Agreement or other written or electronic
More informationAmgen Binding Corporate Rules (BCRs) Public Document
Amgen Binding Corporate Rules (BCRs) Public Document Introduction: Amgen is a biotechnology leader committed to serving patients with grievous illness. Binding Corporate Rules (BCRs) express Amgen s commitment
More informationMultilateral. Instrument Matching Database
Prevent Base Profit Shifting Instrument Matching Database Table of Contents 1. DISCLAIMER... 1 2. USER S GUIDE... 3 3. GLOSSARY ENGLISH FRENCH... 5 Instrument Prevent Base Profit Shifting MULTILATERAL
More informationData Processing Appendix
Company Name* Execution Date *Company name indicated must conform to the name on customer s Master Subscription Agreement executed with SugarCRM. This Data Processing Appendix on the processing of personal
More informationThe contract is important so that both parties understand their responsibilities and liabilities.
Contracts At a glance Whenever a controller uses a processor it needs to have a written contract in place. The contract is important so that both parties understand their responsibilities and liabilities.
More informationPension Trustees Final Countdown To GDPR
Pension Trustees Final Countdown To GDPR " ROBERT HANIVER SENIOR ASSOCIATE/TECHNOLOGY MASON HAYES & CURRAN " STEPHEN GILLICK PARTNER/PENSIONS MASON HAYES & CURRAN The General Data Protection Regulation
More informationPREPARING FOR THE EU GDPR IN RESEARCH SETTINGS
PREPARING FOR THE EU GDPR IN RESEARCH SETTINGS May 22, 2018 1 1 This guidance document is based on information available as of May 22, 2018. As the GDPR is enforced and further guidance is provided this
More informationDATA PROCESSING ADDENDUM
Page 1 of 20 DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Customer Terms of Service found at https://slack.com/terms-of-service, unless Customer has entered into a
More informationBanks Sheridan Limited Data Protection Privacy Policy 19 May 2018
Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018 1. Introduction This Policy sets out the obligations of Banks Sheridan Limited ( the Company ) regarding data protection and the rights
More informationCLIENT DATA PROCESSING AGREEMENT
CLIENT DATA PROCESSING AGREEMENT This Data Processing Agreement for the Data Protection (the Agreement ) of Data Processed is entered into on./../ (hereinafter referred to as the Effective Date ) by and
More informationThe GDPR how to prepare MiFID II where are we now? Wednesday 21 February 2018
The GDPR how to prepare MiFID II where are we now? Wednesday 21 February 2018 GDPR so far The EU General Data Protection Regulation (Regulation (EU) 2016/679) comes into effect on 25 May 2018 Aims to protect:
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Author: Mrs A Taylor Approval needed Board of Directors by: Adopted (date): 6 December 2016 Date of next review: December 2017 Data Protection Policy Introduction The de Ferrers
More informationImpact of the European General Data Protection Regulation on U.S. M&A
CLIENT MEMORANDUM Impact of the European General Data Protection Regulation on U.S. M&A March 26, 2018 The winds of change will shortly sweep across the data privacy landscape in the European Union ( E.U.
More informationDATA PROCESSING AGREEMENT/ADDENDUM
DATA PROCESSING AGREEMENT/ADDENDUM This Data Processing Agreement ( DPA ) is made and entered into as of this day of, 2018 forms part of our Terms and Conditions (available at www.storemaven.com/terms-of-service)
More informationINFORMATION ON THE PROCESSING OF PERSONAL DATA
INFORMATION ON THE PROCESSING OF PERSONAL DATA PRIVACY NOTICE In order to be compliant with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection
More informationCPI PROPERTY GROUP. Group Data Protection Policy. 25 May Summary
CPI PROPERTY GROUP Group Data Protection Policy Summary This Group Data Protection Policy ( Data Protection Policy ) stipulates the rules for personal data protection in the CPI PROPERTY GROUP ( CPIPG
More informationA guide for the insurance industry
A guide for the insurance industry IMPORTANT NOTE: This guide is based on the text of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural
More informationDATA PROTECTION LAWS OF THE WORLD. Czech Republic
DATA PROTECTION LAWS OF THE WORLD Czech Republic Downloaded: 15 July 2018 CZECH REPUBLIC Last modified 24 May 2018 LAW The General Data Protection Regulation (Regulation (EU) 2016/679) (" GDPR") is a European
More informationGDPR CCPA LGPD. Protected information
Stricter data protection laws are on the rise. While only a couple of years ago, data protection legislations and requirements were frequently marginalized and the position of the data protection officer
More informationWHAT DOES THE GDPR MEAN FOR PENSIONS? HANDY GUIDE
WHAT DOES THE GDPR MEAN FOR PENSIONS? HANDY GUIDE The General Data Protection Regulation How will the pensions industry be affected? The pensions industry processes huge amounts of personal data - member's
More informationInformation about Danica Pension s processing of personal data
Information about Danica Pension s processing of personal data Danica Pension is a financial institution that offers pensions and insurance to its customers. When you become a Danica Pension customer,
More informationDATA PROCESSING TERMS AND CONDITIONS
DATA PROCESSING TERMS AND CONDITIONS These Data Processing Terms and Conditions apply in respect of Personal Data that we process on behalf of Customers who purchase the Powwownow Premium Service. Please
More informationWHAT DOES THE GDPR MEAN FOR PENSIONS?
WHAT DOES THE GDPR MEAN FOR PENSIONS? The General Data Protection Regualtion How will the pensions industry be affected? The pensions industry processes huge amounts of personal data - member's names,
More informationSUMMARY OF BINDING CORPORATE RULES
SUMMARY OF BINDING CORPORATE RULES July 1 st, 2015 1 Table of Contents 1. Preamble... 3 2. Definitions... 3 3. Endorsement... 4 4. Entity with delegated data protection responsibilities... 4 5. Description
More informationLa CSFO publie une ébauche de la ligne directrice sur le traitement équitable des consommateurs
La CSFO publie une ébauche de la ligne directrice sur le traitement équitable des consommateurs 17 avril 2018 Stuart S. Carruthers, Andrew S. Cunningham Le 3 avril 2018, l autorité provinciale des services
More informationDATA PROCESSING ANNEX
Page 1 (5) 1 BACKGROUND AND PURPOSE DATA PROCESSING ANNEX 1.1 The terms of this Annex shall apply to the Agreement between Solibri Oy and/or its Subsidiary/Subsidiaries (Solibri Oy and the Subsidiaries
More informationPrivacy vs Data Protection: The Impact of EU Data Protection Legislation
Privacy vs Data Protection: The Impact of EU Data Protection Legislation Thomas Rivera / Hitachi Data Systems Original Author: SNIA Security TWG SNIA Legal Notice The material contained in this tutorial
More informationGuidance: The new EU General Data Protection Regulation: Implications for Australia
Guidance: The new EU General Data Protection Regulation: Implications for Australia Introduction After years of negotiations, the new EU General Data Protection Regulation (GDPR) was passed in 2016, bringing
More informationNewsletter NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN: Similarities and Differences. Atsumi & Sakai
Newsletter Atsumi & Sakai NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN: Similarities and Differences ATSUMI & SAKAI TOKYO LONDON FRANKFURT www.aplaw.jp/en NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN:
More informationGeneral Data Protection Regulation (GDPR) Data Protection Notice
General Data Protection Regulation (GDPR) Data Protection Notice Innovative Sensor Technology IST AG attaches great importance to the protection of your personal data. We therefore conduct our business
More informationData Protection Notice pursuant to the General Data Protection Regulation (GDPR)
Data Protection Notice pursuant to the General Data Protection Regulation (GDPR) The Endress+Hauser Group ( Endress+Hauser, we or us ) attaches great importance to the protection of your personal data.
More informationPrivacy notice. What personal data do we register and use?
Privacy notice Nordania Finans A/S (Danske Leasing A/S), which is part of Danske Bank Group, and Nordania Leasing, division af Danske Bank A/S (in the following collectively referred to as Nordania ) are
More informationARTICLE 29 Data Protection Working Party
ARTICLE 29 Data Protection Working Party Brussels, 11th April 2018 Mr Clemens-Martin Auer e-health Network Member State co-chair Director General Federal Ministry of Health, Austria Subject: Agreement
More informationDATA PROTECTION LAWS OF THE WORLD. Angola vs Czech Republic
DATA PROTECTION LAWS OF THE WORLD Angola vs Czech Republic Downloaded: 15 July 2018 ANGOLA CZECH REPUBLIC Last modified 24 January 2018 LAW Data Protection Law (Law no. 22/11 of 17 June), Electronic Communications
More informationThe impact on Equity Plans of EU Discrimination Law
The impact on Equity Plans of EU Discrimination Law Thursday, 19 June 2008, 11:40 12:30, Breakout Session 2 Juan Bonilla and Francisco Conde www.globalequity.org 1 Summary 1. Brief introduction to European
More informationTHE IRON MOUNTAIN GDPR JARGON BUSTER
THE IRON MOUNTAIN GDPR JARGON BUSTER DON T KNOW YOUR BCRS FROM YOUR DPOS? IF SO, YOU RE NOT ALONE. The new EU General Data Protection Regulation (GDPR for short, and yet another set of initials you ll
More informationPrivacy Policy Statement
Privacy Policy Statement QuoteDevil is committed to protecting and respecting your privacy. It is the intention of this privacy policy statement to explain to you the information practices of QuoteDevil
More informationData Processing Addendum
Data Processing Addendum This Data Processing Addendum (" DPA "), forms part of the Agreement or other written or electronic agreement between Pleo Technologies ApS (" Pleo ) and Customer for the purchase
More informationProposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. on information accompanying transfers of funds. (Text with EEA relevance)
EUROPEAN COMMISSION Strasbourg, XXX COM(2013) 44 /2 2013/0024 (COD) Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on information accompanying transfers of funds (Text with EEA
More informationDATA SUBJECT ACCESS REQUEST POLICY AND PROCEDURE
DATA SUBJECT ACCESS REQUEST POLICY AND PROCEDURE CONTENTS 1. PURPOSE.... SCOPE.... POLICY STATEMENT... 4. PROCEDURE... How should DSARs be processed after receiving... Fees... Subject access requests made
More informationAlerte de votre conseiller Point de vue sur les IFRS Classement des emprunts comportant des clauses restrictives
Alerte de votre conseiller Point de vue sur les IFRS Classement des emprunts comportant des clauses restrictives Février 2016 Aperçu L équipe IFRS de Grant Thornton International a publié le document IFRS
More informationRBI GDPR DATA PROCESSING ADDENDUM
RBI GDPR DATA PROCESSING ADDENDUM 1. SCOPE 1.1. This GDPR Data Processing Addendum ( DPA ) applies to RBI s processing of personal data on Customer s behalf under the Agreement. With regard to such processing,
More informationThe Controller and Processor Data Protection Binding Corporate Rules of BMC Software
The Controller and Processor Data Protection Binding Corporate Rules of BMC Software 4 August 2015 Table of Contents Introduction 2 PART I: BACKGROUND AND ACTIONS 3 PART II: BMC AS A CONTROLLER 5 PART
More information14 March MedTech Europe: GDPR National Legislation State of Play Webinar
14 March 2018 MedTech Europe: GDPR National Legislation State of Play Webinar GDPR National Legislation State of Play - Germany Susanne Werry, Senior Associate Clifford Chance LLP Interaction of the GDPR
More informationDISPOSITIONS PARTICULIÈRES APPLICABLES DE "THE PENSION PLAN FOR THE EMPLOYEES OF LAURIER LIFE HOLDINGS LIMITED AND ITS ASSOCIATED COMPANIES"
ANNEXE VII-M DISPOSITIONS PARTICULIÈRES APPLICABLES AUX PARTICIPANTS EN DATE DU 1 ER JANVIER 2001 DE "THE PENSION PLAN FOR THE EMPLOYEES OF LAURIER LIFE HOLDINGS LIMITED AND ITS ASSOCIATED COMPANIES" Partie
More informationWe protect your data and privacy by taking all relevant measures in accordance with applicable legislation.
Privacy notice Nordania Finans A/S (Danske Leasing A/S), which is part of Danske Bank Group, and Nordania Leasing, division af Danske Bank A/S (in the following collectively referred to as Nordania ) are
More informationAppLovin Data Processing Agreement
AppLovin Data Processing Agreement This AppLovin Data Processing Agreement ( DPA ) is incorporated into and is subject to the AppLovin Terms of Use Agreement available at https://www.applovin.com/terms
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) January 2018 Lockton Companies After several years of extensive negotiation, the European Union (EU) adopted the General Data Protection Regulation (GDPR) 1 on
More informationEuropean Parliament and Council Formally Approve Fifth Update to AML Directive
European Parliament and Council Formally Approve Fifth Update to AML Directive May 17, 2018 On May 14, after nearly two years of negotiations and counterproposals, the European Parliament and Council adopted
More informationINTERNATIONAL SOS. Data Protection Policy. Version 1.8
INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 2017 All copyright in these materials are reserved to AEA International
More informationThe EU s General Data Protection Regulation enters into force on 25 May 2018
May 2018 The EU s General Data Protection Regulation enters into force on 25 May 2018 Keeping our customers data safe is nothing new to us. Protecting the information and the personal data that our customer
More informationSouthern Golden Retriever Rescue Data Protection Policy
Southern Golden Retriever Rescue Data Protection Policy Date: 16.05.18 V3 Next Policy Review Date by Trustees: May 2019 Contents 1. Introduction... 2 2. Policy... 2 3. Responsibilities... 2 4. Definitions...
More informationON24 DATA PROCESSING ADDENDUM
ON24 DATA PROCESSING ADDENDUM This Data Processing Addendum ( Addendum ) is entered into by and between ON24 Inc., on behalf of itself and its Affiliates ( ON24 ), and Client, on behalf of itself and its
More information