Data Protection

Dec 29, 20222 min read

Today, everything is data or can be expressed in data. Data are not just an extension, but an integral part of people's digital selves, and at the same time, their misuse can seriously hurt the rights and freedoms of individuals. Informational self-determination and sovereignty are an aspect of basic freedom.

Therefore, personal data need to be protected against misuse in the same way every other right has to be protected.
In the EU, the legal basis for the protection of personal data is the General Data Protection Regulation (GDPR). Some key principles of the GDPR are:

Every use of personal data needs either informed consent of the data subject or permission in law.
Personal data may only be used for the purposes they have been initially collected for (purpose limitation).
Every use of personal data must be limited to what is necessary for the purpose of processing (data minimization).
Data must only be kept as long as necessary and then be deleted (storage limitation).
Personal data must be processed in a way that ensures appropriate security, including protection against unlawful processing, accidental loss, destruction, or damage by appropriate technical or organizational measures (integrity and confidentiality).
Personal data must be correct and up-to-date (accuracy).
Data must be processed transparently. Data subjects must know which data are processed in which way and for what purpose (transparency).

To ensure compliance with these principles, the GDPR gives data subjects extensive rights vis-à-vis the controller of any data processing. Furthermore, data protection supervisory authority may also hold processors accountable.

Security lock on a circuit board standing for the GDPR-compliance of a IAM solution.

Is your Identity & Access Management (IAM) GDPR-Compliant?

Mar 21, 20245 min read

Inhouse DIY Identity and Access Management, part or complete outsourcing? What are the challenges and pitfalls?

Necessity of an identity and access management system embodied by two hands holding identities in form of circles with anonymous personas inside.

Identity and Access Management (IAM) - Why It Matters and What You Need to …

Mar 8, 20245 min read

IAM systems deserve much more attention – they may work under the hood, but they are the very key to all data and functionality of an online service.

Technical data protection is secured by group of programmers and software developers sitting in front of their screens evaluating code.

Good data protection makes for good business

Feb 28, 20244 min read

Good data protection makes for a reliable IT setup and protects personal data as well as algorithms and trade secrets.

Not only the location of the shown server rack in the data center is relevant for good data protection but also where the firm and its offices are located.

Company headquarters and server location - both must be right for data …

Feb 24, 20245 min read

Storing data in the EU is not a silver bullet for all data protection requirements. Compliance also depends on who owns the server.

An electrified padlock made with electronic components symbolizes security in cloud computing and helping to respect EU data protection regulations

EU Data Protection Update Q4-2023

Feb 9, 202417 min read

We take a look at the most important data protection topics in the fourth quarter of 2023 in the EU

Data cloud in orange teal to symbolize data protection and cybersecurity.

EU Data Protection Update Q3-2023

Nov 7, 202318 min read

Quarterly news update (Q3/2023) highlighting the major developments in the field of data privacy legislation, enforcement, administrative initiatives, cybersecurity with a special focus on Software as a Services and cloud services …

magnifying glass over eu data flag

Engity's European Data Protection Update Q2/2023

Jul 10, 202310 min read

An European overview on the major updates in data protection and privacy in the 2nd quarter of 2023.

EU GDPR Bits and Bytes in Data Stream

Engity's EU Data Protection Update Q1/2023

Apr 27, 202316 min read

We discuss the major updates in data protection and privacy in the 1st quarter of 2023.

Data Cloud over World

EU Data Protection Update Q4 / 2022

Jan 20, 202314 min read

We discuss the major updates in data protection and privacy in the 4th quarter of 2022.

E-Commerce add to cart online shopping business technology internet concept

EU-US data transfers under renewed scrutiny – the Shopify case

Dec 28, 20224 min read

GDPR compliance of data transfers between EU & US for Content Delivery Networks (CDN) with European servers

A virtual login screen above a keyboard stands for a proper technical implementation of an identity and access management system.

The technical implementation of your IT landscape has to be GDPR-compliant

Nov 7, 20225 min read

Many Data Protection Officers do not know enough about the technical implementation of data protection measures. Often this results in non-compliant structures - despite best intentions.

European map colored in blue with the 12 yellow European stars on top with a centered paragraph symbol standing for a European Data Protection

EU Data Protection Update Q3-2022

Oct 11, 20229 min read

Engity highlights the developments in policy, legislation and enforcement in data protection in Q3-2022.

1
2