Papers & Books

Vietnam AI Handbook – Second Edition In January 2024, PrivacyCompliance published the first version of the AI Handbook which was received warmly by the AI community and the general public. Since then, there have been many developments in the AI scene around the world such as new AI applications, and new regulations, with the most […]

Layered Notice – A Robust Demonstration Of Transparency One of the fundamental principles for Personal Data Controllers is the unwavering commitment to transparency vis-à-vis data subjects. In their pursuit to address this requirement, Controllers have opted to issue lengthy Privacy Notices, aiming for comprehensive disclosure to relevant data subjects. However, the question arises: Does this […]

The First AI Handbook in Vietnam Dear Colleagues, Partners, and Friends, Mindful of the significant advancements in artificial intelligence (AI) in recent times, Privacy Compliance has undertaken a project aimed at updating our clientele, partners, and the general public on the prevailing state of AI globally and, more specifically, in Vietnam. With great pride, we […]

Introduction to GDPR KEY TAKEAWAYS: – GDPR is the EU’s current personal data protection regulation and the global standard in the field of data protection; – Predecessors of GDPR include the OECD’s 1980 Privacy Guidelines and the 1995 Directive 95/46/EC ; – GDPR stipulates many concepts and regulations regarding data protection such as the definitions, […]

Introduction to China personal information protection law (PIPL) What is the PIPL? The Personal Information Protection Law of the People’s Republic of China is a particular law enacted for the purposes of protecting the rights and interests on personal information, regulating personal information processing activities, and promoting reasonable use of personal information (Art.1). When did the […]

Right to be forgotten in the information age In the modern world, information of all forms, including personal data, is a valuable resource that is beginning to show its true worth. In order to protect ordinary people from personal data infringement, many countries in the world have enacted legislation stipulating the rights of the data […]

[GDPR] the WP29 & EDPB? The Article 29 Working Party (WP29) is the predecessor to the European Data Protection Board (EDPB), which was established under the General Data Protection Regulation (GDPR). WP29 was an advisory body composed of representatives from the national data protection authorities of all EU member states, as well as the European […]

[GDPR] Privacy Impact Assessment Performing a Privacy Impact Assessment (PIA) is an essential process that organizations undertake to ensure that their operations comply with data protection regulations and that they are protecting the privacy rights of individuals. A PIA is required under the GDPR for certain types of processing activities that are likely to result […]

[GDPR] The differences between privacy by design & privacy by default? Under the General Data Protection Regulation (GDPR), Privacy by Design and Privacy by Default are two key principles that organizations are required to follow to ensure data protection and privacy. Here are the differences between Privacy by Design and Privacy by Default as defined […]

Data protection officer (DPO) under the GDPR Designating a data protection officer (DPO) is one of the statutory obligations on the controller and the processor in some particular circumstances according to the EU’s General Data Protection Regulation (GDPR). Here is an overview of GDPR regulations on DPO that enterprises and organisations can refer to, in […]