What is (in)direct data collection under the GDPR
Follow this train of thought: you take public transport and all goes well. A ticket inspector joins your carriage to verify the […]
The legal analysis of NIS2: what you need to know before you start
Table of Contents Key takeaways Always start with a legal analysis for NIS2. The classification as an essential or important entity determines […]
CISO & DPO: Better together?
How stronger CISO-DPO collaboration improves compliance, risk, and resilience The DPO (Data Protection Officer) and the CISO (Chief Information Security Officer) are […]
How to launch a high-risk AI system under the AI Act
It’s finally here, you have built your state-of-the-art AI system which is exactly what the market and your customers need: a CV […]
Digital Omnibus: Key takeaways for privacy and compliance teams
Key Takeaways No immediate action required: These are still draft proposals. If adopted, most changes will be phased in gradually, with limited […]
Belgium’s first year of NIS2: What Cyfun means for you
At a Belgian shipping terminal, an automated gate system failed for just one hour because the supplier’s camera equipment malfunctioned. In that […]
Sales can also be free: CJEU confirms soft opt-in for free content under ePrivacy Directive
Introduction Inteligo Media is a website offering daily updates on Romanian legislative developments. Most articles are free, but users hit a paywall […]
Why AI still needs a human in the loop, and what EU law says about It
Table of Contents Introduction You apply for a job online, upload your CV, and within seconds receive a polite rejection. You never […]
The AI Act’s New Guidelines on General-Purpose AI Models (GPAI)
Table of Contents The European Commission’s July 2025 Guidelines on the Scope of the Obligations for General-Purpose AI Models (GPAI) mark the […]
What is a virtual DPO (vDPO)?
What is a vDPO? A virtual Data Protection Officer (or vDPO) is a company/service provider assigned as external DPO, who delivers data […]
Is personal data always personal?
What the SRB-case teaches us about Pseudonymisation, Consent, and GDPR Compliance For years, privacy professionals have debated: should we consider personal data […]
Professional secrecy and the GDPR. what healthcare providers need to know
In healthcare, trust is everything. That trust begins with a promise: that what’s shared in confidence stays in confidence. But what happens […]
