Right to Erasure is one of the fundamental rights under GDPR, defined in Article 17, that companies need to understand.| GDPR Local
I’m back from my vacation in Romania, and happy I’ve managed to escape the 40 degrees (Celsius) and come back to a very suspicious looking summer here in Malmo.| Juliana Jackson
1Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the … Continue reading Art. 35 GDPR – Data protection impact assessment| General Data Protection Regulation (GDPR)
Do you need a RoPA? GDPR Article 30 details best practices for maintaining a record of processing activities for every type of business.| www.osano.com
Each supervisory authority shall ensure that the imposition of administrative fines pursuant to this Article in respect of infringements of this Regulation referred to in paragraphs 4, 5 and 6 shall in each individual case be effective, proportionate and dissuasive. 1Administrative fines shall, depending on the circumstances of each individual case, be imposed in addition … Continue reading Art. 83 GDPR – General conditions for imposing administrative fines| General Data Protection Regulation (GDPR)
Between data laws and consumer demand, opt-in and opt-out mechanisms are a critical part of running any online business. Learn the difference and how-to use each method of getting consent!| Termly
We take a look at the subtle differences between personal and sensitive personal information and how your business needs to handle each one.| Termly
1Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility. 2That record shall contain all of the following information: the name and contact details of the controller and, where applicable, the joint controller, the controller’s representative and the data protection officer; the purposes of the processing; a … Continue reading Art. 30 GDPR – Records of processing activities| General Data Protection Regulation (GDPR)
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies: the personal data are no longer necessary in relation to … Continue reading Art. 17 GDPR – Right to erasure (‘right to be forgotten’)| General Data Protection Regulation (GDPR)
Where personal data have not been obtained from the data subject, the controller shall provide the data subject with the following information: the identity and the contact details of the controller and, where applicable, of the controller’s representative; the contact details of the data protection officer, where applicable; the purposes of the processing for which … Continue reading Art. 14 GDPR – Information to be provided where personal data have not been obtained from the data subject| General Data Protection Regulation (GDPR)
The Irish State announced its new plan to build a porn preference register for most of the EU, amongst other mad things. This is the Gist.| The Gist
Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with all of the following information: the identity and the contact details of the controller and, where applicable, of the controller’s representative; the contact details of … Continue reading Art. 13 GDPR – Information to be provided where personal data are collected from the data subject| General Data Protection Regulation (GDPR)
Processing shall be lawful only if and to the extent that at least one of the following applies: the data subject has given consent to the processing of his or her personal data for one or more specific purposes; processing is necessary for the performance of a contract to which the data subject is party … Continue reading Art. 6 GDPR – Lawfulness of processing| General Data Protection Regulation (GDPR)