You are currently accessing Global Investigations Review via your firmwide account.
If you would like to login via a personal account, please use the link below. Log in
Global Investigations Review - The law and practice of international investigations
Select specific questions to filter on. Alternatively select no questions and select jurisdictions above to see all question answers for them.
What laws and regulations in your jurisdiction regulate the collection and processing of personal data?
What other laws and regulations may prevent data sharing in the context of an investigation?
What can constitute personal data for the purposes of data protection laws?
Does personal data protection relate only to natural persons or also legal persons?
To whom do data protection laws apply?
What acts or operations on personal data are regulated by data protection laws?
What are the principal obligations on data controllers to ensure the proper processing of personal data?
Before data extraction by third parties commences, should steps be taken to ascertain whether non-locally generated data was lawfully transferred to, or within, your jurisdiction in the first instance?
Are there additional requirements where third parties process the data on behalf of the entity to which data protection laws primarily apply?
Is the consent of the data subject mandatory for the processing of personal data as part of an investigation? And how can consent be given by a data subject?
If not mandatory, should consent still be considered when planning and carrying out an investigation?
Is it possible for data subjects to give their consent to such processing in advance?
What rights do data subjects have to access or verify their personal data, or to influence or resist the processing of their personal data, as part of an investigation?
How are law firms, and legal process outsourcing firms, generally characterised in your jurisdiction?
Are there any additional requirements, beyond those specified above, that regulate the disclosure of data to third parties within your jurisdiction for the purpose of reviewing the content of documents, etc?
What rules regulate the transfer of data held in your jurisdiction to a third party in another country for the purpose of reviewing the content of documents, etc?
Under what circumstances is the transfer of personal data to regulators or enforcement authorities within your jurisdiction permissible?
Under what circumstances is the transfer of personal data held within your jurisdiction to regulators or enforcement authorities in another country permissible?
What are some recommended steps to take on receipt of a request from a regulator for disclosure of personal data?
What are the sanctions and penalties for non-compliance with data protection laws?
What are the continuing obligations on the original data controller that apply in an investigation?
What are the continuing obligations on any intervening data controller that apply in an investigation?
Provide a list of relevant materials, including any decisions or guidance of the data protection authority in your jurisdiction regarding internal and external investigations, and transfers to regulators or enforcement authorities within and outside your jurisdiction.
Interested in contributing to this Know-how?
E-mail our Insight Manager
Allen & Overy LLP
King & Spalding (Moscow)
Allen & Overy Bratislava, s.r.o.
Copyright © Law Business Research
Company Number: 03281866 VAT: GB 160 7529 10