On January 16, 2024, Filip & Company announced that the transfer of the Orange Money Romania retail business to Alpha Bank (reported by CEE Legal Matters on August 29, 2023) had closed.

CEE Attorneys has advised Webscope shareholder Jan Vorcak on the sale of the company to the Mibcon Group.

Dentons has advised HB Reavis on the sale of its in-house-developed technology platform Symbiosy to HqO.

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (“DORA”) contains a number of requirements for ICT service providers, which will become binding on January 17, 2025. Therefore, 2024 will be a year of intensive work on the part of service providers to ensure compliance with the new, demanding regulation.

Under the GDPR, data subjects may claim compensation if they suffered damages because the controller infringed his obligations under the GDPR. Does a data theft by cybercriminals mean that the controller has not adopted appropriate data security measures meaning that he failed to comply with his data protection obligations? Can the data subject claim compensation if his only damage is the fear that his personal data was misused? The Court of Justice of the European Union answered these questions in a fresh decision which will be analysed in this short article.

Although gender identity does not constitute sensitive data under the GDPR, its legal protection is nevertheless very robustly designed. Companies that choose to disregard it may face claims for damages and fines.