Search results

Article 5 GDPR (section (c) Data minimisation)
Outdated personal data is a subset of inaccurate personal data, as the data became inaccurate over time. The consequences for data subjects can be very

54 KB (6,847 words) - 11:59, 5 November 2024
Article 6 GDPR (section Overridden by interests of the data subject)
of the data subject could in particular override the interest of the data controller where personal data are processed in circumstances where data subjects

138 KB (21,100 words) - 13:30, 10 November 2024
Article 12 GDPR (section Passive communication initiated by the data subject)
personal data are collected from the data subject, the data subject should also be informed whether he or she is obliged to provide the personal data and of

76 KB (11,304 words) - 09:51, 16 October 2024
Article 15 GDPR (section Passive ex-post information about the personal data of the specific data subject)
provided by the data subject (e.g. account data submitted via forms, answers to a questionnaire); observed data or raw data provided by the data subject by

74 KB (9,994 words) - 12:01, 24 October 2024
Article 4 GDPR (section (1) Personal data)
as such, covered by the GDPR. Personal data is often contrasted with 'anonymous' data. Anonymous data is data relating to a person that is not identifiable

127 KB (16,653 words) - 12:50, 31 October 2024
Article 58 GDPR (section (e) Order communication of a data breach to the data subject)
require the controller to comunicate a personal data breach to a data subject, if it considers that the data breach is resulting in a high risk. The order

49 KB (6,297 words) - 14:41, 1 October 2024
Article 32 GDPR (section (c) Ability to restore availability and access to personal data in a timely manner)
where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are

41 KB (5,197 words) - 12:17, 17 April 2024
Article 13 GDPR (section (1) Information the controller shall provide at the time personal data is obtained)
provided where personal data are collected from the data subject 1. Where personal data relating to a data subject are collected from the data subject, the controller

73 KB (9,721 words) - 14:59, 24 October 2024
AEPD (Spain)
office is in Madrid. The requirement to have a data protection authority stems from Article 44 of the Spanish Data Protection Act, which is the national act

4 KB (386 words) - 15:29, 3 September 2021
Article 17 GDPR (section The data subject has the right to obtain...)
applies to personal data which concerns the data subject. This primarily includes the data subject's own personal data, including profiling data, and not those

63 KB (8,772 words) - 15:00, 24 October 2024
Article 9 GDPR (section (e) Related to personal data which are manifestly made public by the data subject)
processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural

48 KB (6,385 words) - 15:00, 15 October 2024
Article 83 GDPR (section (g) the categories of personal data affected;)
Articles 5, 6, 7 and 9; (b) the data subjects' rights pursuant to Articles 12 to 22; (c) the transfers of personal data to a recipient in a third country

55 KB (7,622 words) - 14:04, 7 November 2023
Article 14 GDPR (section (1) Information the controller shall provide when personal data has not been obtained from the data subject)
provided where personal data have not been obtained from the data subject 1. Where personal data have not been obtained from the data subject, the controller

47 KB (5,644 words) - 17:49, 5 March 2024
Article 25 GDPR (section Ensuring that data are not made accessible to an indefinite number of natural persons without the data subject's intervention)
requests by data subjects in accordance with Chapter III of the GDPR. For example: A data broker collects personal data from a vast amount of data. It has

55 KB (6,242 words) - 07:25, 6 November 2024
Article 21 GDPR (section To processing of personal data concerning him or her)
that the data is first processed. However, if data is collected directly from the data subject, Article 13(2)(b) GDPR requires that the data subject will

52 KB (6,444 words) - 15:01, 24 October 2024
Article 24 GDPR (section (2) Data protection policies)
where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are

31 KB (3,554 words) - 07:25, 30 October 2024
Garante per la protezione dei dati personali (Italy)
corrective measures requested, as well as the identification of the data controller or data processor, where known. If possible, the complaint shall contain

7 KB (808 words) - 08:17, 16 February 2023
Article 7 GDPR
shall be able to demonstrate that the data subject has consented to processing of his or her personal data. 2. If the data subject's consent is given in the

31 KB (3,489 words) - 16:00, 8 March 2024
Article 33 GDPR (section (a) Nature of the breach, categories of data subjects and data, numbers)
inform the affected data subjects. The EDPB emphasizes that a data breach is ultimately a matter of data security directly affecting the data subjects' interests

54 KB (6,536 words) - 13:52, 4 August 2024
Article 28 GDPR (section (e) Assisting with the controller's obligation to respond to data subject's requests)
security measures, compliance with data retention requirements, data location, data transfers, data access, recipients of data, use of sub-processors, and other

73 KB (9,193 words) - 15:43, 24 October 2024