Blog privacy
GDPR and ethics requirements for scientific research with personal data
Scientific research frequently involves collecting and analysing personal data, which brings researchers into direct contact with the GDPR and ethical responsibilities. Yet many researchers struggle to understand GDPR requirements for scientific research, which rules apply and how to implement them in practice.
Pavlo Burda
ISO 27001 technological controls for software development
The latest version of ISO 27001 contains multiple controls about secure development, engineering, coding and testing that seem to overlap. In this article we provide guidance how to implement these controls. The overlapping controls explained are 8.25, 8.26, 8.27 and 8.28. We also cover 8.31 and 8.33 (test environments and test information).
Sieuwert van Otterloo
Privacy statement generators: a comparison
All organizations processing personal data, even the ones without an in-house privacy expert, are required to disclose information on this processing. Most organizations do this through a privacy statement on their website. Several websites offer a free privacy statement generator, but do these actually produce valid privacy statements? In this article, we summarize the research…
Joost Krapels
GDPR template joint controllership agreement
When two companies process personal data together in an equal relationship, they must sign a join controllership agreement, We made a free template for such an agreement.
Sieuwert van Otterloo
Cookies: the yes, the no, and the maybe
They are impossible to escape these days: cookies. Sometimes accompanied by a impenetrable cookie wall, a large banner, a small information bar, or nothing at all. Cookies allow certain website features, traffic analysis, and marketing. What is and is not allowed is not always clear, which many websites use to their advantage. In this article…
Joost Krapels