Transfer Impact Assessment under the GDPR

In an age where data flows seamlessly across borders, safeguarding personal information has become a pivotal concern for businesses worldwide. The General Data Protection Regulation (GDPR), a beacon of data protection laws, casts a wide net to safeguard personal data within and beyond the European Economic Area (EEA). A critical tool in this endeavour is the Transfer Impact Assessment (TIA), a process that scrutinises data transfers to ensure they meet GDPR’s standards.
Requirements for General-Purpose AI Models and Systems under the European Artificial Intelligence Act

As the European Artificial Intelligence Act (AI Act) comes into force, tech companies need to be aware of the new requirements for general-purpose AI models and systems. These are the rules that aim to balance the benefits and risks of AI. In this article, we’ll explain what these requirements are and how they affect your business.
Essentials of GDPR Compliance for US Businesses

If your US-based business handles data from European customers, you need to be aware of the General Data Protection Regulation (GDPR). This regulation extends beyond Europe and has practical implications for businesses worldwide. Here’s a guide to help you understand two crucial aspects of GDPR compliance: privacy notices and the requirement for a data protection representative in the European Union (EU).
Artificial Intelligence Systems and Key Requirements of the European Artificial Intelligence Act

The European AI Act introduces new requirements for developing and using AI systems. Similar to the GDPR, the AI Act impacts businesses outside Europe. Since many AI applications involve personal data, both the AI Act and GDPR will often apply.
Hardware and Software Warranties in Supply Contracts

This article aims to provide practical guidance for businesses that supply or purchase hardware and software and explores warranties in software and hardware supply contracts – what they cover, common warranties and warranty disclaimers, and practical tips to help you understand these contractual terms.
AI and Data Protection: Latest Guidance from Germany

AI technologies, especially Large Language Models (LLMs), are becoming integral to various applications, from customer service chatbots to complex analytical tools. However, their use raises significant data protection concerns. The Conference of Independent Federal and State Data Protection Supervisory Authorities in Germany recently released a guide on AI and data protection, providing a detailed framework for using AI in compliance with data protection laws.
International Data Transfers from Switzerland

In Switzerland, personal data may not be transferred to countries lacking adequate levels of data protection unless specific protections are ensured. The Federal Act on Data Protection (FADP) stipulates that personal data originating from Switzerland must receive comparable levels of protection when it crosses borders as it does within the country.
Generative AI and Intellectual Property Rights in the EU context

As generative artificial intelligence (GenAI) becomes integral to various industries, understanding its mechanics and associated intellectual property (IP) implications is essential for businesses. This article explores GenAI applications from an intellectual property perspective, highlighting key considerations for EU businesses involved in contracting or providing AI services.
The Swiss Data Protection Act: Records of Data Processing

The new Swiss Data Protection Act introduces several key provisions, including the requirement for entities processing personal data to maintain detailed records of their data processing activities. The regulation outlines specific elements that must be included in the records of data processing, such as the objectives behind data processing, the varieties of personal data processed, and particulars of data transfers to foreign territories, among other requirements.