Nyhetssamlare
Restriktioner tas bort 9 februari
Varning för vind och snöfall i delar av norra Sverige
EDPB adopts first opinion on certification criteria
The EDPB adopted its opinion on the GDPR-CARPA certification scheme submitted to the Board by the Luxembourg Supervisory Authority (SA). This is the first time that the EDPB adopts a consistency opinion on criteria for a nationwide certification scheme. The GDPR-CARPA certification scheme is a general scheme, which does not focus on a specific sector or type of processing. It includes requirements on data protection governance in the organisation surrounding the processing activities.
EDPB Chair, Andrea Jelinek, said: “This opinion is an important step towards greater GDPR compliance. The main aim of certification mechanisms is to help controllers and processors demonstrate compliance with the GDPR. Controllers and processors adhering to a certification mechanism also gain greater visibility and credibility, as it allows individuals to quickly assess the level of protection of the processing operations.”
The EDPB opinion aims to ensure the consistency and correct application of certification criteria among SAs in the European Economic Area. To this end, the EDPB considers that a number of changes need to be made to the draft certification criteria.
After approval by the SA, the certification mechanism will also be added to the register of certification mechanisms and data protection seals in accordance with Art. 42 (8) GDPR.
Note to editors:
The present certification is not a certification according to article 46(2)(f) of the GDPR meant for international transfers of personal data and therefore does not provide appropriate safeguards within the framework of transfers of personal data to third countries or international organisations.
All documents adopted during the EDPB Plenary are subject to the necessary legal, linguistic and formatting checks and will be made available on the EDPB website once these have been completed.
Digital innovation måste gå hand i hand med digital trygghet
Påfyllnadsdos vaccin mot covid-19 rekommenderas tidigast efter tre månader
SMHI: Orange varning för vind i kombination med snöfall
Viktigt meddelande till allmänheten i Stenungsund
SMHI: Orange varning för stormbyar
EDPB celebrates Data Protection Day
On the occasion of the 16th annual Data Protection Day, the Members of the EDPB bring you joint greetings. We are a closely-coordinated regulatory network of national competent authorities in the Member States of the European Economic Area (EEA). We work together, day after day, to protect your personal data. Happy Data Protection Day from all of us!
Region Uppsala, personuppgiftsincidenter
Sanktionsavgift mot Region Uppsala som brustit i sin säkerhet
Viktigt meddelande till allmänheten
Flera åtgärder mot covid-19 kan komma att avvecklas 9 februari
Ändrad avrådan för resor till Ukraina
SMHI utfärdar orange varning för Norrbottens läns fjälltrakter
Ändrade förhållningsregler kring covid-19
EDPB adopts Guidelines on Right of Access and letter on cookie consent
Brussels, 19 January - During its January plenary session, the EDPB adopted Guidelines on the Right of Access. The Guidelines aim to analyse the various aspects of the right of access and to provide more precise guidance on how the right of access has to be implemented in different situations. Among others, the Guidelines provide clarifications on the scope of the right of access, the information the controller has to provide to the data subject, the format of the access request, the main modalities for providing access, and the notion of manifestly unfounded or excessive requests. A stakeholder event on this topic was held in November 2019 and stakeholders’ views and opinions were taken into consideration during the drafting process.
EDPB Chair Andrea Jelinek said: “The right of access enables individuals to get knowledge on how and why their personal data are processed. The Guidelines provide examples to support controllers to answer access requests in a GDPR compliant manner.”
The Guidelines will be subject to public consultation for a period of 6 weeks.
In addition, the EDPB adopted a letter in reply to letters calling for a consistent interpretation of cookie consent. In the letter, the EDPB reiterates that it is committed to ensuring the harmonised application of data protection rules throughout the European Economic Area. In this respect, the EDPB has recently set up a taskforce on cookie banners to coordinate the response to complaints concerning cookie banners. Furthermore, the EDPB has updated the Guidelines on consent in order to ensure a harmonized approach on the conditionality of consent and on the unambiguous indication of wishes.
Note to editors:
All documents adopted during the EDPB Plenary are subject to the necessary legal, linguistic and formatting checks and will be made available on the EDPB website once these have been completed.