Metric International often receives questions about the locality of data we process for our customers – where data is being stored depending on where it originates. Businesses all over the world use and trust us, and their customers interact with…
The GDPR introduces a right for individuals to have personal data erased. The right to erasure is also known as ‘the right to be forgotten’. What is the right to erasure? The right to be forgotten appears in Recitals 65 and…
2018 brought about a major shift and more clarity in the world of individual data privacy. Last month marked the one-year anniversary since the European General Data Protection Regulation (GDPR) was introduced. The regulation was an attempt to unify the…
It has been over a year and a couple of months since the General Data Protection Regulation (GDPR) went into force. There was a lot of attention focused on the May 25th 2018 “deadline,” as if it was a finish…
Section 4 of the GDPR outlines the requirement for applicable firms to appoint a data protection officer (DPO). All emphasis added unless otherwise stated. When a DPO must be appointed According to Article 37(1), data controllers and processors shall designate…
“Legitimate interest” may be among the most confusing concepts written into the GDPR, which is not helped by the amount of incorrect interpretations available when you search for the term online. It is also an especially important concept to understand…
Most recent GDPR news stories highlighted the new 72-hour breach notification requirement and the potential €20,000,000 fines. Yes, those are provocative highlights that generate clicks and views, but they don’t provide much guidance for organizations, security compliance officers, and IT security…
Administrative fines The GDPR imposes stiff fines on data controllers and processors for non-compliance. Determination Fines are administered by individual member state supervisory authorities (83.1). The following 10 criteria are to be used to determine the amount of the fine…
Within the GDPR, consent constitutes one of six possible legal grounds for lawful personal data processing under Article 6(1). For most commercial controllers and processors, however, it likely represents the principal option. (All emphasis to GDPR text are added unless…
Metric International, Inc. is a multilingual global services agency specialized in digital presence through: Technology, Branding and Marketing solutions.