Small Business and GDPR

We tried to understand why many companies have not yet implemented the necessary measures to comply with the provisions of the new European regulation on data protection, enforceable from next May 25. The idea we got, based on the answers received from some of our interlocutors, is that apparently small companies -present in a large…

GDPR compliance: the importance of cyber security

From a GDPR perspective, data controllers are required to determine whether their processing activities, and the potential risks to data subjects that result, are covered by the security measures currently implemented. In this regard, the regulation does not specify the security measures (or the minimum technical standards of those security measures) that companies must implement…

Campus Value Experience 2017

Yesterday I, Sara from the marketing department, and my colleague Alberto from the technical department, had the opportunity to attend for the first time the Campus Value Experience event at the Hotel Enterprise in Milan. The event, organized by the Esprinet group and in particular by the companies V-Valley, Mosaico and EDSlan, developed as a…

GDPR and surveillance

So far, we have dealt with the topic of the new European privacy regulation, aka GDPR, from the “top” trying to shed light on what is provided for by the legislation in question. A regulation that, in spite of the reduced timeframe for complying with it, is still unknown to most people or is not…

Notifying a data breach under the GDPR

A new feature introduced with the new European Data Protection Regulation (GDPR) concerns how data breaches must be notified. Article 33 of Regulation 679/2016 requires that in the event of a breach, the data controller notifies the supervisory authority within 72 hours of becoming aware of the data breach. Specifically, the violation of which we…