Ethical hotlines and whistleblowing ensuring businesses are not in conflict. with EU laws 10 May James Castro-Edwards, solicitor.

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Ethical hotlines and whistleblowing ensuring businesses are not in conflict. with EU laws 10 May 2012. James Castro-Edwards, solicitor."

Transcription

1 James Castro-Edwards, solicitor and Alexia Zuber, solicitor Data Protection & Information Law Group Ethical hotlines and whistleblowing ensuring businesses are not in conflict with EU laws 10 May 2012

2 Our team Speechly Bircham is an ambitious, full-service law firm with over 250 lawyers, headquartered in London. We work with business and private clients across the UK and internationally and focus on the financial services, private wealth, technology, real estate and construction sectors Our Data Protection & Information Law team provide a range of expertise on data privacy audit, compliance, risk management, information security and data breaches We are listed in Chambers 2011 as a leading law firm for Data Protection and have advised on this area of law since 1983 We have a team of 14 lawyers dealing with data protection matters globally Robert Bond and his team have always provided comprehensive, practical advice on a timely basis. Their knowledge of the EU regulatory scene, including experience with specific agencies, as well as privacy issues globally has been instrumental in establishing our privacy policies and procedures.

3 Personal Data is at the Heart of any Business Commercial Contracts Reporting & Discovery Outsourcing PERSONAL DATA PERSONAL DATA M&A Investigations & Claims Global Presence Employment Corporate Restructuring s Social Media

4 Presenter Profile James Castro-Edwards, Solicitor, IP, Technology & Data James is a senior commercial solicitor in the IP, Technology & Commercial Group with extensive experience in data protection. James' recent work includes ownership of global data protection compliance projects for multinationals, including implementation of Sarbanes-Oxley driven whistleblower hotlines. He frequently works with senior in-house counsel, finding solutions to complex cross-border data issues and 'has a pan-european perspective on data protection compliance' according to clients. James has significant experience of the differing requirements of the many European data protection authorities particularly in relation to data transfers. He has advised clients in relation to subject access requests, acting for both data controllers and data subjects, and enabled database owners to optimise their personal data for marketing purposes while remaining in compliance with the law. James also advises online and innovative businesses looking to exploit new intellectual property. In doing so he has advised in relation to distribution, supply and licensing agreements, and regularly advises clients in relation to new online business models. James provides practical advice and commercial solutions to data hosting businesses. James frequently speaks on data protection and has been published in World Data Protection Report, Data Protection Law & Policy, Journal of Database Marketing & Customer Strategy Management, the Marketer and Journal of Intellectual Property Law & Practice. He also contributed to the Fifth Edition of Butterworths' Encyclopaedia of Forms and Precedents Volume 19(1). +44 (0)

5 Presenter Profile Alexia Zuber, Solicitor, IP, Technology & Data Alexia is an expert in global Data Protection compliance for multinationals in sectors such as media, financial services, technology, construction and pharmaceutical. With a particular focus on global data transfer solutions, Alexia also handles ethical hotline and workplace monitoring regulations. In addition to Data Protection and Information Security, she also specialises in Intellectual Property and Commercial contracts. She speaks fluent French and Greek, good Italian and has basic knowledge of German. Recent experience also includes pan-european data audit work and the negotiation, drafting and reviewing of commercial and IP contracts. She obtained her law degree from the University of Geneva in Switzerland and her LL.M. in Corporate and Commercial Law from King's College in London. She is dual qualified in Greece and England. Tel +44 (0)

6 Topics Polling Questions Sarbanes Oxley Act requirements EU Data Protection Principles Conflict between Sarbanes Oxley and the EU Data Protection Law Reasons for the CNIL Decision Differing Stances of EU Member States (France, Sweden, Poland and anonymity) The Future of Hotlines Under the Draft DP Regulation How do we meet these differing requirements? Speechlys Experience

7 Polling Questions 1. Do you have a hotline which may be called by your European employees? 2. Has your hotline been registered with the European data protection authorities? 3. Does your hotline restrict the types of matter which may be reported, depending on the country from which the whistleblower calls?

8 Sarbanes Oxley Act Requirements Mandatory Code of Ethics - a confidential, anonymous reporting mechanism SOX Section 301(4) "Each audit committee shall establish procedures for the receipt, retention and treatment of complaints received by the issuer regarding accounting, internal accounting controls or auditing matters; and the confidential anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters. In practice many whistleblower policies go considerably further

9 EU Data Protection Principles An individual has a right to know what data is being processed about them Personal data has to be processed fairly and lawfully Personal data must be kept for no longer than is necessary and must be accurate and up to date Each data subject has the right to know that their personal data is being processed Personal data must be at all times kept secure and where processed by a third party managed securely Personal data should not be transferred outside the European Economic Area to any other country that does not have adequate protection for the rights of the individual

10 Differing Stances of EU Member States Cultural attitudes to hotlines Compulsion Scope limitation Notification requirements Permission to transfer personal data outside the EEA Anonymity Specific requirements for local regulators

11 Conflict Between Sarbanes Oxley and the EU Data Protection Law EU Member States Data Protection Laws - EU data protection authorities all interpret the law differently CNIL Decision of 26 May 2005 (Group McDonalds France) CNIL Decision of of 26 May 2005 (CEAC/Exide Technologies) The 5th decision of the Wuppertal Labour Court on 15 June 2005 (Wal-Mart decision)

12 Reasons for the CNIL Decisions Anonymity Scope of whistleblowing too broad Information shared too widely Unfair collection of personal data Accused not immediately notified Long retention of data Lack of proportionality NB Wal-Mart case (D) works councils

13 Differing Stances of EU Member States: France Authorisation Unique The CNIL Single Authorisation no.4 (Authorisation Unique no.4) deals with whistleblowing hotlines AU-004 only permits narrow-scope whistleblowing Scope restricted further in October 2010 where the CNIL modified AU-004 The companies benefitting from an AU-004 for whistleblowing hotlines must ensure that the scheme they operate is strictly confined to the scope of the Single Authorisation

14 Differing Stances of EU Member States: France - Future Amendments for Hotlines? Court of Appeal of Caen s decision 23 September 2011 Facts: In 2008, the French subsidiary of a US group implemented a whistleblowing system which was authorised by the CNIL as it complied with AU004 Ruling: The court suspended the implementation of the whistle blowing system Reasoning: The whistleblowing system: - was outside of the scope as defined in AU004 - was a threat to rights and liberties of employees and - had been modified without consulting the works council

15 Differing Stances of EU Member States: Sweden Notification (may impose limitations) Data Protection applies Limited to senior executives Regulatory body: Datainspektionen Published guidance is limited to the following: the system must be a complement to the company s normal internal administration and must be voluntary to use the system must be limited to serious irregularities concerning accounting, internal accounting control, auditing, the fight against bribery and banking and financial crimes; but the system may also be used for other serious irregularities concerning the company s vital interests or the life and health of individuals only key personnel may be reported

16 Differing Stances of EU Member States: Poland Difficulty faced by GIODO because of fair processing requirements of Polish Personal Data Protection Act Polish PDP also requires specific documents for compliance whether or not there is a whistleblower hotline e.g. the IT security measures document or catalogue of individual authorisations for personal data processing for each employee

17 Differing Stances of EU Member States: Anonymity Spain regulatory body: Agencia de Protection de Datos published guidelines: Portugal regulatory body: published guidelines: n.pdf pdf Finland published guidelines: Whistleblowing System in Working Life regulatory body: Data Protection Ombudsman

18 The Future of Hotlines Under the Draft DP Regulation No need to notify the DPAs Unique supervisory authority to approve scheme for all EU countries diverging approaches e.g. F/UK Change of definitions liability of data processors Transparency and express consent requirements practical challenges

19 How do we Meet these Differing Requirements? One size does not fit all Localised configuration of procedures Narrow scope of reports Country by country specifics Anonymity Retention periods Third party vendors Accept reports subject to country-specific restrictions

20 Speechlys Experience One stop shop for EU wide data protection projects Using a combination of in house foreign legal capacity, experience and network of local lawyers Awareness of issues from a pan-european perspective Due diligence on third party providers Whistleblower hotline providers Other third party processors

21 For more information on our services, please contact: James Castro-Edwards +44 (0) Alexia Zuber +44 (0) Construction & Engineering 1 November 2006 Further Information Join us on LinkedIn

Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws

Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws 16 January 2014 Robert Bond, CCEP Partner and Notary Public Our Team Speechly Bircham is an ambitious, full-service

More information

HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU

HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU 10 April 2014 Monica Salgado Advogada registered with the Portuguese Ordem dos Advogados Registered European Lawyer with the SRA Kirsti Laird Solicitor, (qualified

More information

OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES

OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES 4 April 2013 James Castro-Edwards Solicitor Monica Salgado Advogada / Portuguese Lawyer OUR TEAM Speechly Bircham is an ambitious, full-service law firm with

More information

The Art of Constructing Global Whistleblowing Programmes

The Art of Constructing Global Whistleblowing Programmes The Art of Constructing Global Whistleblowing Programmes Mark E. Schreiber Chair, Privacy & Data Protection Group Steering Committee Edwards Wildman Palmer LLP 111 Huntington Avenue Boston, MA 02199 617-239-0585

More information

Whistleblowing Good Corporate Governance. IAPP Europe, Data Protection Congress November 2012, Brussels

Whistleblowing Good Corporate Governance. IAPP Europe, Data Protection Congress November 2012, Brussels Whistleblowing Good Corporate Governance IAPP Europe, Data Protection Congress 2012 14 November 2012, Brussels Aspects of "Whistleblowing" Protection Reporting Non-compliance with law, rules, standards

More information

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012 Presentation by: Dr. Nathalie Moreno Partner Cloud Computing and Data Protection: an Update 4 October 2012 Our team Speechly Bircham is an ambitious, international mid-size fullservice law firm head-quartered

More information

Data Protection and Information Security: The top 5 risks for 2013 1 November 2012

Data Protection and Information Security: The top 5 risks for 2013 1 November 2012 Robert Bond Head of Data Protection & Information Law Group Data Protection and Information Security: The top 5 risks for 2013 1 November 2012 Our team Speechly Bircham is an ambitious, full-service law

More information

Data Protection & Cyber Security Law Update 1 st October 2015

Data Protection & Cyber Security Law Update 1 st October 2015 Data Protection & Cyber Security Law Update 1 st October 2015 Robert Bond, Partner Janine Regan, Associate Viktoria Protokova, Data Protection Executive charlesrussellspeechlys.com Brief introduction to

More information

PARIS - LONDRES. Commission. Mardi 23 octobre 2012 Tuesday 23 October 2012

PARIS - LONDRES. Commission. Mardi 23 octobre 2012 Tuesday 23 October 2012 Commission PARIS - LONDRES Responsable : alain-christian monkam Mardi 23 octobre 2012 Tuesday 23 October 2012 Droit de la protection des données - approche comparée en droit français et en droit anglais

More information

BIG DATA AND THE INTERNET OF THINGS

BIG DATA AND THE INTERNET OF THINGS BIG DATA AND THE INTERNET OF THINGS 12 September 2013 Robert Bond Partner and Notary Public Janine Regan Solicitor Tughan Thuraisingam Paralegal Our team Speechly Bircham is an ambitious, full-service

More information

Multi-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015

Multi-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015 Multi-Jurisdictional Study: Cloud Computing Legal Requirements Julien Debussche Associate January 2015 Content 1. General Legal Framework 2. Data Protection Legal Framework 3. Security Requirements 4.

More information

Information Management Compliance and Data protection.

Information Management Compliance and Data protection. Information Management Compliance and Data protection. Technology, Media & Telecommunications Information is the life blood of every business. Yet how you use that information is increasingly regulated.

More information

Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten. MHC.ie

Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten. MHC.ie Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten MHC.ie Rewriting the Past Oisin Tobin otobin@mhc.ie Agenda 1. Background 2. Findings and impact: a) Jurisdiction b) A

More information

EU Data Protection and Information Security for Banking & Financial Service sectors 4 th December 2014

EU Data Protection and Information Security for Banking & Financial Service sectors 4 th December 2014 EU Data Protection and Information Security for Banking & Financial Service sectors 4 th December 2014 Janine Regan, Associate George Willis, Associate charlesrussellspeechlys.com Janine Regan Associate

More information

Whistleblowing and Privacy Protection in Europe. Annual CLE Conference November 7 10, 2007, Philadelphia

Whistleblowing and Privacy Protection in Europe. Annual CLE Conference November 7 10, 2007, Philadelphia Whistleblowing and Privacy Protection in Europe Annual CLE Conference November 7 10, 2007, Philadelphia CMS Hasche Sigle Theodor-Heuss-Ring 19-21 D-50668 Cologne Germany Tel.: +49 (0)221 7716-140 Fax:

More information

Data protection issues on an EU outsourcing

Data protection issues on an EU outsourcing Data protection issues on an EU outsourcing Saam Golshani, Alastair Gorrie and Diego Rigatti, Orrick Herrington & Sutcliffe www.practicallaw.com/8-380-8496 Outsourcing can mean subcontracting a process

More information

DIFFERENT LAWS IN DIFFERENT COUNTRIES

DIFFERENT LAWS IN DIFFERENT COUNTRIES DIFFERENT LAWS IN DIFFERENT COUNTRIES 1. Belgium 2. Croatia 3. Cyprus 4. Czech Republic 5. Denmark 6. Finland 7. France 8. Germany 9. Greece 10. Hungary 11. Iceland 12. Ireland 13. Isle of Man 14. Italy

More information

Data protection in Switzerland: overview

Data protection in Switzerland: overview Page 1 of 8 Data protection in Switzerland: overview Resource type: Country Q&A Status: Law stated as at 01-Aug-2014 Jurisdiction: Switzerland A Q&A guide to data protection in Switzerland. This Q&A guide

More information

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),

More information

the paris office Elizabeth Naud and Luc Poux, architects

the paris office Elizabeth Naud and Luc Poux, architects the paris office Elizabeth Naud and Luc Poux, architects dllp Our commitment is to be the definitive source of practical advisory services and our clients most powerful advocates. DECHERT LLP In-depth

More information

BHF Southern African Conference

BHF Southern African Conference BHF Southern African Conference Navigating the complexities of the new legislative framework Peter Hill, Director: IT Governance Network TOPICS TO BE COVERED The practical implementation of the PPI Act

More information

Align Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved.

Align Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved. Align Technology Data Protection Binding Corporate Rules Processor Policy Confidential Contents INTRODUCTION TO THIS POLICY 3 PART I: BACKGROUND AND ACTIONS 4 PART II: PROCESSOR OBLIGATIONS 6 PART III:

More information

FRANCE. Chapter XX OVERVIEW

FRANCE. Chapter XX OVERVIEW Chapter XX FRANCE Merav Griguer 1 I OVERVIEW France has an omnibus privacy, data protection and cybersecurity framework law. As a member of the European Union, France has implemented the EU Data Protection

More information

Big Data for Mutuals. Marc Dautlich 25 November 2013

Big Data for Mutuals. Marc Dautlich 25 November 2013 Big Data for Mutuals Marc Dautlich 25 November 2013 Agenda BIG DATA What is it? OPPORTUNITIES What are they? LEGAL CHALLENGES How do we overcome them? LEGAL REFORM What can we do now to minimise impact?

More information

CLOUD COMPUTING Contractual and data protection aspects

CLOUD COMPUTING Contractual and data protection aspects CLOUD COMPUTING Contractual and data protection aspects Cloudscape VI 25 February 2014, Bruxelles Paolo Balboni Ph.D., Founding Partner, ICT Legal Consulting Domenico Converso LL.M., Senior Associate,

More information

pharmaceutical & biotechnology

pharmaceutical & biotechnology pharmaceutical & biotechnology Our specialist lawyers find practical solutions to legal problems and help pharma and biotech companies to operate and grow their businesses effectively and compliantly.

More information

Salesforce s Processor Binding Corporate Rules. for the. Processing of Personal Data

Salesforce s Processor Binding Corporate Rules. for the. Processing of Personal Data Salesforce s Processor Binding Corporate Rules for the Processing of Personal Data Table of Contents 1. Introduction 3 2. Definitions 3 3. Scope and Application 4 4. Responsibilities Towards Customers

More information

ILIEV AND PARTNERS LAW FIRM. Sofia 1000, Bulgaria. 3 William Gladstone street. Tel: +359 2 851 72 27. Mobile: +359 898 600 116. Fax: +359 2 851 78 87

ILIEV AND PARTNERS LAW FIRM. Sofia 1000, Bulgaria. 3 William Gladstone street. Tel: +359 2 851 72 27. Mobile: +359 898 600 116. Fax: +359 2 851 78 87 ILIEV AND PARTNERS LAW FIRM Sofia 1000, Bulgaria 3 William Gladstone street Tel: +359 2 851 72 27 Mobile: +359 898 600 116 Fax: +359 2 851 78 87 OUR PROFILE ILIEV AND PARTNERS is a leading Bulgarian law

More information

Definitions used in these Grant Conditions can be found at paragraph 13.

Definitions used in these Grant Conditions can be found at paragraph 13. GRANT CONDITIONS These Grant Conditions, together with the Award Letter and the Policies and Positions Statements, set out the terms and conditions on which the Grant is made by the Funders to the Host

More information

Life Sciences & Healthcare

Life Sciences & Healthcare Life Sciences & Healthcare 03 Taylor Wessing is a leading European law firm advising life sciences and healthcare businesses, those who fund them and those who work for them Taylor Wessing has been voted:

More information

Data and Cyber Laws Up-date 9 July 2015

Data and Cyber Laws Up-date 9 July 2015 Data and Cyber Laws Up-date 9 July 2015 Janine Regan Alexia Zuber Viktoria Protokova Simon Holdsworth charlesrussellspeechlys.com Topics Updates on the key aspects of, and commentary on, the proposed GDPR

More information

Employment in Poland 2012

Employment in Poland 2012 BRIEFING NOTE Employment in Poland 2012 1. Employment Cost 2. Legal System 3. Employer s obligations 4. Types of employment contract 5. Working time 6. Holiday 7. Sick pay 8. Parenthood rights 9. Mass

More information

EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda?

EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda? EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda? Dr. Jörg Hladjk Counsel European Data Protection & Privacy Practice Hunton & Williams, Brussels Cyber Security

More information

Cloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL

Cloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL Cloud computing and personal data protection Gwendal LE GRAND Director of technology and innovation CNIL 1 Data protection in Europe Directive 95/46/EC Loi 78-17 du 6 janvier 1978 amended in 2004 (France)

More information

4. We understand this to mean that each provider state will need to ensure indemnity arrangements are in place to cover healthcare provided in that

4. We understand this to mean that each provider state will need to ensure indemnity arrangements are in place to cover healthcare provided in that Medical Defence Union response to consultation on European Commission s proposals for Directive on the application of patients rights in cross-border healthcare Introduction 1. The Medical Defence Union

More information

E-Discovery and EU Data Protection laws

E-Discovery and EU Data Protection laws Robert Bond robert.bond@speechlys.com Alexander Carter-Silk alexander.carter-silk@speechlys.com IP, Technology & Data Group E-Discovery and EU Data Protection laws Alex Carter-Silk, Partner, IP, Technology

More information

Lexcel England and Wales v6 Standard for in-house legal departments Excellence in legal practice management and client care

Lexcel England and Wales v6 Standard for in-house legal departments Excellence in legal practice management and client care www.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for in-house legal departments Excellence in legal practice management and client care Lexcel England and Wales v6 Contents About Lexcel...

More information

1.2. The RAD Data Protection Policy and Procedures is part of the RAD s overall Information Strategy.

1.2. The RAD Data Protection Policy and Procedures is part of the RAD s overall Information Strategy. Data Protection Policy & Procedures 1. Introduction and legal context 1.1. The Royal Academy of Dance (RAD) collects, processes stores and shares information about its employees, members, registered teachers,

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

20/09/2013. Global Privacy and Data Protection: Practical Risk Assessment and Governance. Topics. Case Study Stage 1

20/09/2013. Global Privacy and Data Protection: Practical Risk Assessment and Governance. Topics. Case Study Stage 1 Global Privacy and Data Protection: Practical Risk Assessment and Governance 9 October 2013 Robert Bond, BA, CCEP, HonMIEx Head of Data Protection and Info Security, Speechly Bircham Marti Arvin, CHC-F,

More information

LAHLOU Avocats & Associés. LAHLOU LAW FIRM Casablanca

LAHLOU Avocats & Associés. LAHLOU LAW FIRM Casablanca LAHLOU Avocats & Associés 3 OUR FIRM is a practice specialised in business law. It was founded by Saâd LAHLOU in 2006. Our strategy is twofold. We focus our development efforts, our knowledge and our

More information

Setting up a whistleblowing program 10 Frequently Asked Questions

Setting up a whistleblowing program 10 Frequently Asked Questions Setting up a whistleblowing program 10 Frequently Asked Questions Establishing a whistleblowing program What statutory mandates, in India or abroad, prompt the need for 1 a whistle blower policy/mechanism?

More information

Preparing to become a Hedge Fund/Open-ended Fund AIFM. May 2013. March2013. Preparing to become an AIFM 1

Preparing to become a Hedge Fund/Open-ended Fund AIFM. May 2013. March2013. Preparing to become an AIFM 1 Preparing to become a Hedge Fund/Open-ended Fund AIFM May 2013 March2013 Preparing to become an AIFM 1 Complying with AIFMD We are pleased that the text of the implementing measures has been published.

More information

Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan. charlesrussellspeechlys.com

Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan. charlesrussellspeechlys.com Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan charlesrussellspeechlys.com Janine Regan Associate +44 (0)20 7427 6798 janine.regan@crsblaw.com Janine has extensive experience

More information

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007 Linde Integrity Line Process and Data Protection Policy 1 July 2007 Page 2 of 10 Table of Contents Preamble 3 1 Scope of application 3 2 Definitions 3 3 Submitting Reports Regular Channels 3 4 Submitting

More information

Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws

Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws The Practitioner s Guide to the Sarbanes-Oxley Act, Volume II. 2006 by the American Bar Association. Reproduced with permission. All rights reserved. This information or any any portion thereof may not

More information

WHISTLE BLOWING POLICY & PROCEDURES

WHISTLE BLOWING POLICY & PROCEDURES Management Circular No: GCSL/01.2013 Revised: 01/2014 WHISTLE BLOWING POLICY & PROCEDURES All rights reserved. No part contained in this Policy may be reproduced or copied in any form without the written

More information

Claims Management Services Regulation. Conduct of Authorised Persons Rules 2014

Claims Management Services Regulation. Conduct of Authorised Persons Rules 2014 Claims Management Services Regulation Conduct of Authorised Persons Rules 2014 Effective from 1 October 2014 Contents Introduction 1 Definitions 1 General Rules Principles 2 Conduct of Business 2 Professional

More information

Countries EU - DPR Germany France Spain Switzerland Belgium The Netherlands Hungary Sweden Luxembourg Italy UK

Countries EU - DPR Germany France Spain Switzerland Belgium The Netherlands Hungary Sweden Luxembourg Italy UK DPO in Europe Countries EU - DPR Germany France Spain Switzerland Belgium The Netherlands Hungary Sweden Luxembourg Italy UK Name of DPO Data Protection Officer Beauftragter für den Datenschutz (DSB) Legal

More information

International Factors Group Model Law of Factoring

International Factors Group Model Law of Factoring Afreximbank Conference - Lusaka Regulatory and Legal Aspects of Factoring & International Factors Group Model Law of Factoring Edward Wilde Solicitor with Squire Patton Boggs Financial Services Team London

More information

Background and Philosophy

Background and Philosophy 1 2 3 Background and Philosophy Our office, Kovács Réti Szegheő Attorneys at Law was established in 1992. It has been one of the first law offices in Hungary, which specialises particularly in the legal

More information

New Balkans Law Office

New Balkans Law Office Employment Law Brochure ABOUT US is a Bulgarian legal services provider, with a strong employment law practice. Founded in 2005, the firm has gone from strength to strength, providing advice primarily

More information

January GROUP CODE OF CONDUCT

January GROUP CODE OF CONDUCT January 2013 GROUP CODE GROUP COMMITMENT 1 GROUP COMMITMENT Through its retail and corporate & investment banking networks, and through all its business lines based on insurance, investor services, specialised

More information

On the edge Lexis PSL Restructuring & Insolvency

On the edge Lexis PSL Restructuring & Insolvency On the edge Lexis PSL Restructuring & Insolvency Data protection law for insolvency practitioners November 2014 Welcome to your third edition of On the edge, a series of guides highlighting a selection

More information

The Center for American and International Law. Southwestern Institute for International and Comparative Law

The Center for American and International Law. Southwestern Institute for International and Comparative Law The Center for American and International Law Southwestern Institute for International and Comparative Law Multi-National Counsel Boot Camp: Practical Solutions for International Lawyers A Never Ending

More information

INTERNATIONAL EMPLOYMENT GROUP. Employment Services in Oman

INTERNATIONAL EMPLOYMENT GROUP. Employment Services in Oman INTERNATIONAL EMPLOYMENT GROUP Employment Services in Oman We continue to recommend them to others because of their strength in dealing with detail CHAMBERS GLOBAL 2015 10-5112821-9 0 Addleshaw Goddard's

More information

An overview of UK data protection law

An overview of UK data protection law An overview of UK data protection law Our team Vinod Bange Partner +44 (0)20 7300 4600 v.bange@taylorwessing.com Graham Hann Partner +44 (0)20 7300 4839 g.hann@taylorwessing.com Chris Jeffery Partner +44

More information

Launching a Whistleblower Hotline Across Europe

Launching a Whistleblower Hotline Across Europe WhitePaper Launching a Whistleblower Hotline Across Europe 10/15/12 Table of Contents Abstract. 2 Issues Faced by Multinationals When Launching a European Hotline..2 Three-Step Process for Developing a

More information

Firm Registration Form

Firm Registration Form Firm Registration Form Firm Registration Form This registration form should be completed by firms who are authorised and regulated by the Financial Conduct Authority. All sections of this form are mandatory.

More information

EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update. By Stephen H. LaCount, Esq.

EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update. By Stephen H. LaCount, Esq. EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update By Stephen H. LaCount, Esq. Overview The European Union Data Protection Directive 95/46/EC ( Directive ) went effective in

More information

Terms and conditions in respect of the work undertaken for Varney Barfield

Terms and conditions in respect of the work undertaken for Varney Barfield Terms and conditions in respect of the work undertaken for Varney Barfield Introduction 1. These terms and conditions set out the general terms under which we undertake our business. The specific conditions

More information

ICC Guidelines on Whistleblowing

ICC Guidelines on Whistleblowing ICC Guidelines on Whistleblowing Prepared by the ICC Commission on Anti-Corruption A. Introduction 1. No abatement of corruption and economic fraud Fraud remains one of the most problematic issues for

More information

Complaints Standard. for Suppliers. Categorised as Basic (B or F)

Complaints Standard. for Suppliers. Categorised as Basic (B or F) Complaints Standard for Suppliers Categorised as Basic (B or F) (UK version) Contents Introduction 3 Definitions 3 1. Process, Procedures and Controls 5 2. Regulatory Standards 7 3. Employees 7 4. Publicising

More information

HEICO CORPORATION FINANCE/AUDIT COMMITTEE CHARTER

HEICO CORPORATION FINANCE/AUDIT COMMITTEE CHARTER HEICO CORPORATION FINANCE/AUDIT COMMITTEE CHARTER COMMITTEE'S PURPOSE The Finance/Audit Committee (the Committee ) is appointed by the Board of Directors (the Board ) to assist the Board in monitoring

More information

The Role and Function of a Data Protection Officer in the European Commission s Proposed General Data Protection Regulation. Initial Discussion Paper

The Role and Function of a Data Protection Officer in the European Commission s Proposed General Data Protection Regulation. Initial Discussion Paper The Role and Function of a Data Protection Officer in the European Commission s Proposed General Data Protection Regulation 1. Introduction Initial Discussion Paper The data protection officer ( DPO )

More information

Corporate Code of Ethics

Corporate Code of Ethics FERROVIAL CORPORATE CODE OF ETHICS Corporate Code of Ethics Our complete commitment to the ethics and integrity of our workforce highlights us as a serious company committed to its stakeholders interests.

More information

www.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for legal practices Excellence in legal practice management and client care

www.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for legal practices Excellence in legal practice management and client care www.lawsociety.org.uk/lexcel Lexcel England and Wales v6 Standard for legal practices Excellence in legal practice management and client care Lexcel England and Wales v6 Contents About Lexcel... 3 Glossary

More information

The USA Patriot Act Government Briefing. Kirsten Tisdale, Chris Norman, Sharon Plater & Alexandra (Gina) Henley September 30, 2004

The USA Patriot Act Government Briefing. Kirsten Tisdale, Chris Norman, Sharon Plater & Alexandra (Gina) Henley September 30, 2004 The USA Patriot Act Government Briefing Kirsten Tisdale, Chris Norman, Sharon Plater & Alexandra (Gina) Henley September 30, 2004 Agenda Background Overview of Government Responses and Approach Mitigation

More information

Privacy in the cloud. DNB has indicated that it considers cloud computing a form of outsourcing.

Privacy in the cloud. DNB has indicated that it considers cloud computing a form of outsourcing. Privacy in the cloud computing, and the company concerned is required to submit a risk analysis to DNB. 3 Cloud computing entails the saving, processing and using of company data on the servers of a cloud

More information

Response to the European Commission s consultation on the legal framework for the fundamental right to protection of personal data

Response to the European Commission s consultation on the legal framework for the fundamental right to protection of personal data Stockholm: Göteborg: Malmö: 105 24 Stockholm Box 57 Box 4221 Fax 08 640 94 02 401 20 Göteborg 203 13 Malmö Plusgiro: 12 41-9 Org. Nr: 556134-1248 www.intrum.se Bankgiro: 730-4124 info@se.intrum.com Response

More information

enoch evans LLP to our services

enoch evans LLP to our services enoch evans LLP Solicitors YOUR GUIDE to our services Enoch Evans LLP is a law firm with offices in Walsall, having over 40 Lawyers and in excess of 65 members of staff. The central location allows the

More information

About our law firm. Our offices are located in Warsaw and in Cracow.

About our law firm. Our offices are located in Warsaw and in Cracow. About our law firm A. Goźlińska, S. Staszewska-Lisiak & Partners was established in 2008 and is a Polish independent law firm which provides comprehensive legal consulting services for medium and bigger

More information

Terms and conditions. Introduction

Terms and conditions. Introduction Terms and conditions Introduction 1. These terms and conditions set out the general terms under which we undertake our business. These terms and conditions should be read in conjunction with the terms

More information

Carey Group l Monaco Private Client Services

Carey Group l Monaco Private Client Services Carey Group l Monaco Private Client Services Carey Group History Our heritage dates back to 1968 when we established Carey Trustees Limited, one of the longest established independent trust companies in

More information

Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data

Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data *) For the purposes of these Corporate Guidelines, Third Countries are all those countries, which do not

More information

East Northamptonshire Council Policy & Community Development. Data Protection Policy December 2007

East Northamptonshire Council Policy & Community Development. Data Protection Policy December 2007 East Northamptonshire Council Policy & Community Development Data Protection Policy December 2007 If you would like to receive this publication in an alternative format (large print, tape format or other

More information

This document is currently under review and a new version will be available following consultation

This document is currently under review and a new version will be available following consultation This document is currently under review and a new version will be available following consultation Code of Conduct under the Provision of The Education (Penalty Notices) Regulation 2004 and Subsection

More information

KINGDOM OF SAUDI ARABIA. Capital Market Authority CREDIT RATING AGENCIES REGULATIONS

KINGDOM OF SAUDI ARABIA. Capital Market Authority CREDIT RATING AGENCIES REGULATIONS KINGDOM OF SAUDI ARABIA Capital Market Authority CREDIT RATING AGENCIES REGULATIONS English Translation of the Official Arabic Text Issued by the Board of the Capital Market Authority Pursuant to its Resolution

More information

Data Protection Policy Information for Clients

Data Protection Policy Information for Clients Data Protection Policy Information for Clients Foreword This document outlines Numis Securities Limited s ( the Firm or Numis ) legal obligations and policy on data protection. Further information can

More information

Certifying for Safe Harbor: The Practical Aspects September 15, 2011

Certifying for Safe Harbor: The Practical Aspects September 15, 2011 Certifying for Safe Harbor: The Practical Aspects September 15, 2011 Robert L. Rothman, Principal, Privacy Associates International LLC Kimberly A. Bubnes, Global Privacy Director, General Motors Co. Introduction

More information

Employment Law Make it Top of Your Agenda

Employment Law Make it Top of Your Agenda Employment Law Make it Top of Your Agenda EMPLOYMENT LAW - MAKE IT TOP OF YOUR AGENDA Employment documentation Steeles Law s specialist employment team delivers a comprehensive range of legal and human

More information

Finansinspektionen's Regulations

Finansinspektionen's Regulations Finansinspektionen's Regulations Publisher: Gent Jansson, Finansinspektionen, Box 6750, 113 85 Stockholm. Ordering address: Thomson Fakta AB, Box 6430, 113 82 Stockholm. Tel +46 8-587 671 00, Fax +46 8-587

More information

Pensions. Data protection and pensions. Briefing. Application Data Controller v Data Processor

Pensions. Data protection and pensions. Briefing. Application Data Controller v Data Processor Financial institutions Energy Infrastructure, mining and commodities Transport Technology and innovation Life sciences and healthcare Pensions Data protection and pensions Briefing January 2016 Trustees

More information

Client Agreement for Investments & Insurances

Client Agreement for Investments & Insurances 17 Hamble Road, Swindon, SN25 3PF T: 01793 978184 M: 07984415189 E: jrelph@executivewealthmanagement.co.uk for Investments & Insurances This document must be read in conjunction with our Service Proposition

More information

APES GN 30 Outsourced Services

APES GN 30 Outsourced Services APES GN 30 Outsourced Services Prepared and issued by Accounting Professional & Ethical Standards Board Limited ISSUED: March 2013 Copyright 2013 Accounting Professional & Ethical Standards Board Limited

More information

Act on the Supervision of Financial Institutions etc. (Financial Supervision Act)

Act on the Supervision of Financial Institutions etc. (Financial Supervision Act) FINANSTILSYNET Norway Translation update January 2013 This translation is for information purposes only. Legal authenticity remains with the official Norwegian version as published in Norsk Lovtidend.

More information

Whistleblowing in the Workplace. 8 April 2014

Whistleblowing in the Workplace. 8 April 2014 Whistleblowing in the Workplace 8 April 2014 1 Whistleblowing in the Workplace Chair Ian O Herlihy, Head of Employment & Benefits 2 Whistleblowing The Proposed Legislative Framework Elizabeth Ryan, Partner

More information

International Investigations: Issues to Consider When Conducting or Defending Against an FCPA Investigation Outside the United States

International Investigations: Issues to Consider When Conducting or Defending Against an FCPA Investigation Outside the United States International Investigations: Issues to Consider When Conducting or Defending Against an FCPA Investigation Outside the United States Presentation to: Ninth Annual Pharmaceutical Regulatory and Compliance

More information

GDPR conundrums: The data protection officer requirement

GDPR conundrums: The data protection officer requirement GDPR conundrums: The data protection officer requirement Lokke Moerel One for all... Maybe? The General Data Protection Regulation introduces a general EU-wide obligation to appoint a data protection officer

More information

Resolving IP and Technology Disputes Through WIPO ADR. Getting back to business

Resolving IP and Technology Disputes Through WIPO ADR. Getting back to business Resolving IP and Technology Disputes Through WIPO ADR Getting back to business Intellectual property (IP) is a central component of today s knowledge economy, and its efficient exploitation is of growing

More information

BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS

BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and

More information

Commission on E-Business, IT and Telecoms Task Force on Privacy and the Protection of Personal Data

Commission on E-Business, IT and Telecoms Task Force on Privacy and the Protection of Personal Data International Chamber of Commerce The world business organization Department of Policy and Business Practices Commission on E-Business, IT and Telecoms Task Force on Privacy and the Protection of Personal

More information

Align Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved.

Align Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved. Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

Tilburg University. U.S. Subpoenas and European data protection legislation Moerel, Lokke; Jansen, Nani; Koëter, Jeroen

Tilburg University. U.S. Subpoenas and European data protection legislation Moerel, Lokke; Jansen, Nani; Koëter, Jeroen Tilburg University U.S. Subpoenas and European data protection legislation Moerel, Lokke; Jansen, Nani; Koëter, Jeroen Published in: International Data Privacy Law Document version: Preprint (usually an

More information

The Whistleblower Policy is for guidance only and does not form part of any contract of employment.

The Whistleblower Policy is for guidance only and does not form part of any contract of employment. Whistleblower policy Document Owner Head of Legal Approval Board of Directors Date Last Approved 12 December 2012 Effective From Date 13 December 2012 Date of Next Review and Approval Q4 2014 Access Level

More information

Personal information, for purposes of this Policy, includes any information which relates to an identified or an identifiable person.

Personal information, for purposes of this Policy, includes any information which relates to an identified or an identifiable person. PART I: INTRODUCTION AND BACKGROUND Purpose This Data Protection Binding Corporate Rules Policy ( Policy ) establishes the approach of Fluor to compliance with European data protection law and specifically

More information

Pension plan governance and management

Pension plan governance and management Pension plan governance and management Mercer Pension plan governance Pension and management plan governance and management Ever since the Pensions Act 2004 took effect, most trustee boards have faced

More information

Statement of Guidance: Outsourcing All Regulated Entities

Statement of Guidance: Outsourcing All Regulated Entities Statement of Guidance: Outsourcing All Regulated Entities 1. STATEMENT OF OBJECTIVES 1.1. 1.2. 1.3. 1.4. This Statement of Guidance ( Guidance ) is intended to provide guidance to regulated entities on

More information

BDO Legal Rechtsanwaltsgesellschaft

BDO Legal Rechtsanwaltsgesellschaft www.bdolegal.de BDO Legal Rechtsanwaltsgesellschaft mbh BDO Legal Rechtsanwaltsgesellschaft mbh Berliner Allee 59 40212 Düsseldorf Phone: +49 211 1365-8970 Fax: +49 211 1365-8973 www.bdolegal.de WHO WE

More information