GDPR Q&A

GDPR kérdezz-felelek / GDPR Q&A


Black list of data processing activities (Hungary)

2018. november 27. - Kovacs Zoltan Balazs

Data processing activities subject to data protection impact assessment The Hungarian data protection authority (NAIH) has published on its website a list of data processing activities where data controllers must prepare a data protection impact assessment (DPIA). The list is not exhaustive but may…

Tovább

First GDPR fines

First GDPR fines Austria Based on the GDPR, the Austrian data protection authority imposed a fine on an undertaking which had installed a surveillance camera in a way that it also made records of a public sidewalk and failed to give proper prior information to the data subjects about the camera's…

Tovább

Fine imposed on pharma company

Fine imposed on pharma company The National Data Protection and Freedom of Information Authority (DPA) has recently published on its website a decision imposing a fine on a pharma company. The date of the decision is 23 May 2018 and a summary of the decision follows below. The DPA imposed a fine…

Tovább

Published data protection fines

Published data protection fines The National Data Protection and Freedom of Information Authority (DPA) has recently published on its website certain resolutions imposing a fine. A summary of such resolutions follows below. The DPA issued the fines under the rules effective prior to 25 May 2018 and…

Tovább

Second-round amendment of the Information Act

Second-round amendment of the Information Act The Act no. XIII of 2018, which entered into force on 30 June 2018, the Hungarian lawmaker designated the National Data Protection and Freedom of Information Authority (NAIH) as the authority in charge of the enforcement of the GDPR. In addition to the…

Tovább

Amendment of the Hungarian data protection act due to the GDPR

Amendment of the Hungarian data protection act due to the GDPR In the Act no. XIII of 2018, which entered into force on 30 June 2018, the Hungarian lawmaker designated the National Data Protection and Freedom of Information Authority (NAIH) as the authority in charge of the enforcement of the GDPR.…

Tovább

What is it that Hungary can do for SMEs?

What is it that Hungary can do for SMEs? In Hungary, 99.8% of the undertakings qualify as SMEs. This blog post addresses the issue of whether these companies may be fined under the GDPR for first time violations. It also addresses the interesting issue of whether the GDPR allows Member States  to…

Tovább

Will the GDPR be enforced from 25 May?

Will the GDPR be enforced from 25 May? The GDPR became effective on 25 May 2016 and there has been a two-year period for the entities to prepare for the new set of rules and bring their data processing practices in line with the new regime. EU Member States have equivalently had two years to pass…

Tovább

Possible legal bases for data processing under the GDPR

Possible legal bases for data processing under the GDPR The GDPR contains all the possible bases for data processing activities. Article 6 of the GDPR contains six possible legal bases for processing personal data other than those belonging to the special categories of personal data (e.g. health,…

Tovább

Banana peels on the mine field - even small and medium-scale enterprises may be heavily fined!

Banana peels on the mine field - even small and medium-scale enterprises may be heavily fined! You must have heard of the EU's general data protection regulation (GDPR), the fact that the new rules will be applicable from 25 May 2018, that failure to comply with such new rules may result in a fine…

Tovább