GDPR (EU General Data Protection Regulation) | Glossary

On 25 May 2018 the EU General Data Protection Regulation (GDPR) came into force as a European regulation in the EU member states. The regulation has direct effect and takes precedence over national laws (such as the German Federal Data Protection Act). The GDPR comprises rules regarding data protection and affects every business. Its aim is to protect citizens. In addition to reporting and documentation obligations subject to criminal prosecution, it also contains obligations to provide information. Everyone has a right to know what data is stored about them. Operators of websites must also comply with the GDPR. This not only concerns the constitutionally compliant structure of a website but also the corresponding presentation of the content. It must be unambiguously clear to every user who processes personal data on the website and for what purpose.

One-way street FiDA – why well-intentioned is not well done

AML package (4) – Outsourcing under the new AML-R

EU AI Act – What financial institutions need to know

AML package (3) – New features for obligated parties

The group privilege in payment services regulation