11 Best GDPR-Compliant CRM Solutions
We take a look at the 10 best CRM solutions that comply with the GDPR to keep your customer relationships in compliance.| Termly
We take a look at the 10 best CRM solutions that comply with the GDPR to keep your customer relationships in compliance.| Termly
On September 4, 2025, the Court of Justice of the EU (“Court”) handed down its judgment in case EDPS v SRB C-413/23 P, setting aside the General Court of the European Union’s (“General Court”) judgment of April 26, 2023 in case SRB v EDPS T‑557/20. In particular, the Court clarified that whether pseudonymized data can... Continue Reading…| Inside Privacy
The European Union privacy directive fundamentally transformed how organisations worldwide handle personal data, creating ripple effects that extend far beyond European borders. What began as... The post European Union Privacy Directive: From Directive 95/46/EC to GDPR appeared first on GDPR Local.| GDPR Local
The modern business landscape runs on data. From refining marketing strategies to optimising supply chains, access to relevant, high-quality datasets has the potential to bring... The post Data Marketplaces and GDPR Obligations: A Guide for Data Buyers appeared first on GDPR Local.| GDPR Local
Automated decision-making is changing how organisations operate, from loan approvals and insurance claims to recruitment and healthcare diagnostics. However, the use of automated systems raises... The post Automated Decision Making: Overview of GDPR Article 22 appeared first on GDPR Local.| GDPR Local
From employee headshots and security footage to marketing photographs and event documentation, images containing identifiable individuals trigger strict compliance requirements that many organisations overlook. Organisations... The post GDPR for Images: Compliance Overview for Visual Data Protection appeared first on GDPR Local.| GDPR Local
The full enforcement of the EU AI Act is expected by late 2027. Meanwhile, you need to take necessary steps to prepare and stay compliant.| GDPR Local
Enterprise-grade encryption at WP Remote means AES-256 encryption + TLS protocols - aligning with the global data protection laws.| WP Remote
Cybersecurity regulations are converging on a clear message: phishing-resistant multi-factor authentication (MFA) is now the baseline for compliance. Whether you operate in financial services, critical...| Secfense
Regulated industries such as banking, healthcare, and public administration face stringent identity and access management (IAM) requirements driven by regulations including PSD2, HIPAA, NIS2, and...| Secfense
A felhőalapú adattárolás kényelmes és hatékony, de komoly biztonsági kockázatokat is rejt. Cikkünkben bemutatjuk, miért elengedhetetlen a felhőben tárolt adatok titkosítása, és hogyan védi meg ez vállalkozását a kibertámadásoktól és adatvesztéstől.| aWh
Chris Denbigh-White discusses how AI and emerging technologies pose new GDPR challenges, requiring a balance of deployment and legality.| Help Net Security
Act Now is pleased to report that the next AI Governance Practitioner Certificate course, starting in September, is fully booked. There are still a few places available on the next course, starting in October, which is the final one in 2025. The AI Governance Practitioner Certificate is designed to equip Information Governance professionals with the essential … Continue reading "AI Governance Practitioner Certificate: Final Course for 2025 "| Your Front Page For Information Governance News
Act Now is delighted to welcome Dr. Malkiat Thiarai to our team of associates. Our associates play a vital role in delivering our mission: helping to create a more privacy-conscious world by …| Your Front Page For Information Governance News
See the map of state data privacy laws - which states have laws in effect, have laws soon to go into effect, and are currently considering legislation.| I.S. Partners
L’AI agentica è un’evoluzione radicale: da strumenti reattivi a colleghi digitali autonomi, capaci di apprendere, pianificare e collaborare| AI4Business
As of February 2020, 88 law enforcement and government-affiliated agencies in 24 countries outside the United States have tried to use controversial facial recognition technology Clearview AI, according to a BuzzFeed News investigation.| BuzzFeed News
Publicarea numelor cetățenilor pe așa-numitele „liste ale rușinii” sau ale bunilor platnici, nu numai că încalcă legile sacre ale confidențialități fiscale (încă în vigoare) dar și prevederile temeinice ale GDPR-ului european, și deschide calea unor abuzuri de neiertat.| APADOR-CH
We are excited to share a significant achievement at PeerDB: we have achieved full compliance with the General Data Protection Regulation (GDPR). This milestone represents our unwavering dedication to data protection and privacy, further strengthenin...| PeerDB Blog
Meta GDPR fine: Learn why the €1.2B penalty for EU-US data transfers is important in 2025 and what it means for businesses.| GDPR Local
Act Now is pleased to report that the first cohort of its new AI Governance Practitioner Certificate has successfully completed the course. This course is designed to equip Information Governance professionals with the essential knowledge and skills to navigate AI deployment within their organisations. As we detailed in our previous blog “What is the role of … Continue reading "AI Governance Practitioner Certificate: First Cohort Successfully Completes Course "| Your Front Page For Information Governance News
On Monday, a Scottish Charity (Birthlink) received a GDPR Monetary Penalty Notice of £18,000 after it destroyed approximately 4,800 personal records, up to ten percent of which may be irreplaceable. Birthlink is a charity specialising in post-adoption support and advice, for people who have been affected by adoption with a Scottish connection. Since 1984 it … Continue reading "Charity Receives £18,000 GDPR Fine"| Your Front Page For Information Governance News
That’s where the WPLP Compliance Platform helps.| Webnus
The UK retail sector has come under siege in 2025, with an unprecedented wave of cyber attacks. After the Ticketmaster breach in 2024 where millions of users were affected, one would assume retailers had taken note. However, From Marks & Spencer to Louis Vuitton, companies large and small are grappling with relentless, tech-enhanced intrusions that threaten customer trust … Continue reading "Retail Under Siege Through AI Enabled Cyber Attacks "| Your Front Page For Information Governance News
On Tuesday, the High Court lifted a superinjunction that prevented scrutiny of one of the most serious personal data breaches involving a UK Government department. In February 2022, a Ministry of D…| Your Front Page For Information Governance News
There are 1.13 billion websites on the internet, according to a quick Google search. In case you were wondering, that’s approximately a *bleep ton of websites. So, naturally, there are numerous blogs ... Read more| Termageddon
Warning: Undefined array key "modern_footnotes_include_footnote_list_at_end_of_rss_content" in /home/iccl/domains/iccl.ie/public_html/wp-content/plugins/modern-footnotes/modern-footnotes.php on line 692 Warning: Undefined array key "modern_footnotes_include_footnote_list_at_end_of_rss_content" in /home/iccl/domains/iccl.ie/public_html/wp-content/plugins/modern-footnotes/modern-footnotes.php on line 692 Warning: Undefined array key "modern_footnotes_include_footnote_list_at_end_of_rss_content"...| Irish Council for Civil Liberties
This note analyses additional granular data from Dutch publisher NPO, and presents lessons for the publishing industry about privacy and revenue based on six months of data from a publishing group that removed 3rd party tracking.| Dr Johnny Ryan FRHistS
This note shares new data on publisher revenue impact from switching off 3rd party ad tracking.| Dr Johnny Ryan FRHistS
This note shares new data on publisher revenue impact from switching off 3rd party ad tracking. In January, the Dutch national broadcaster, NPO, switched off 3rd party tracking ad targeting. NPO has an online video audience of 7.1 million per month, and display reach of 5.8 million per month.[1] Revenue impact I have examined Ster’s revenue figures, … Continue reading New data shows publisher revenue impact of cutting 3rd party trackers| Dr Johnny Ryan FRHistS
Procter & Gamble invited Dr Johnny Ryan of Brave to give a (remote) keynote address about how advertisers should adapt to the privacy-first future.The presentation covers the problems with conventional advertising technology, risks to brands and media sustainability, and sets out several alternative models. See the video here. For reasons made clear in this keynote presentation, … Continue reading Johnny Ryan’s privacy keynote for P&G| Dr Johnny Ryan FRHistS
Senior representatives of advertisers, publishers, and intermediaries discuss two years of the the GDPR in a discussion hosted by Brave. Participants: Dr Johnny Ryan, Chief Policy Officer, Brave; Catherine Armitage, Director of Digital Policy, World Federation of Advertisers; Conor Murray, Director of Regulatory and Public Affairs, EGTA; Mathilde Fiquet, Director General, FEDMA. The discussion covers the impacts of the GDPR … Continue reading Industry discussion on the GDPR at 2 years ...| Dr Johnny Ryan FRHistS
New data from Brave show that European governments have not equipped their national authorities to enforce the GDPR. Brave presents Europe’s governments are failing the GDPR, a report on data protection authorities’ (DPAs) capacity to enforce against tech infringements of the GDPR. Two years after the GDPR was first applied, the GDPR is now in danger … Continue reading New data on GDPR enforcement agencies reveal why the GDPR is failing| Dr Johnny Ryan FRHistS
Brave has filed a formal GDPR complaint against Google for infringing the GDPR “purpose limitation” principle. Enforcement would be tantamount to a functional separation of Google’s business. This morning, Brave filed a formal GDPR complaint against Google for infringing Article 5(1)b of the GDPR, which sets forth the “purpose limitation” principle. Quick facts The GDPR purpose … Continue reading Formal GDPR complaint against Google’s internal data free-for-all| Dr Johnny Ryan FRHistS
Brave's submission to the UK Competition & Markets Authority shows how to fix the RTB market and end Google's advertising monopoly.| Dr Johnny Ryan FRHistS
This note highlights the inadequacies of Google and IAB proposals to reform RTB, and rebuts the argument for inaction.| Dr Johnny Ryan FRHistS
The ICO has today announced that it will be taking no substantive action to fix "RTB", the largest data breach ever recorded in the UK. Regulatory ambivalence cannot continue. We are considering all options to put an end to the systemic breach, including direct challenges to the controllers and judicial oversight of the ICO.| Dr Johnny Ryan FRHistS
Ryan's testimony at International Grand Chamber: RTB data breach enables disinformation. Enforcers can be sued.| Dr Johnny Ryan FRHistS
This note presents a submission from Dr Johnny Ryan of Brave, and Dr Orla Lynskey of the London School of Economics, to the UK Competition & Markets Authority.| Dr Johnny Ryan FRHistS
This note examines the GDPR requirement that marketers conduct data protection impact assessments (DPIAs) when buying digital media using “real-time bidding” advertising.| Dr Johnny Ryan FRHistS
Brave presents new RTB evidence, and has uncovered a mechanism by which Google appears to be circumventing its purported GDPR privacy protections.| Dr Johnny Ryan FRHistS
[et_pb_section fb_built=”1″ fullwidth=”on” _builder_version=”3.22″ use_background_color_gradient=”on” background_color_gradient_start=”#00010c” background_color_gradient_end=”#353535″ background_color_gradient_direction=”14deg” custom_padding=”0px|0px|40px|0px”][et_pb_fullwidth_post_title comments=”off” featured_image=”off” text_color=”light” admin_label=”Fullwidth Post Title” _builder_version=”4.0.11″ title_font=”Poppins|500|||||||” tit...| Dr Johnny Ryan FRHistS
Dr Johnny Ryan responds to a statement from IAB Europe regarding its failure to answer the Irish Data Protection Commission. Four months on, both I and the Data Protection Commission are still waiting for the first explanation of how “IAB Europe is confident that the way it obtains consent for the use of cookies on its website complies with the requirements of the law”.| Dr Johnny Ryan FRHistS
IAB Europe fails to answer questions from Irish Data Protection Commission arising from formal GDPR complaint by Brave's Dr Ryan against IAB Europe's "forced consent" and consent walls.| Dr Johnny Ryan FRHistS
This note summarizes the ICO report on real-time bidding, which vindicates the GDPR complaints initiated by Brave, and points toward the solution.| Dr Johnny Ryan FRHistS
DCN's CEO, Jason Kint, says removing personal data from bid requests might disadvantage adtech companies, but the sky won’t fall for publishers.| Dr Johnny Ryan FRHistS
Brave answers Senators Whitehouse, Booker, Graham and Leahy’s questions for the record from the US Senate Judiciary Committee hearing on privacy and anti-trust.| Dr Johnny Ryan FRHistS
Today, Ireland’s Data Protection Commission (DPC) has announced a major GDPR probe into “suspected infringement” by Google’s DoubleClick/Authorized Buyers advertising business. The probe was triggered by a formal complaint from Dr Johnny Ryan, Chief Policy Officer at Brave, the private web browser.| Dr Johnny Ryan FRHistS
Dr Johnny Ryan's testimony at the US Senate Judiciary Committee hearing on “Understanding the Digital Advertising Ecosystem and the Impact of Data Privacy and Competition Policy”.| Dr Johnny Ryan FRHistS
GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech” industry.| Dr Johnny Ryan FRHistS
Brave has written to the California Department of Justice to highlight potential loopholes in the California Consumer Protection Act (CCPA).| Dr Johnny Ryan FRHistS
A formal complaint has been filed with the Irish Data Protection Commissioner against IAB Europe, the tracking industry’s primary lobbying organization.| Dr Johnny Ryan FRHistS
The cover story of The Economist this week includes a diagram of the "data protection-free zone" at the heart of the online advertising auction system.| Dr Johnny Ryan FRHistS
Brave has written to the California Department of Justice to highlight potential loopholes in the California Consumer Protection Act (CCPA).| Dr Johnny Ryan FRHistS
New evidence to regulators: IAB documents reveal that it knew that real-time bidding would be “incompatible with consent under GDPR”.| Dr Johnny Ryan FRHistS
Brave and co-complainants in Poland, Ireland, and the UK submit new evidence about massive adtech leakage of highly intimate data.| Dr Johnny Ryan FRHistS
Big tech companies "cross-use" user data from one part of their business to prop up others. This hurts innovation & choice. The FTC must investigate. Plus, the GDPR is emerging as a defacto international standard. Whether this helps or harms United States firms will be determined by whether the United States enacts and actively enforces robust federal privacy laws.| Dr Johnny Ryan FRHistS
Investigation needed to stop anticompetitive practices that hurt publishers, restrict innovation, and limit consumer choice.| Dr Johnny Ryan FRHistS
French regulator’s decision against Vectaury confirms that IAB “Transparency & Consent Framework” does not obtain valid consent, and illustrates how even tiny adtech companies can unlawfu…| Dr Johnny Ryan FRHistS
This year’s Wimbledon Tennis Championships are not just a showcase for elite athleticism but also a high-profile test of Artificial Intelligence. For the first time in the tournament’s 148-year his…| Your Front Page For Information Governance News
GDPR machine learning: Understand consent, data minimisation, and individual rights for compliant ML model development.| GDPR Local
I posted a note on things we’ve forgotton about the GDPR. I posted this on Linkedin & Medium. It talks about the DPO, Privacy Impact Analysis and 3rd Party standards. … 1. The DPO needs industry-leading knowledge on both the| davelevy.info
M20, from my branch, on making the privacy policy better was moved by and carried, annoyingly I didn’t make the point powerfully enough that the problem is that the GMB will not permit the use of email for contract purposes| davelevy.info
Explore the Dutch Data Protection Authority's guidelines on web scraping, its legal complexities, privacy risks, and other relevant details important to your organization.| Securiti
The digital economy has made consumer data a central consideration in all kinds of consumer transactions. The digital economy “runs on data,” so to speak, although claims that data is “the new oil” fall short of the mark. Various digital services employ data to improve ad targeting, search, and artificial intelligence. In some kinds of ... Let Privacy Features Compete: A Competition Approach to Privacy Regulation| Truth on the Market
The Data (Use and Access) Act 2025 received Royal Assent on 19th June 2025. It is important to note that the new Act will not replace current UK data protection legislation. Rather it will amend th…| Your Front Page For Information Governance News
The letter urges the European Commission to reassess Israel’s data protection adequacy status under the GDPR.| European Digital Rights (EDRi)
The recently passed Data (Use & Access) Act 2025 has hit a nerve across industries, with concerns mounting over its impact on UK businesses and their vital data flows with the EU. While the Government insists the new law will simplify compliance and boost innovation, critics – including the Law Society of England & Wales [...] The post UK’s Data Deal with EU at Risk as New Law Sparks Industry Debate appeared first on The Software Bureau.| The Software Bureau
“Pretexting” and “blagging” are forms of social engineering whereby someone attempts to extract information from a source by deception. One (unethical) example is when a journalist purports to be s…| informationrightsandwrongs
This week, I've been wrong about (at least) two things, believing that: I was done with the Copytrack stuff: I sent them proof of license and subsequently audited my image use to ensure they'd never have any excuse to darken my virtual doorway again. I could have a lazy Friday afternoon: I had a day off and intended to doze in front of Four in a bed. Unfortunately, I was wrong on both counts. Not long after I had settled down to watch people complain about the quality of sausages, my phone we...| www.bentasker.co.uk
In this episode, I talk with Ben Sibley and Andrew Mead, creators of the Independent Analytics WordPress plugin. We discuss how the plugin offers privacy-focused, GDPR-compliant analytics entirely within your WordPress dashboard, no external servers, tracking, or cookies involved. The plugin is designed for simplicity and deep WordPress integration, providing easy-to-understand reports on visitors, referrers, devices, and more. We cover features, performance, third-party integrations, support...| WP Builds
Learn essential steps for GDPR compliance when doing business in the EU. Understand rules, user rights, and legal data handling requirements.| Learn Digital Marketing
GDPR compliance for apps means securing user data, gaining consent, and respecting privacy. Learn the key steps to keep your app compliant.| GDPR Local
The European Union has just agreed to new procedural rules for enforcement of the General Data Protection Regulation (GDPR), touting faster investigation deadlines and streamlined cooperation between data-protection authorities. But celebrating 15-month investigation timelines as progress reveals just how far we’ve strayed from reasonable regulatory practice. This “steroids shot” for GDPR enforcement, as Politico calls ... The EU’s GDPR ‘Fix’ Misses the Point Entirely The post The...| Truth on the Market
Art. 9 GDPRProcessing of special categories of personal data Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and...| GDPR.eu
The Information Commissioner’s Office (ICO) has fined a US genetic testing company £2.31 million under the UK GDPR following a 2023 cyber-attack. 23andMe provides genetic testing for, amongst…| Your Front Page For Information Governance News
EDRi and EDRi members Open Rights Group and Privacy International, are urging the European Commission not to re-adopt the UK’s data adequacy decisions without meaningful reform.| European Digital Rights (EDRi)
The European Commission issued a significant noncompliance decision earlier today, finding the “consent or pay” model that Meta implemented from March 2024 to November 2024 for its Facebook and Instagram services breached key obligations imposed on designated gatekeepers under the Digital Markets Act (DMA). Accompanied by a €200 million fine, the decision concluded that Meta’s ... A First Take on the European Commission’s DMA Decision Against Meta| Truth on the Market
The General Data Protection Regulation (GDPR) is arguably one of the most comprehensive and heavily enforced privacy laws in the world. GDPR went into effect on May 25, 2018 and aims to protect the personal data of European Union residents by providing them with certain privacy rights, requiring websites to…| Termageddon
Here are some of the best WordPress GDPR plugins to help you with cookie compliance for your website. Make sure that your site does not face any legal issues.| IsItWP - Free WordPress Theme Detector
The Data (Use and Access) Bill has cleared the final hurdle in Parliament and will soon become the Data (Use and Access) Act 2025 following Royal Assent. The new Act will amend the UK G…| Your Front Page For Information Governance News
The Information Commissioner’s Office (ICO) has fined a Merseyside-based law firm £60,000 following a cyber-attack that led to highly sensitive personal data being published on the dark web.&…| Your Front Page For Information Governance News
Given that AI models require large swathes of data to operate, the GDPR’s expansive definition of personal data means that many applications of AI involve complex data protection issues – especially where those datasets are obtained from third-party sources. At the Irish DPC’s request, the European Data Protection Board (“EDPB”) has adopted Opinion 28/2024 on [...]| Debevoise Data Blog
Our top-five European data protection developments from February are: European Commission publishes guidelines on prohibited AI practices: The EU Commission has published non-binding guidance on the EU AI Act’s prohibited use cases. European Parliamentary Research Service Report Highlights Tension Between the EU AI Act and GDPR: The ERPS published a report warning of a potential [...]| Debevoise Data Blog
Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act, introducing cybersecurity requirements for digital products sold in the EU. Businesses may wish to start applying the requirements to products and processes ahead of the Act becoming fully [...]| Debevoise Data Blog
Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., following Uber’s move away from relying on the standard contractual clauses (“SCCs”) in 2021. Businesses may wish to assess [...]| Debevoise Data Blog
Our top five European data protection developments from July are: EU AI guidance: Businesses should consider reviewing their AI policies and practices following guidance from the French CNIL and the Irish DPC recommending that businesses conduct AI risk assessments and prepare AI policies and procedures, alongside the EDPB’s statement supporting the appointment of DPAs as [...]| Debevoise Data Blog
Our top five European data protection developments from June are: Non-material damage under GDPR: The CJEU clarified the scope of compensation for non-material damage in the context of identity theft and data subjects’ fear that their personal data had been exposed. Businesses may wish to review their policies and procedures for responding to compensation requests [...]| Debevoise Data Blog
Our top five European data protection developments from May are: UK guidance on ransom payments: The UK NCSC and various insurance industry bodies co-published guidance on key considerations for ransomware payments. The guidance does not introduce new restrictions or obligations, and is consistent with prior industry standards, as well as UK NCSC and UK ICO [...]| Debevoise Data Blog
GDPR 7 years on: What’s going to change and what businesses need to know to navigate this new landscape. FAQs and our answers are here.| VinciWorks
We're living in a world with numerous privacy laws that are always changing and growing in number. The question is, why not just one privacy law?| Termageddon
Learn how Global Privacy Control (GPC) impacts compliance, builds trust, and helps businesses stay ahead of evolving privacy laws.| Red Clover Advisors
Struggling with WordPress GDPR compliance? WPConsent offers easy cookie banners, consent logging, & global privacy support to protect your site & build trust.| IsItWP - Free WordPress Theme Detector
But revising the EU's landmark data privacy regulation could be akin to re-opening Pandora's box.| Euractiv
O tom, proč používat rozšíření Consent-O-Matic na automatické vyplňování souhlasů se zpracováním osobních údajů a ukládáním cookies.| Sesivany's blog
The General Data Protection Regulation (GDPR) is a privacy law that went into effect on May 25, 2018, with the goal of protecting the personal data of residents of the European Union. As arguably the most comprehensive and most frequently enforced privacy law in the world, GDPR provides extensive privacy…| Termageddon
Artificial intelligence (AI) has seen huge advances in the last two years. A few years ago it was just a subject of geeky tech discussions; now it is playing a role in every aspect of our lives. La…| Your Front Page For Information Governance News
DeepSeek AI faces intense scrutiny in Europe after Italy’s data protection authority, the Garante, questioned its data practices. Several EU regulators are taking note, and this has sparked discussions on how personal information is handled by AI models.| GDPR EU
UK-based companies should carefully consider the wide-ranging implications of storing data outside the UK.| Compare the Cloud
AI regulations take center stage in political discussions about the usage of AI and biometric technology in 2025. Here's an overview.| BioID
