Expertise

The Data Act goes live: what now?

From 12 Sept 2025, the Data Act sets strict rules on access, portability, and cloud switching. Learn what companies must...

Operational checklist: Pseudonymised Data under GDPR

Discover our practical GDPR checklist following the CJEU’s SRB v. EDPS ruling (Sept. 4, 2025). Learn how to assess pseud...

CJEU: Are pseudonymised data always personal?

The Court ruled that pseudonymized data should not automatically be treated as personal data if, in practice, the recipi...

EU–U.S. Data Flows Secured by Court Ruling

On 3 September 2025, the EU General Court dismissed Latombe’s challenge and upheld the EU–U.S. Data Privacy Framework. D...

AI Act: Key questions for your record of AI systems

Find out the essential questions to ask when building a compliant and effective AI systems record. Download the PDF chec...

(Infographic) How to fight Shadow AI in your organization

Discover the infographic on key strategies to tackle Shadow AI—governance, training, compliance, and monitoring—to secur...

AI literacy: the weapon against Shadow AI

Shadow AI exposes businesses to legal, ethical, and security risks. Learn how AI literacy and strong governance framewor...

Why mapping AI Systems is key

Mapping your AI systems: a strategic step for compliance, transparency, and responsible governance.

General-Purpose AI: what the Commission says

Is your model a General-purpose AI model? Are you the provider? Find out here.

General-Purpose AI Code of Practice: what you need to know

A few days after finding out there will be no pause in the AI Act, the long-awaited Code of practice on General-Purpose ...

What the DUAA means for your organisation

The Data (Use and Access) Act of 2025 received royal assent on June 19, 2025 (DUAA). As it reforms the UK data protectio...

How to get started with AI Governance

As AI systems become embedded across business operations, the question isn’t whether they require governance, but how to...