Data retention strategies for GDPR compliance matter, even for North American organizations. The UK and EU’s General Data Protection Regulation (GDPR) has extra territorial reach, meaning it applies to any organization, regardless of location, if that organization offers goods or services to, or monitors the behaviour of individuals in the EU or UK and processes […]
Data retention strategies for GDPR compliance Read More »
In the second part of our four-part guide to EU AI Act compliance for North American organizations, we explore the Act’s risk-based approach to classifying AI systems. What applications are prohibited, what constitutes ‘high-risk’ activity, and what systems are exempt? For details of the AI Act’s timeline and deadlines for its phased implementation, see Part
EU AI Act compliance part 2: Understanding ‘high-risk’ activities Read More »
Our four-part guide to EU AI Act compliance explores what North American organizations need to know about the upcoming legal obligations when rolling out certain artificial intelligence (AI) technologies under the EU’s landmark AI Act. If your organization operates in or serves EU markets and has AI-driven chatbots to handle customer inquiries, develops predictive algorithms
EU AI Act compliance: What North American organizations need to know Read More »
As the international privacy community marks Data Privacy Day 2025, the conversation around data protection and regulation takes on heightened significance for Canada. With federal legislative efforts delayed and provinces stepping in to fill critical gaps, organizations face regulatory uncertainty. To help navigate these developments, we spoke to these leading experts in the field: Constantine
Data Privacy Day 2025: Navigating privacy in Canada Read More »
For North American businesses operating across the EU and UK, understanding GDPR territorial scope is essential. As digital transactions increase, especially with cloud-based workflows and remote-working teams, personal data is frequently transferred across country borders. This often creates significant regulatory challenges for global businesses striving to remain compliant while ensuring operational efficiency. In this blog,
How GDPR territorial scope impacts North American businesses Read More »
It’s been a busy year for data protection and privacy in Canada and the USA, with significant developments not only across North America, but also globally. As businesses face evolving privacy challenges, understanding the year’s developments and preparing for 2025’s expectations is crucial for maintaining compliance and staying competitive. In this blog, we highlight some
Privacy in Canada & USA: 2024 highlights and 2025 expectations Read More »
In our GDPR Guide for SaaS companies, we look at the key factors that SaaS businesses need to address to ensure compliance with EU and UK data protection laws. For the purposes of the guide, we use the General Data Protection Regulation (GDPR) as a collective term, but please be aware that there are certain
GDPR guide for SaaS companies expanding into EU & UK markets Read More »
