The controller and the processor shall designate a data protection officer in any case where: the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope … Continue reading Art. 37 GDPR – Designation of the data protection officer| General Data Protection Regulation (GDPR)
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. Paragraph 1 shall not apply if the decision: is necessary for entering into, or performance of, a contract between … Continue reading Art. 22 GDPR – Automated individual decision-making, including profiling| General Data Protection Regulation (GDPR)
Where personal data have not been obtained from the data subject, the controller shall provide the data subject with the following information: the identity and the contact details of the controller and, where applicable, of the controller’s representative; the contact details of the data protection officer, where applicable; the purposes of the processing for which … Continue reading Art. 14 GDPR – Information to be provided where personal data have not been obtained from the data subject| General Data Protection Regulation (GDPR)
Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with all of the following information: the identity and the contact details of the controller and, where applicable, of the controller’s representative; the contact details of … Continue reading Art. 13 GDPR – Information to be provided where personal data are collected from the data subject| General Data Protection Regulation (GDPR)