Millions of people in Europe assume that cookie banners and consent popups are both part of GDPR. However, the reality is more complex.

Data privacy is a complex challenge for everyone—users, companies, and even governments. That’s the case with Strava’s heat maps, which resurfaced recently after Le Monde reported that the app inadvertently exposed sensitive information about world leaders.

There have always been many doubts and misunderstandings about ISO certifications. In the last years we often get asked questions about ISO 27001 like: Do I really need it? The answer, as with many things in business, is not straightforward.

Struggling with a provider that doesn’t offer a Data Processing Agreement (DPA)? Learn how to stay GDPR compliant by drafting your own DPA or switching to a compliant provider.

The EU Council gave the groundbreaking AI Act—the world's first comprehensive set of rules for AI—the final green light.In this blog post, we will explore the different categorisations of AI systems according to the AI Act's final text.

Being fresh from DMEA this month, I still see a concerning problem for EU digital health companies: hospitals and clinics are (still) reluctant to adopt cloud solutions.

It seems that it is impossible to benefit from AI advantages while keeping patient data intact and safe. To overcome this, several AI companies have found the answer to many problems in synthetic data: data sharing, algorithm training, and collaboration with third parties.

When it comes to GDPR, the biggest misconception is that compliance is a one-off project and that once you have checked all the boxes, you don’t have to worry about it anymore.

Not taking into account the importance of protecting your users’ privacy and their personal data may damage your brand reputation and get you out of business. We saw companies lose deals in B2B and B2C startups lose partnerships and reimbursement agreements.