Een cookiebanner zonder onderliggende trackerinventaris voldoet niet aan de cookieregels.
Toezichthouders vragen tijdens audits steeds vaker om beide: het toestemmingsmechanisme én de documentatie van waarvoor toestemming wordt gevraagd. Een CMP-scan vervangt de inventaris niet.
Nieuwe gids voor MKB-bedrijven over wat ePrivacy art. 5 lid 3 vereist, de vier trackercategorieën, en wat verandert onder het Digital Omnibus-voorstel.
https://readmodel.com/blog/article.php?slug=cookie-tracker-inventory-guide
#AVG #Privacy #Cookies #readmodel #locaverdi

Cookie- en trackerinventaris op serviceniveau, in hetzelfde datamodel als je data map.
Voorgevulde bibliotheek van 167 trackers (Cookiebot, GA4, Matomo, Meta, LinkedIn, Stripe, Intercom, Sentry…). Risicoregister markeert niet-essentiële trackers zonder toestemmingsmechanisme. Ingebouwde cookie-beleidsgenerator. Gratis Explore-tier.
https://readmodel.com/blog/article.php?slug=cookie-tracker-inventory-guide
#AVG #ePrivacy #PrivacyTech #readmodel #locaverdi

De meeste MKB-cookie-inventarissen missen localStorage, pixels die pas afgaan na een klik, beacons bij foutmeldingen, en fingerprinting. Een CMP-scanner ziet die niet allemaal.
Daarom ziet een audit ze wel.
Schreef een gids voor MKB-bedrijven over wat ePrivacy art. 5 lid 3 echt vereist en waarom de banner alleen niet voldoende is.
https://readmodel.com/blog/article.php?slug=cookie-tracker-inventory-guide
#AVG #Privacy #readmodel #locaverdi

Cross-border transfers in your data map automatically flagged for Transfer Impact Assessment when the destination falls outside EU adequacy.
EDPB six-step workflow, steps 1, 2 and 6 pre-filled from inventory. Country-specific risk hints. Linked to the DPIA where the same processing requires both. Free Explore tier includes everything.
https://readmodel.com/blog/article.php?slug=transfer-impact-assessment-guide
#GDPR #SchremsII #PrivacyTech #readmodel #locaverdi

Six years after Schrems II, Transfer Impact Assessments remain the most operationally awkward part of GDPR for SMEs.
New guide covers what a TIA requires in 2026: the EDPB six-step methodology, current adequacy landscape, country-specific risk for the destinations SMEs actually use, and how to fit it onto your existing data map.
Schrems III pending at CJEU.
https://readmodel.com/blog/article.php?slug=transfer-impact-assessment-guide
#GDPR #SchremsII #DataTransfers #readmodel #locaverdi

Six years after Schrems II, most SMEs using mainstream SaaS have US transfers, Indian sub-processors, AI services running inference somewhere they can't name — and no documented Transfer Impact Assessment for any of it.
Schrems III is pending at the CJEU. The organisations doing TIAs now will barely notice the ruling. The ones relying on DPF certification won't.
https://readmodel.com/blog/article.php?slug=transfer-impact-assessment-guide
#GDPR #SchremsII #readmodel #locaverdi

Ransomware resilience for SMEs isn't about buying expensive tools. It's about a short list of high-impact controls done properly.
New guide: 10-point plan aimed at organisations without dedicated security teams. Covers immutable backups, MFA, recovery drills, offsite storage, credential management, and what to actually test.
https://readmodel.com/blog/article.php?slug=ransomware-resilience-checklist
#RansomwareResilience #CyberSecurity #SMB #readmodel #locaverdi

Ransomware readiness scored per service, 0–100, weighted by what actually determines recovery.
Immutable backups and MFA carry the highest weight. Backup testing, offsite storage, patch management, encryption, credential management, account recovery, criticality — all factored in. Services scoring below 40 flagged as critical.
https://readmodel.com/blog/article.php?slug=ransomware-resilience-checklist
#RansomwareResilience #CyberSecurity #BackupStrategy #readmodel #locaverdi

Most SME ransomware advice is either "buy this expensive tool" or "here's a scary statistic." Both unhelpful.
The boring version: immutable backups + MFA + a tested recovery plan covers most of what matters. Controls most teams don't find exciting to implement, which is exactly why they don't.
Wrote a 10-point checklist for organisations without dedicated security teams.
https://readmodel.com/blog/article.php?slug=ransomware-resilience-checklist
#RansomwareResilience #CyberSecurity #readmodel #locaverdi

Five-minute Readmodel® demo: full compliance workflow in one walkthrough.
Create a project. Add Claude as an AI service. Add a user, their laptop, their access. Watch the risk register catch the gaps — missing 2FA, undocumented processor role, unreviewed access. Run an access review. Generate the printable ROPA with an AI-written summary section.
https://youtu.be/20VtaBhrfpQ
Free Explore tier: https://readmodel.com
#DataMapping #GDPR #ROPA #readmodel #locaverdi