CNIL
EDPB: Clarification of “main establishment” definition
On 14 Feb 2024, the Eu Data Protection Board published an “Opinion on the notion of main establishment on the criteria for the application of the One-Stop-Shop mechanism” under the framework of art. 64(2) GDPR, providing the EDPB’s position on the notion of “main establishment” and the circumstance where the One-Stop-Shop mechanism should apply.
France: CNIL fined an online psychic service
French Data Protection Authority (CNIL) imposed a 150 000 euros penalty on KG COM for infringing the GDPR and French Data Protection Act (Loi Informatique et Libertés). This online psychic company failed to (i) minimise the personal data collected, used, (ii) have a legal basis for the use of banking information, (iii) obtain content prior…
France: Guidance on personal data protection for recruiters
French Data Protection Authority (CNIL) published a guidance of recruitment process to comply with personal data protection regulations.