Filter the results
-
CNPD Course: 23 October 2018
Data Protection Basics
On 23 October 2018, the CNPD organizes new courses on the basics of data protection. These courses are aimed at “beginners”, who wish to learn basic elements of data protection law.
-
The right to information
Who processes my personal data? Why and how is it processed? Companies or administrations must give you these elements in clear and plain language at the same time as the collection of your data or, at the latest, within one
-
27 January 2015
Meeting with Cameron Kerry
On 27 January 2015, the National Commission for Data Protection, represented by Tine A. Larsen (President) and Georges Wantz (Commissioner), met with former Acting Secretary of Commerce and General Counsel of the United States, Cameron Kerry, and former Minister of
-
European Data Protection Board (EDPB)
Article 29 of European Directive 95/46/EC of 24 October 1995 (which is the foundation for the Amended Act of 2 August 2002) set up an independent working party composed of representatives of the data protection authorities in the Member States of the European Union, which is called the "Article 29 Working Party".
-
Decisions on the outcome of investigations
The CNPD has made public 18 decisions concerning investigations on the outcome of investigations. In accordance with Article 41 of the Law of 1 August 2018 on the organisation of the CNPD and the General Data Protection Regime, decisions on the outcome of investigations are taken by the restricted panel of the CNPD. The decisions are in principle published anonymously on its website,
-
Privacy Impact Assessment
The CNPD is assisting Luxmetering with the introduction of smart meters for electricity and gas
In the field of smart metering, the CNPD is assisting the GIE Luxmetering with the implementation of their operating processes and procedures as part of a Privacy Impact Assessment (PIA). The aim of this approach is to assess the likelihood
-
Data Protection Officer (DPO)
The Data Protection Officer (DPO) has an important role in the legal framework created by the General Data Protection Regulation (GDPR). Articles 37 to 39 GDPR lay down the rules applicable to the designation, position and tasks of the DPO
-
Data breaches (General data protection regulation)
Data controllers shall notify personal data breaches to the CNPD withing 72 hours after having become aware of them, if the violation in question is is likely to result in a risk to the rights and freedoms of natural persons.
-
Further processing of personal data
Where the processing for a purpose other than that for which the personal data have been collected is not based on the data subject's consent or on a Union or Member State law which constitutes a necessary and proportionate
-
The right to rectification
If you have noticed that personal data concerning you is inaccurate, incomplete or simply not up to date, you can request to rectify it. If contacted, the controller has to correct the inaccurate information concerning you. This right prevents an
-
Your rights
The General Data Protection Regulation grants you rights that allow you to control the use of your own personal data:
-
Security of personal data
Both you and your processors shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. These security measures shall take into account the state of the art, the costs of implementation
-
European Data Protection Board (EDPB)
Fifteenth EDPB Plenary session
During the fifteenth plenary session, a wide range of topics was discussed: Privacy Shield Review, Guidelines on Territorial Scope, Guidelines on Data Protection by Design & Default, Art. 64 Opinion on Exxon Mobil BCRs, Response letter to LIBE, Additional Protocol Budapest Convention.
-
Merry Christmas and a Happy New Year
Merry Christmas and a Happy New Year!
-
Attention: Phishing attempt by requesting access
Several organisations have contacted the CNPD following the receipt of a request for access that seemed dubious. The CNPD immediately contacted the GovCert to check whether it is a legitimate email or a phishing attempt. It has indeed been confirmed that the demand that has come from the domain "electronicprivacy.eu" is classified as phishing.
-
Publication of the annual report 2019
Publication of the annual report 2019 2019 was the first full year that the CNPD worked under the General Data Protection Regulation[1] (GDPR) and the
-
The EDPB adopted its opinion on the clinical trials Q&A
Following a request from the European Commission (DG SANTE), the European Data Protection Board has adopted an opinion on the clinical trials Q&A. The opinion addresses in particular the aspects related to the adequate legal bases in the context of clinical trials, and the secondary uses of clinical trial data for scientific purposes. The opinion will now be transmitted to the European Commission.
-
From 21 to 24 October in Tirana (Albania)
International Conference of Data Protection and Privacy Commissioners
The 41st International Conference of Data Protection and Privacy Commissioners took place in Tirana (Albania) from 21 to 24 October 2019.. The theme of the conference was "Convergence and connectivity: raising global data protection standards in the digital age".
-
Groupe européen sur la protection des données
Le G29 adopte des FAQ concernant le "Privacy Shield"
Le G29 poursuit son travail relatif aux modalités de mise en œuvre du Privacy Shield. Il a adopté des FAQ (Foire aux questions) à destination des individus et des entreprises. Ces outils peuvent être utilisés par chaque autorité nationale de protection des données
-
CNPD Course: 4 September 2018
Data Protection Basics
On 4 September 2018, the CNPD organizes new courses on the basics of data protection. These courses are aimed at “beginners”, who wish to learn basic elements of data protection law.
