Discover our publications

  • Publish:19/07/2019
    One of the most complex questions raised by the General Data Protection Regulation (GDPR) is that of data controller vs. data processor. Despite the data controller[1]and data processor[2]definitions provided in article 4 of GDPR, these two concepts remain difficult to ascertain when dealing with daily operations and the complex relationships between companies. In its Opinion […]Moreover
  • Publish:07/05/2019
    The law of 4 March 2002 relating to patients’ rights and the quality of the health system established as a principle the right for patients to access to all health information relating to them. With the entry into force of the General Data Protection Regulation, patients’ rights have been strengthened.  Who can request access to […]Moreover
  • Publish:30/04/2019
    The European Data Protection Board (EDPB), successor to the G29, published early April its draft guidelines on the use of the legal basis “Contract performance or pre-contractual measures” in the context of online services. For reminder, article 6 of the General Data Protection Regulation (GDR) requires that any processing of personal data must be based […]Moreover
  • Publish:22/03/2019
    Since the implementation of the GDPR on 25 May 2018, the penalties imposed by the CNIL (French supervisory authority) for failure to comply accumulating one after the other, be it for insufficient security, lack of transparency, unsatisfactory information and even lack of valid consent. UBER, BOUYGUES TELECOM or GOOGLE LLC are but a few examples […]Moreover
  • Publish:24/12/2018
    The accountability logic promoted by the new personal data regulation leads professionals of all sizes to be concerned about the security of data processed in the context of their activities. Today, internationally renowned companies such as social networks, postal services, or large hotel companies are subject to security breaches with considerable impacts. In line with […]Moreover