What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA and UCPA companies?
Takeaway 1: You can get a 725,000 EUR fine for privacy notice transparency violations.
Takeaway 2: Go back and read the EDPB Guidelines on Transparency and on Automated Decision Making, which are referenced heavily throughout the decision.
For a deeper dive, check out this alert.