GDPR Fine Tracker

Official Guidelines

Decisions and Case Law

Templates

Privacy and AI News

Tools and Software

Laws and Regulations

AI Assistant

SEARCH EVERYWHERE

Filtered (137)
Filters
Type
Show (137)
Cancel
Advanced Search
EDPB Report on the first review of the European Commission Implementing Decision on the adequate protection of personal data under the EU-US Data Privacy Framework
GDPR in Practice – Experience of Data Protection Authorities by FRA

Supervisory Authorities

Data (Use and Access) Bill [HL] Draft
EU Cyber Resilience Act (CRA)

Technical and Organisational Measures (TOMs)

Recommendations for the use of AI coding assistants by ANSSI and BSI

AI, Specific processing situations

AIPact by the European Artificial Intelligence Office

AI, Data Subjects Rights, Specific processing situations

Manipulative, Deceptive, and Exploitative AI Systems report by the Dutch DPA

AI, Lawfulness of Processing, Specific processing situations

Secure Future Initiative Report by Microsoft

Technical and Organisational Measures (TOMs)

“AI & Algorithmic Risks Report” by Dutch Data Protection Authority

AI, Risk Management, Specific processing situations

MITIGATING SECURITY & PRIVACY RISKS by Data Security Council of India

Technical and Organisational Measures (TOMs)

Recommendation on mobile applications or apps by the French DPA

Lawfulness of Processing, Specific processing situations

The IDTA, Addendum and TRA: practical guidance for cross-border transfers by the UK ICO

Access Requests (DSAR), Data Transfers

Privacy Impact Assessment (PIA) Templates by CNIL

Data Protection Impact Assessment (DPIA)

Report of the work undertaken by the ChatGPT Taskforce by EDPB

AI, Specific processing situations

Recommendation 01/2019 on the draft list of the European Data Protection Supervisor regarding the processing operations subject to the requirement of a data protection impact assessment (Article 39.4 of Regulation (EU) 2018/1725) |EPDB

Controllers and Processors, Data Protection Impact Assessment (DPIA)

Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR) |EPDB

Data Transfers

Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data |Version 2.0 |EPDB

Data Transfers

Recommendations 02/2020 on the European Essential Guarantees for surveillance measures |EPDB

Specific processing situations, Surveillance

Recommendations 01/2021 on the adequacy referential under the Law Enforcement Directive |EPDB

Adequacy Decisions, Data Transfers

Recommendations 02/2021 on the legal basis for the storage of credit card data for the sole purpose of facilitating further online transactions |EPDB

Consent, Lawfulness of Processing

National Strategy to Advance Privacy-Preserving Data Sharing and Analytics by the EO by the US President

Anonymisation, Controllers and Processors, Technical and Organisational Measures (TOMs)

EO 13800 on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Controllers and Processors, Technical and Organisational Measures (TOMs)

DRAFT RISK ASSESSMENT REGULATIONS FOR CALIFORNIA PRIVACY PROTECTION AGENCY

Risk Management

International Data Transfer Agreements – Transitional Provisions

Data Transfers

Transfer Risk Assessment Tool by the UK ICO

Data Transfers

Transfer Impact Assessment (TIA) Template by HSE

Data Transfers

[UK] International Data Transfer Addendum to the EU Commission Standard Contractual Clauses

Data Transfers

[UK] Standard Data Protection Clauses to be issued by the Commissioner under S119A(1) Data Protection Act 2018

Data Transfers

2023 Coordinated Enforcement Action Designation and Position of Data Protection Officers by EDPB

Controllers and Processors, Data Protection Officer (DPO)

EU DATA ACT
[PROPOSAL 2024] EU AI ACT

AI, Specific processing situations

[Draft] Transfer Impact Assessment by the CNIL

Data Transfers

[DRAFT] FRAMEWORK CONVENTION ON ARTIFICIAL INTELLIGENCE, HUMAN RIGHTS, DEMOCRACY AND THE RULE OF LAW

AI, Specific processing situations

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL LAYING DOWN HARMONISED RULES ON ARTIFICIAL INTELLIGENCE (ARTIFICIAL INTELLIGENCE ACT)

AI, Specific processing situations

Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence (PROPOSED MEMORANDUM )

AI, Specific processing situations

DPIA for AI template

Controllers and Processors, Data Protection Impact Assessment (DPIA)

AI Privacy Policy template

AI, Specific processing situations

Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence by the US President

AI, Specific processing situations

Online Safety Bill | UK
AI and Data Protection Risk Toolkit by UK ICO

AI, Controllers and Processors, Data Protection Impact Assessment (DPIA), Specific processing situations

Description of the dataset template by CNIL

AI, Specific processing situations

Data Breach Process Guidance by HSE

Controllers and Processors, Data Breaches

Global Approaches to Auditing Artificial Intelligence by IPIE

AI, Specific processing situations

Recommendation 5: Promote parental controls that respect the child’s privacy and best interests by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 4: Seek parental consent for children under 15 by CNIL

Children as data subjects, Consent, Data Subjects Rights, Lawfulness of Processing

Recommendation 3: Support parents with digital education by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 2: Encourage children to exercise their rights by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 1: Regulate the capacity of children to act online by CNIL

Children as data subjects, Data Subjects Rights

NSW report: Artificial intelligence in New South Wales

AI, Specific processing situations

Recommendation 7: Check the age of the child and parental consent while respecting the child’s privacy by CNIL

Children as data subjects, Data Subjects Rights

Recommendation 6: Strengthen the information and rights of children by design by CNIL

Children as data subjects, Data Subjects Rights

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on adapting non-contractual civil liability rules to artificial intelligence (AI Liability Directive)

AI, Liability and Remedies, Specific processing situations, Supervisory Authorities

Emerging digital technologies in the public sector report by EU Commission

New technology

KOSPA Passed by Senate: Strengthening Online Protections for Children and Teens
Securing Artificial Intelligence: Mitigation Strategy Report by ETSI

AI, Specific processing situations

Responsible AI Governance in Africa: Prospects for Outcomes Based Regulation by African Observatory on Responsible AI

AI, Specific processing situations

Office of the Privacy Commissioner of Canada Sweep Report 2024

Consent, Cookies, Lawfulness of Processing

Data protection impact assessment for AI Solutions by Danish DPA

AI, Controllers and Processors, Data Protection Impact Assessment (DPIA), Specific processing situations

Relying on the legal basis of legitimate interest to develop an AI system by CNIL

AI, Specific processing situations

Patent Landscape Report on Generative AI by WIPO

AI, Specific processing situations

Consent Banner Report Overview of EU and national guidelines on dark patterns by NOYB

Consent, Lawfulness of Processing

Mobilizing the legal basis of legitimateinterest to develop an AI system by CNIL

AI, Specific processing situations

Report from Multistakeholder Expert group on GDPR application

Data Subjects Rights

Risk and control for artificial intelligence and machine learning systems by Cybernetica

AI, Specific processing situations

Governance of artificial intelligence (AI) by House of Commons UK

AI, Specific processing situations

Neurodata risks report by EDPS and Spanish DPA

AI, Specific processing situations

Convention on AI, Human Rights, Democracy and the Rule of Law – by the Council of Europe (draft)

AI, Specific processing situations

Report of the work undertaken by the ChatGPT Taskforce bg EDPB

AI

EU-US Data Privacy Framework Template Complaint Form for Submitting Commercial Related Complaints to EU DPAs by EDPB

Adequacy Decisions, Data Transfers

REGULATION (EU) 2024/900 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 13 March 2024 on the transparency and targeting of political advertising

Marketing and Advertising, Specific processing situations

Personal data breach report form

Controllers and Processors, Data Breaches

Report and Recommendations of the New York State Bar Association Task Force on Artificial Intelligence

AI, Specific processing situations

ЕО Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern
EO 13800 on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Technical and Organisational Measures (TOMs)

Zapier’s Transfer Impact Assessment

Data Transfers

Personal data breaches in the health sector: how to avoid them (and how to deal with them when they happen) by the UK ICO

Data Breaches, Health Data

Cybersecurity panel session: SME Focus by the UK ICO

Technical and Organisational Measures (TOMs)

Cybersecurity panel session: Supply chain attacks by the UK ICO

Technical and Organisational Measures (TOMs)

Cybersecurity panel session: An introduction to incident response, common cyber threats and ways to mitigate risk by the UK ICO

Technical and Organisational Measures (TOMs)

Federal Data Protection Act (Germany)
Insight into audit and assurance by the UK ICO
Lifecycle of a complaint by the UK ICO

Data Subjects Rights

Good FOI practice – a panel discussion by the UK ICO

Freedom of expression and information

DIRECTIVE (EU) 2016/680 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (Law Enforcement Directive)
REGULATION (EU) 2022/868 (Data Governance Act)
REGULATION (EU) 2022/1925 (Digital Markets Act)
DIRECTIVE (EU) 2019/1937 on the protection of persons who report breaches of Union law (Whistleblower Directive)

Whistleblowing

Directive 2002/58/EC on privacy and electronic communications
REGULATION (EU) 2018/1725 “GDPR for EU Institutions”
Directive (EU) 2016/1148 “NIS2 Directive”
UK Data Protection Act 2018
European Convention on Human Rights
Federal Act on Data Protection (Switzerland)
EU AI Act
Personal Information Protection and Electronic Documents Act (PIPEDA, CANADA)
Personal data protection law (Saudi Arabia)
Connecticut Data Privacy Act
Utah Consumer Privacy Act
Joint Guide to ASEAN MCC and EU SCC

Data Transfers, Standard Contractual Clauses (SCC)

Data Protection Impact Assessments (DPIA) Template by UK ICO

Data Protection Impact Assessment (DPIA)

Data Protection Impact Assessment (DPIAs) by APDCAT

Data Protection Impact Assessment (DPIA)

CALIFORNIA CONSUMER PRIVACY ACT REGULATIONS
Records of processing activities template by the CNIL

Records of processing Activities (ROPA)

Recommendations for companies planning to use Cloud computing services by CNIL

Cloud Services

CCPA Full Text
How Google Uses Information on websites [link]
Report of the work undertaken by the Cookie Banner Taskforce [Official EDPB Guidelines] [pdf]

Consent, Cookies

AT&T Privacy Notice

Data Subjects Rights

Annual Report 2023 NOYB

Data Subjects Rights

Second Report on the application of the General Data Protection Regulation by EU Commission

Data Subjects Rights, Data Transfers

Annual Report 2023 by Irish DPA

Data Subjects Rights

AI system development: CNIL’srecommendations to comply with the GDPR

AI, Specific processing situations

Addictive patterns in the processing of personal data Implications for data protection by AEPD

Definitions, Processing of personal data

BEYOND IMAGINATION : PLANNING FOR ONTARIANS’ DIGITAL FUTURE | 2023 annual report

Governance

AI Auditing Checklist for AI Auditing by EDPB

AI, Specific processing situations

AI, DATA GOVERNANCE AND PRIVACY SYNERGIES AND AREAS OF INTERNATIONAL CO-OPERATION BY OECD

AI, Specific processing situations

AI Development Recommendations to Ensure GDPR Compliance by CNIL

AI, Specific processing situations

The Colorado AI Act “Senate Bill SB24-205”

AI, Specific processing situations

Template Complaint Form to the U.S. Office of the Director of National Intelligence’s Civil Liberties Protection Officer (CLPO) by EDPB

Adequacy Decisions, Data Transfers

American Privacy Rights Act Discussion Draft
The American Privacy Rights Act (APRA) section-by-section draft
Technical and organisational measures signed by Superhosting.bg

Controllers and Processors, Technical and Organisational Measures (TOMs)

Technical and Organizational Measures by Adobe Cloud Services

Controllers and Processors, Technical and Organisational Measures (TOMs)

Privacy Program 247.ai
(NEW JERSEY) ACT concerning [commercial Internet websites] online, services, consumers, and [personally identifiable information] personal data and supplementing Title 56 of the Revised Statutes
[UK] International Data Transfer Addendum to the EU Commission Standard Contractual Clauses

Data Transfers

[UK] International Data Transfer Agreements – Transitional Provisions

Data Transfers

American Data Privacy And Protection Act (DRAFT)
Balancing transparency and empathy in request and complaint handling by the UK ICO

Access Requests (DSAR)

Section 40(2) FOIA – the personal data exemption – a practical approach by the UK ICO

Access Requests (DSAR), Data Subjects Rights

A 10-step guide to sharing information to safeguard children by the UK ICO

Children as data subjects

Privacy, seriously by the UK ICO

AI, Privacy by Design, Product Privacy Design

AI and Data Protection risk toolkit by the UK ICO

AI, Data Protection Impact Assessment (DPIA)

Senate Bill 262 (Delete Act)
THE DIGITAL PERSONAL DATA PROTECTION ACT (INDIA)
Consumer Data Protection Act (Virginia CDPA)
Colorado Privacy Act