Spain: Amazon Road Transport Fined for Requesting Criminal Records From Job Candidates
February 2022
Author: Pablo Perez Laya
On 11 February 2022, the Spanish Data Protection Authority (Agencia Española de Protección de Datos) fined Amazon Road Transport Spain, S.L. (“Amazon RT“) EUR 2,000,000, for including criminal record certificates within the documentation that it requests during the hiring process of freelance truck drivers.
The following are the aspects of the decision which we have considered the most interesting:
Certificates showing “clean” criminal records (i.e. that no crimes have been committed) do amount to personal data relating to criminal convictions…
Guidance for interpretation of the Serbian Data Protection Act
November 2021
BDK Advokati's senior associate Milica Basta participated in the online conference “Data Protection – 2021” organised by the agency Forum Media from Belgrade. The event took place on 29 November 2021. More than 20 professionals from public and private sector entities attended.
Milica spoke about the tools for interpretation of the Serbian Data Protection Act (2018) when there is no available practice of the Serbian supervisory authority or courts. As the law is for the most part a copy of the EU General Data Protection Regulation (GDPR), Milica pointed to documents issued…
Processing of Personal Data Concerning Vaccinations and the EU Digital COVID-19 Certificate
November 2021
Recently, the Commission for Personal Data Protection (CPDP) published an opinion on the processing of personal data regarding the vaccination status in Bulgaria. It covers all the details regarding the EU digital COVID-19 certificates – their issuance, verification, and acceptance.
In accordance with EU rules, EU certificates are only to be used to access and verify the information included therein to facilitate and allow the right of free movement within the EU during the pandemic. EU certificates can only be used for any different than the above-mentioned motives if the legal…
Polenak Law Firm Advised Singular And Its Owners
September 2021
As another proof of interest to invest in the IT sector in North Macedonia, Flutter Entertainment, a global sports betting, gaming, and entertainment provider, acquired 100% indirect ownership in Singular group of companies based in North Macedonia, Georgia, and Malta.
Polenak Law Firm advised Singular and its owners on the transactional documents under Macedonian law.
Also, our Regulatory & Compliance team advised the client in the complete harmonisation with the newest personal data protection requirements introduced with the new Data Protection Law which is now fully harmonised…
CNIL Refuses To Let Monsanto Off The Hook
September 2021
On 26 July 2021, the French Data Protection Authority (“CNIL“) issued a fine of EUR 400,000 against Monsanto, a leading company in the field of agricultural biotechnologies. The decision elucidates the criteria for differentiating between a data controller and a data processor and validates a strict approach to interpreting the obligation of data controllers to inform individuals about the processing of their personal data.
In 2013, Monsanto entered into an agreement with Fleishman-Hillard, a public relations company. In the performance of the agreement, Fleishman-Hillard…
Serbia’s data protection law – BDK Advokati in GTDT/Lexology 2022 guide
August 2021
BDK Advokati has contributed to the Serbia chapter in the 2022 edition of Lexology Getting the Deal Through – Data Protection & Privacy (July 2021). The chapter presents the regulatory frameworks under Serbian data protection law which applies since August 2019. The law is modeled under the EU General Data Protection Regulation.
The chapter also describes the instructions and guides issued by the Serbian supervisory authority – the Commissioner for Information of Public Importance and Personal Data Protection – to address the processing of personal data related to covid-19…
Turkish Data Protection Authority’s Announcement on The Partnerships’ Obligation to Register with VERBIS
On 25 June 2021, the Turkish Personal Data Protection Authority published an announcement regarding partnerships’ obligation to register with the Data Controllers’ Registry Information System.
Regulation on Sharing of Confidential Information Published
In June, the Banking Regulation and Supervision Authority published the Regulation on Sharing of Confidential Information.
The European Commission Issues Modernised Standard Contractual Clauses Under the GDPR
On 4 June 2021, the European Commission issued standard contractual clauses for use between controllers and processors and modernised standard contractual clauses for international transfers under the General Data Protection Regulation (the GDPR). The modernised standard contractual clauses will replace the three sets of standard contractual clauses for data transfers to third countries that were adopted under the previous Data Protection Directive 95/46.
The modernised clauses cover data transfers from controllers or processors in the EU/EEA (or otherwise subject to the GDPR) and data transfers…
The SEE Legal Group and its Member Firms Top-ranked by Chambers Europe 2021
For the first time, the publishers of Chambers Europe guide have decided to rank the Leading regional law firm networks in Central and Eastern Europe in separate bands.
The SEE Legal Group Ranked Band 1 by Chambers Global 2021
The SEE Legal Group and its members are proud to announce that the SEE Legal Group is the only regional legal network in Central and Eastern Europe that has received the prestigious Band 1 ranking by Chambers Global 2021.
GDPR’s First Two Years – Guideline for Serbia’s DP Practitioners
BDK Advokati’s senior associate Milica Basta spoke at the online conference “Data Protection – 2020” hosted by the agency Forum Media from Belgrade.
