What is a privacy programme, and why does your company need one?
Most companies treat GDPR like a driver’s licence test. Study hard, pass once, get the certificate, and then move on with this […]
Federated learning: smarter AI without centralising data.
Key takeways: Federated learning breaks the data paradox. It makes it possible to train AI models without centralising data, allowing organisations to […]
From White Wire to worldwide: Consultancy as launchpad for an international privacy career.
With Ellen Demey, Corporate Data Protection Manager at Umicore Umicore is one of the most versatile industrial players in the world, active […]
Managing mailboxes after termination: do’s and don’ts under the GDPR
Table of Contents When an employment relationship ends, there are many tasks to handle, ranging from administrative duties to ensuring privacy and […]
Public access to administrative documents vs right of access under the GDPR
Pursuant to Articles 12 and 15 of the GDPR, any data subject is entitled to request access to the personal data concerning […]
NIS2 compliance? eIDAS 2.0 delivers the building blocks for stronger digital security.
Key takeaways eIDAS 2.0 goes beyond identity. Through trust services such as qualified electronic signatures, timestamps, and archiving, eIDAS 2.0 secures data […]
What is the impact of the Cyber Resilience Act on your contracts and processes?
Key Takeaways The CRA has important consequences for products with digital elements (PDEs). PDEs can no longer simply be placed on the […]
Can you reject a GDPR access request? Prove it!
Case C-526/24 Brillen Rottler discusses a hot topic in privacy land (especially if you are following the Digital Omnibus package), namely when […]
What are the model contractual terms and standard contractual clauses under the Data Act?
The implementation of the Data Act has contractual consequences for organisations that fall within its scope. This means that organisations should review […]
The Cyber Resilience Act (CRA) in 10 questions and answers
Table of Contents While the NIS2 Directive requires essential and important entities to achieve a certain level of cybersecurity at organisational level, […]
Can patient data be used to train AI?
Legal and privacy considerations in healthcare Key Takeaways The reuse of patient data for training an AI model is possible, but requires […]
What is (in)direct data collection under the GDPR
Follow this train of thought: you take public transport and all goes well. A ticket inspector joins your carriage to verify the […]
