Fox Rothschild LLP (JD Supra Denmark)
Danish Data Authority Issues Guidance On COVID-19 Data Disclosure
Danish Data Protection Authority Datatilsynet weighs in on the Coronavirus and GDPR: What an employer can ask the employee to disclose and what the employee is obliged to disclose are issues that are governed by employment law rules and any public law rules on health, etc...
Danish Data Protection Authority: Auto-Complete Not Prohibited By GDPR
The auto-complete function is not prohibited by GDPR, says the Danish data protection authority. The search function suggested certain search suggestions automatically including the complainant’s name.
Picture Picture On The Wall: Danish DPA Takes New Position On The GDPR Legal Basis For Posting Online Photos
The Danish Data Protection Authority has changed its position regarding the legal basis for posting pictures online under the General Data Protection Regulation (GDPR). Rather than a distinction between "situational" and "portrait" pictures, Datatilsynet now requires a case-by-case analysis.
Danish DPA Issues Guidelines For Transmitting Personal Data Via SMS
The Danish Data Protection Authority has issued guidance on the transmission of personal data via text messages (SMS). Key takeaways: Sending personal data by SMS is risky as it entails transmission in clear text, over networks over which the data controller has no control.
Furniture Store Fined Under GDPR For Failing To Delete Personal Data
If you retain personal data indefinitely, or have not given thought to your retention schedule – now may be the time to take another look. The Danish Data Protection Authority has fined a furniture store 200,000 EUR for failure to delete personal data, not having a data retention schedule and not adequately documenting its personal data deletion procedures in violation of GDPR...
Danish DPA Publishes Guide On Data Minimization And Right Of Erasure
Forget me yes. The Danish data protection authority has published a practical guide on data minimization and the right of erasure under GDPR: If you use “soft delete,” a link is deleted but not the personal information in the underlying database, this is not a real deletion.