Denmark

Summary

Law: Act No. 502 of 23 May 2018 on Supplementary Provisions to the Regulation on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data ('the Act') and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')

Regulator: Danish data protection authority ('Datatilsynet')

Summary: Datatilsynet is an active regulator that has published many guidelines on the GDPR and the Act. In addition, the Centre for Cybersecurity and the Danish Business Authority are supervisory authorities for cybersecurity, and cookies and telecommunications respectively, and have released guidance on data security for organisations. Denmark was the first EU country to publish Standard Contractual Clauses for contracts between controllers and processors in line with Article 28 of the GDPR in the EDPB register.

Browse more content in Denmark

All Guidance Notes

All News

All Insights

News

25 September 2023

Denmark: Datatilsynet issues criticism against Dagrofa for unnecessary disclosure of personal data

19 September 2023

Denmark: Datatilsynet issues guidance on preventing unauthorized access to personal data by employees

13 September 2023

Denmark: Datatilsynet expresses criticism against housing association for denying a DSAR

13 September 2023

Denmark: Datatilsynet expresses criticism against OrderYOYO for inadequate handling of DSAR

30 August 2023

Denmark: Datatilsynet issues guidance on the use of auto-complete in emails

17 July 2023

Denmark: Datatilsynet issues guidance on data protection in connection with research projects

13 July 2023

Denmark: Datatilsynet expands guidance on right to erasure from search engines

04 July 2023

Denmark: Datatilsynet issues guidance on direct marketing

28 June 2023

Denmark: Datatilsynet issues guidance on use of CCTV

27 June 2023

Denmark: Datatilsynet updates code of conduct guidance

23 June 2023

Denmark: Datatilsynet authorizes use of facial recognition systems by football club

19 May 2023

Denmark: Datatilsynet finds processing activities in connection to remote electricity meter readings in line with GDPR

Insights

October 2022

Denmark: Datatilsynet's latest guidance on data transfers and cloud computing

In March 2022, the Danish data protection authority ('Datatilsynet') issued its 'Guidance on the use of cloud' ('the Guidance')¹. Birgitte Toxværd, Partner and Attorney-at-law at Horten Advokatpartnerselskab, chronologically dissects the Guidance and its updates, and discusses key takeaways in relation to data transfers and cloud computing.

February 2022

Denmark: Health and Pharma Overview

December 2021

Denmark: Datatilsynet's guide on data processor audits

On 29 October 2021, the Danish data protection authority ('Datatilsynet') published a guide on how to approach data processor audits. In the guide, the Datatilsynet sets out six supervisory concepts based on a risk assessment of the processing activities in question. The risk assessment uses a points scale, where the total score gives the data controller a sense of the risk associated with the processing, and which supervisory concept to choose when auditing the data processor. Camilla Sand Fink, Senior Associate and Head of the Data Privacy Team at CLEMENS Law Firm, reviews the Datatilsynet's guide and the central issues around auditing data processors.

Denmark

Summary

Browse more content in Denmark

News

Insights

Get the Latest News

Thanks for signing up!

Company

Our Policies

Your Rights

Follow us