Has the data privacy authority issued any guidance on data privacy compliance in the context of transactional activity (including, but not limited to, share sales, asset sales, reorganizations or spinouts)?
Last review date: 15 January 2025
No.
In the context of an asset sale (the sale of a separate business unit as a going concern), does the acquiring entity inherit liability for pre-acquisition data privacy or cybersecurity breaches (connected with the assets that are the subject of the asset sale)?
Last review date: 15 January 2025
☒ It depends (for example, on the way the asset sale is structured, and/or the assets being acquired)
If so, how would any regulatory fines be calculated?
Last review date: 15 January 2025
☒ Based on a metric other than those outlined above
In the context of a share sale (where the acquiring entity acquires 100% of the shares of a target company), does the acquiring entity inherit liability for pre-acquisition data privacy or cybersecurity breaches (connected with the target company)?
Last review date: 15 January 2025
☒ No [note: the liability is still on the target as it continues to exist after the transaction]