Blog privacy
ISO 27001 technological controls for software development
The latest version of ISO 27001 contains multiple controls about secure development, engineering, coding and testing that seem to overlap. In this article we provide guidance how to implement these controls. The overlapping controls explained are 8.25, 8.26, 8.27 and 8.28. We also cover 8.31 and 8.33 (test environments and test information).
Sieuwert van OtterlooPrivacy statement generators: a comparison
All organizations processing personal data, even the ones without an in-house privacy expert, are required to disclose information on this processing. Most organizations do this through a privacy statement on their website. Several websites offer a free privacy statement generator, but do these actually produce valid privacy statements? In this article, we summarize the research…
Joost KrapelsGDPR template joint controllership agreement
When two companies process personal data together in an equal relationship, they must sign a join controllership agreement, We made a free template for such an agreement.
Sieuwert van OtterlooCookies: the yes, the no, and the maybe
They are impossible to escape these days: cookies. Sometimes accompanied by a impenetrable cookie wall, a large banner, a small information bar, or nothing at all. Cookies allow certain website features, traffic analysis, and marketing. What is and is not allowed is not always clear, which many websites use to their advantage. In this article…
Joost KrapelsDecision time: Brexit options for EU Institutions
The European Data Protection Supervisor, or EDPS for short, supervises the compliance of EU Institutions and bodies to the GDPR. For this reason, most of the EDPS’ publications are not that interesting for most private parties. Lately, however, the EDPS published a statement that, given the current chaos surrounding Brexit is an interesting and perhaps…
Joost Krapels