The Luxembourg Data Protection Authority (the ‘Commission Nationale pour la Protection des Données’, or ‘CNPD’) has published updated guidelines on cookies and other trackers, including “fingerprinting", "web beacons" or "shared objects".
Not in the automotive sector? It doesn't matter: two Regulations adopted by UNECE (a United Nations body) on cybersecurity and software updates in the automotive sector may shape your products and services – even if your sector is completely different.
On 14 October 2021, the CSSF published its new CSSF Circular 21/785 with regard to replacing the prior authorisation obligation with a prior notification obligation in the case of material IT outsourcing (the “Circular”)
Effective 15 October 2021, financial institutions must notify the CSSF of any planned outsourcing of material IT activities. This notification obligation replaces the prior authorisation requirement.
On 22nd March 2018, Luxembourg had adopted a new ‘’IP Box’’ regime applicable to income (including capital gains) derived from eligible intellectual property (‘’IP’’) rights to align itself with international tax recommendations
The Adequacy Decisions come just in time to continue the bridging mechanism applicable under the Trade and Cooperation Agreement between the EU and the UK, allowing transfers of personal data from the EU to the UK for a temporary period ending on 30 June 2021.
The National Commission for Data Protection (hereinafter the “CNPD”) has made public its first 18 administrative decisions and sanctions, including six fines ranging from 1.000 to 18.000 euros, issued for non-compliance with provisions of the General Data Protection Regulation (hereinafter the “GDPR”).
On Friday, 4 June, the European Commission took a further step to reinforce legal certainty under the GDPR by adopting two new sets of Standard Contractual Clauses (SCCs), intended to allow safe and free cross-border data transfers.
For the very first time, the National Commission for Data Protection (“CNPD”) has published 18 decisions, six of which inflicted fines ranging from 1.000 EUR to 18.000 EUR.
The Luxembourg Data Protection Authority (CNPD) has published its first decisions following investigations of non-compliance with the General Data Protection Regulation (GDPR)
