Search results
From GDPRhub
- Article 5 GDPR (section (c) Data minimisation)Outdated personal data is a subset of inaccurate personal data, as the data became inaccurate over time. The consequences for data subjects can be very51 KB (6,355 words) - 08:25, 18 April 2024
- of the data subject could in particular override the interest of the data controller where personal data are processed in circumstances where data subjects108 KB (17,005 words) - 15:39, 18 March 2024
- personal data are collected from the data subject, the data subject should also be informed whether he or she is obliged to provide the personal data and of76 KB (11,304 words) - 08:37, 4 March 2024
- Article 4 GDPR (section (1) Personal data)as such, covered by the GDPR. Personal data is often contrasted with 'anonymous' data. Anonymous data is data relating to a person that is not identifiable125 KB (16,328 words) - 16:01, 8 March 2024
- require the controller to comunicate a personal data breach to a data subject, if it considers that the data breach is resulting in a high risk. The order46 KB (5,825 words) - 11:12, 7 November 2023
- Article 32 GDPR (section (c) Ability to restore availability and access to personal data in a timely manner)where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are41 KB (5,197 words) - 12:17, 17 April 2024
- Article 15 GDPR (section Passive ex-post information about the personal data of the specific data subject)provided by the data subject (e.g. account data submitted via forms, answers to a questionnaire); observed data or raw data provided by the data subject by73 KB (9,896 words) - 15:46, 18 March 2024
- Article 13 GDPR (section (1) Information the controller shall provide at the time personal data is obtained)provided where personal data are collected from the data subject 1. Where personal data relating to a data subject are collected from the data subject, the controller71 KB (9,532 words) - 13:30, 6 March 2024
- office is in Madrid. The requirement to have a data protection authority stems from Article 44 of the Spanish Data Protection Act, which is the national act4 KB (386 words) - 15:29, 3 September 2021
- applies to personal data which concerns the data subject. This primarily includes the data subject's own personal data, including profiling data, and not those61 KB (8,488 words) - 15:47, 18 March 2024
- Article 9 GDPR (section (e) Related to personal data which are manifestly made public by the data subject)processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural44 KB (5,905 words) - 14:00, 24 October 2023
- Articles 5, 6, 7 and 9; (b) the data subjects' rights pursuant to Articles 12 to 22; (c) the transfers of personal data to a recipient in a third country55 KB (7,622 words) - 14:04, 7 November 2023
- Article 25 GDPR (section Designed to implement data-protection principles in an effective manner and protecting data subjects' rights and freedoms)of data protection by design and data protection by default. Such measures could consist, inter alia, of minimising the processing of personal data, pseudonymising43 KB (4,675 words) - 06:43, 16 June 2023
- Article 14 GDPR (section (1) Information the controller shall provide when personal data has not been obtained from the data subject)provided where personal data have not been obtained from the data subject 1. Where personal data have not been obtained from the data subject, the controller47 KB (5,644 words) - 17:49, 5 March 2024
- that the data is first processed. However, if data is collected directly from the data subject, Article 13(2)(b) GDPR requires that the data subject will49 KB (5,993 words) - 06:22, 16 June 2023
- Article 24 GDPR (section (2) Data protection policies)where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are30 KB (3,458 words) - 10:31, 25 April 2024
- corrective measures requested, as well as the identification of the data controller or data processor, where known. If possible, the complaint shall contain7 KB (808 words) - 08:17, 16 February 2023
- shall be able to demonstrate that the data subject has consented to processing of his or her personal data. 2. If the data subject's consent is given in the31 KB (3,489 words) - 16:00, 8 March 2024
- inform the affected data subjects. The EDPB emphasizes that a data breach is ultimately a matter of data security directly affecting the data subjects' interests54 KB (6,536 words) - 08:22, 16 June 2023
- Article 28 GDPR (section (e) Assisting with the controller's obligation to respond to data subject's requests)security measures, compliance with data retention requirements, data location, data transfers, data access, recipients of data, use of sub-processors, and other72 KB (9,140 words) - 13:12, 2 June 2023
- personal data; Recommendations relating to social, economical and technological developments that can impact on the processing of personal data. Headed9 KB (993 words) - 07:10, 28 July 2022
- persons based on profiling those data or following the processing of special categories of personal data, biometric data, or data on criminal convictions and52 KB (7,297 words) - 08:05, 18 July 2023
- personal data in compliance with GDPR. This can be done by ordering return of data to the EU/EEA, banning future processing of respective data outside the60 KB (7,796 words) - 20:12, 1 April 2024
- where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are33 KB (4,215 words) - 09:57, 19 March 2024
- Article 2 GDPR (section Personal data)the GDPR, this also includes so-called 'pseudonymised data'. However, truly anonymous data and data not relating to a person is not regulated by the GDPR34 KB (4,652 words) - 12:07, 12 November 2023
- controller, or processor must have processed the personal data of the data subject. Consequently, if no data processing has ever occurred, there is obviously no33 KB (3,641 words) - 09:51, 19 March 2024
- because data subjects residing on their territory are substantially affected, or because a complaint has been lodged with them. Also where a data subject35 KB (4,017 words) - 16:04, 18 March 2024
- Article 34 - Communication of a personal data breach to the data subject 1. When the personal data breach is likely to result in a high risk to the rights37 KB (3,962 words) - 15:20, 16 June 2023
- Datatilsynet (Denmark) (section Data Council)The Danish Data Protection Authority (Datatilsynet) is the national Data Protection Authority for Denmark. It resides in Copenhagen and is in charge of6 KB (605 words) - 14:08, 27 April 2021
- processing of personal data is carried out at that location. The presence and use of technical means and technologies for processing personal data or processing55 KB (7,446 words) - 22:28, 1 April 2024
- personal data are collected from the data subject, the data subject should also be informed whether he or she is obliged to provide the personal data and of31 KB (4,768 words) - 06:24, 16 June 2023
- activities shall describe the categories of data subjects and the categories of personal data. Examples of categories of data subjects are "website visitors", "clinic31 KB (3,327 words) - 15:31, 5 June 2023
- access to data by the third country’s authorities, because contractual guarantees, such as the standard data protection clauses agreed between the data exporter34 KB (3,646 words) - 08:53, 27 March 2023
- special categories of personal data and data relating to criminal convictions and offences, a person with expert knowledge of data protection law and practices43 KB (4,904 words) - 12:59, 21 July 2023
- personal data, the right to data portability, the right to object, decisions based on profiling, as well as the communication of a personal data breach to44 KB (4,896 words) - 06:25, 16 June 2023
- Principles of Data Processing Any processing of personal data should be lawful and fair. It should be transparent to natural persons that personal data concerning23 KB (2,489 words) - 23:24, 6 March 2024
- Authority for Personal Data Processing (Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal) is the national Data Protection Authority3 KB (270 words) - 08:26, 2 April 2021
- The Hellenic Data Protection Authority (Αρχή προστασίας δεδομένων προσωπικού χαρακτήρα) is the national Data Protection Authority for Greece. It resides23 KB (2,039 words) - 08:15, 25 April 2024
- special categories of personal data and data relating to criminal convictions and offences, a person with expert knowledge of data protection law and practices29 KB (2,951 words) - 14:19, 25 July 2023
- specific national rules on data protection, such as on special categories of data (Article 9 GDPR) or human resources data (Article 88 GDPR). It is not35 KB (3,971 words) - 21:34, 1 April 2024
- Article 18 GDPR (section (b) Processing is unlawful, data should be erased, but the data subject opposes the erasure)preventing the data controller from erasing the personal data. The data subjects may want to oppose the erasure of their personal data for different reasons32 KB (3,730 words) - 08:43, 7 March 2024
- Article 10: Processing of personal data relating to criminal convictions and offences Processing of personal data relating to criminal convictions and17 KB (1,768 words) - 15:41, 18 March 2024
- their personal data in non-compliance with the GDPR. Article 79 GDPR is a data subject right. Resultantly, the plaintiff must be a data subject within31 KB (3,550 words) - 11:11, 29 November 2023
- new challenges for the protection of personal data. The scale of the collection and sharing of personal data has increased significantly. Technology allows21 KB (1,831 words) - 08:51, 27 March 2023
- unduly burdened by data protection rules. Article 85(1) GDPR sets out a legal framework to reconcile the data subject’s right to data protection with the33 KB (3,748 words) - 14:25, 7 November 2023
- General Data Protection Regulation (GDPR) 2016/679 was enacted, it was transposed into national law through the Data Protection Act 2018. The Data Protection18 KB (2,488 words) - 15:22, 14 December 2021
- or services to data subjects in the Union. Recital 24: Applicable if Monitoring EU Data Subjects The processing of personal data of data subjects who are37 KB (4,635 words) - 13:29, 24 October 2023
- freedoms of data subjects pursuant to this Regulation; (d) where applicable, the contact details of the data protection officer; (e) the data protection31 KB (3,646 words) - 08:51, 21 July 2023
- The Icelandic Data Protection Authority (Persónuvernd) is the national Data Protection Authority for Iceland. It resides in Reykjavík and is in charge2 KB (139 words) - 15:11, 1 December 2020
- Office of the Data Protection Ombudsman is headed by the Data Protection Ombudsman (tietosuojavaltuutettu / dataombudsman) and two Deputy Data Protection5 KB (492 words) - 18:09, 19 March 2024
- special categories of personal data and data relating to criminal convictions and offences, a person with expert knowledge of data protection law and practices23 KB (2,165 words) - 15:10, 27 July 2023
- effective and enforceable data subject rights and effective administrative and judicial redress for the data subjects whose personal data are being transferred;43 KB (5,641 words) - 14:58, 28 April 2022
- should be issued, namely profiling, data breaches, risk to data subject rights and freedoms, binding corporate rules, and data transfers. As Schiedermair emphasises27 KB (3,038 words) - 12:19, 11 October 2023
- respect to the storage of the data. Each entity of the group enters the data of its own clients and prospects and processes such data for its own purposes only37 KB (3,915 words) - 12:49, 24 May 2023
- independent body and it oversees personal data protection and access to public information in Slovenia. In the field of data protection, it has competencies under10 KB (1,242 words) - 10:51, 6 February 2024
- overlap in text with the LED. The European Data Protection Supervisor (European Data Protection Supervisor) is the data protection authority for European Union3 KB (351 words) - 12:54, 10 May 2024
- Article 49 GDPR (section (b) Necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject's request)relevant is the incapacity of the data subject to provide consent. If the data subject is able to consent, even if the data transfer is necessary to protect29 KB (3,500 words) - 08:54, 27 March 2023
- If a data subject’s personal data is otherwise affected by the SA decision, for example in case of a data breach in which the data subject’s data was disclosed30 KB (3,874 words) - 10:46, 7 December 2023
- controller or a processor not established in the Union is processing personal data of data subjects who are in the Union whose processing activities are related22 KB (2,042 words) - 14:29, 20 November 2023
- relating to data protection, in a manner that would negatively affect the free flow of personal data. Nevertheless, given that the right to data protection27 KB (2,604 words) - 14:24, 16 January 2024
- General Data Protection Regulation (GDPR) 2016/679 was enacted, it was transposed into national law through the Personal Data Act. The Personal Data Act is10 KB (1,078 words) - 06:40, 26 March 2023
- Article 20 GDPR (section (1) Right to data portability)compliance for the new data controller. A data portability request only applies to personal data concerning the data subject. Pseudonymous data is within the scope40 KB (5,349 words) - 07:05, 1 June 2023
- collection of personal data; (d) the pseudonymisation of personal data; (e) the information provided to the public and to data subjects; (f) the exercise44 KB (5,008 words) - 14:50, 28 July 2023
- controller or of the processor, who has access to personal data, shall not process those data except on instructions from the controller, unless required13 KB (674 words) - 13:15, 2 June 2023
- of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by29 KB (2,823 words) - 15:15, 28 April 2022
- Article 27 GDPR (section (a) Processing Which is Occasional and Does Not Include Data in the Sense of Articles 9 and 10 GDPR)EU-based data subjects is not reduced where non-EU based controllers or processors process their data. It aims to both provide a contact point for data subjects25 KB (2,418 words) - 14:11, 24 May 2023
- Article 80 - Representation of data subjects 1. The data subject shall have the right to mandate a not-for-profit body, organisation or association which26 KB (2,575 words) - 15:50, 9 November 2023
- identify the purpose of personal data processing for scientific research purposes at the time of data collection. Therefore, data subjects should be allowed29 KB (3,695 words) - 13:44, 21 March 2024
- further! The CNIL takes the view that the data subject is not a party to a complaints procedure. It only informs the data subject about the status of its complaint8 KB (824 words) - 22:52, 27 February 2024
- pose significant risks for the rights and freedoms of data subjects and/or the free flow of data. The majority of the objections raised on the substance33 KB (4,185 words) - 16:09, 2 November 2023
- relation to the processing of personal data. Such specific protection should, in particular, apply to the use of personal data of children for the purposes of19 KB (1,335 words) - 13:56, 24 October 2023
- protection of personal data. Recital 7: Control Over Own Personal Data Those developments require a strong and more coherent data protection framework in28 KB (3,831 words) - 16:21, 14 March 2024
- DSB (Austria) (section Relevant Elements under the Austria Data Protection Act and Administrative Procedural Act)email or via phone. Each party (data subject and controller) have all procedural rights under the AVG. The national Data Protection Act (Datenschutzgesetz11 KB (1,468 words) - 13:27, 14 May 2023
- processing the data contrary to the exercise of the data subject's rights, and whether the communication is actually in the interest of the data subject. The19 KB (1,436 words) - 12:35, 12 May 2023
- special categories of data, video surveillance, the processing of employee data documentation, and the compensation of employees for data breaches. → You can32 KB (3,228 words) - 13:32, 30 November 2023
- certification bodies which have an appropriate level of expertise in relation to data protection shall, after informing the supervisory authority in order to allow22 KB (1,634 words) - 14:40, 28 July 2023
- identification. Recital 26: Applicable to Pseudonymous Data, Not Applicable to Anonymous Data The principles of data protection should apply to any information concerning20 KB (1,854 words) - 16:32, 8 March 2024
- adopt a list of the processing operations subject to the requirement for a data protection impact assessment pursuant to Article 35(4); (b) concerns a matter23 KB (2,079 words) - 16:07, 2 November 2023
- protect the rights and freedoms of data subjects, in particular when the danger exists that the enforcement of a right of a data subject could be considerably20 KB (1,590 words) - 16:11, 2 November 2023
- in relation to the processing of their personal data and to facilitate the free flow of personal data within the internal market. For that purpose, the24 KB (2,181 words) - 11:46, 15 January 2024
- out tasks conferred on the European Data Protection Supervisor. 4. Where appropriate, the Board and the European Data Protection Supervisor shall establish20 KB (1,347 words) - 14:21, 17 October 2023
- certification mechanisms and data protection seals and marks should be encouraged, allowing data subjects to quickly assess the level of data protection of relevant27 KB (2,452 words) - 14:26, 28 July 2023
- personal data are collected from the data subject Article 14: Information to be provided where personal data have not been obtained from the data subject12 KB (295 words) - 08:25, 19 October 2023
- right to the protection of personal data and the right to freedom of information (access to data of public interest and data accessible on public interest grounds)7 KB (821 words) - 14:16, 7 March 2024
- protection of personal data pursuant to this Regulation. Recital 4: Balance Against Other Fundamental Rights The processing of personal data should be designed22 KB (2,177 words) - 10:01, 19 March 2024
- protection of personal data; (b) provide international mutual assistance in the enforcement of legislation for the protection of personal data, including through17 KB (1,142 words) - 15:41, 28 April 2022
- The President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych) is the national Data Protection Authority for Poland. It3 KB (249 words) - 14:38, 1 December 2020
- Article 68 - European Data Protection Board 1. The European Data Protection Board (the ‘Board’) is hereby established as a body of the Union and shall20 KB (1,632 words) - 10:01, 11 October 2023
- specific to data processing or have broader application (e.g. laws on cybersecurity, fraud and alike). For example, under § 63 of the Austrian Data Protection19 KB (1,477 words) - 14:12, 7 November 2023
- of consistency” in data protection law. This is particularly relevant given the fact that Member States may give effect to EU data protection law in ways30 KB (2,720 words) - 14:02, 28 July 2023
- level of data protection offered by a third country should be “essentially equivalent” to that of the EU. Zerdick, in Kuner et al., The EU General Data Protection16 KB (778 words) - 08:24, 19 October 2023
- Processing of Personal Data established by Article 29 of Directive 95/46/EC shall be construed as references to the European Data Protection Board established13 KB (530 words) - 09:40, 3 October 2023
- objectives of which are to protect the right to data protection and facilitate the free flow of personal data within the Union. Especially relevant to the34 KB (3,649 words) - 13:19, 30 October 2023
- establishments in several Member States or where a significant number of data subjects in more than one Member State are likely to be substantially affected22 KB (1,915 words) - 13:46, 15 January 2024
- used only under appropriate safeguards for the rights and freedoms of the data subject pursuant to this Regulation. National identification numbers (NIN)15 KB (660 words) - 09:37, 1 December 2023
- Rights The processing of personal data should be designed to serve mankind. The right to the protection of personal data is not an absolute right; it must25 KB (2,482 words) - 10:04, 19 March 2024
- personal data, the EPD also protects the legitimate interests of legal persons. Moreover, whilst the GDPR specifically protects personal data in accordance20 KB (1,539 words) - 08:21, 19 October 2023
- persons based on profiling those data or following the processing of special categories of personal data, biometric data, or data on criminal convictions and15 KB (1,196 words) - 08:15, 19 October 2023
- clear that the competent SA when examining a data subject's claim relating to the third-country transfer of data "must be able to examine, with complete independence47 KB (5,594 words) - 22:45, 1 April 2024
- in the area of personal data protection, required to perform its duties and exercise its powers. In addition to expertise in data protection law, in particularly29 KB (2,894 words) - 23:06, 1 April 2024
- third countries regulating the transfer of personal data including appropriate safeguards for the data subjects. Member States may conclude international14 KB (716 words) - 15:19, 28 April 2022
- processing of genetic data, biometric data or data concerning health. However, this should not hamper the free flow of personal data within the Union when18 KB (1,599 words) - 12:26, 29 April 2022
- assisted by a secretariat provided by the European Data Protection Supervisor. The staff of the European Data Protection Supervisor involved in carrying out15 KB (808 words) - 09:44, 17 October 2023
- third countries regulating the transfer of personal data including appropriate safeguards for the data subjects. Member States may conclude international13 KB (450 words) - 08:22, 19 October 2023
- General Data Protection Regulation (GDPR), Article 76 GDPR, p. 1111-1112 (Oxford University Press 2020). Docksey, in Kuner et al., The EU General Data Protection15 KB (787 words) - 08:17, 19 October 2023
- Personal Data established by Directive 95/46/EC. It should consist of the head of a supervisory authority of each Member State and the European Data Protection18 KB (1,327 words) - 12:36, 14 December 2023
- important role is the European Data Protection Board (EDPB). The ultimate goal of ensuring consistency in the European data protection system is implemented15 KB (851 words) - 06:55, 29 April 2022
- Overview of GDPR (section GDPR as a raw data law)French 1978 Data Protection Act. Realizing that protections would be undermined when personal data is sent across boarders, but the limitation of data flows48 KB (5,978 words) - 15:57, 1 February 2024
- of Union Acts relating to data protection in a manner which corresponds with the GDPR's regulatory framework. Given that data protection affects several15 KB (943 words) - 09:58, 8 November 2023
- particular their right to the protection of personal data and to ensure the free movement of personal data within the Union, the power to adopt acts in accordance19 KB (1,525 words) - 08:18, 19 October 2023
- different SAs over new or contentious data protection issues. Additionally, the reports can be a good reference point for data protection officers. If a breach15 KB (718 words) - 15:31, 19 October 2023
- personal data are collected from the data subject Article 14: Information to be provided where personal data have not been obtained from the data subject17 KB (1,096 words) - 08:19, 19 October 2023
- the processing of personal data, such as the legal grounds for processing or data protection principles. The European Data Protection Board established22 KB (2,266 words) - 08:26, 17 October 2023
- Personal Data established by Directive 95/46/EC. It should consist of the head of a supervisory authority of each Member State and the European Data Protection19 KB (1,530 words) - 14:23, 12 October 2023
- supervisory authorities (“SA”), but also between the SAs and the European Data Protection Board (“EDPB”). The necessity of a reliable and efficient system15 KB (810 words) - 16:13, 2 November 2023
- suspension of judicial proceedings in multiple Member States in the context of data protection. The Article addresses issues of coordination where parallel proceedings27 KB (2,619 words) - 14:52, 16 November 2023
- The data controller also failed to inform the Data Protection Commission of the data breach for 29 weeks. You can help us filling this section! Data Protection8 KB (1,034 words) - 14:13, 20 August 2021
- page. The CNPD verifies if personal data is processed in accordance with the following provisions: the General Data Protection Regulation (GDPR); the Act10 KB (1,199 words) - 10:14, 19 October 2022
- The Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka) is the national Data Protection Authority for Croatia. It resides in2 KB (158 words) - 17:18, 22 October 2023
- The Commissioner for Personal Data Protection (Επίτροπος Δεδομένων Προσωπικού Χαρακτήρα) is the national Data Protection Authority for Cyprus. It resides2 KB (144 words) - 15:13, 1 December 2020
- The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) is the national Data Protection Authority for Netherlands. It resides in The Hague and4 KB (380 words) - 12:08, 1 July 2023
- The Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) is the national Data Protection Authority for Estonia. It resides in Tallinn and is2 KB (154 words) - 14:37, 1 December 2020
- the Information and Data Protection Commissioner (Office of the Information and Data Protection Commissioner) is the national Data Protection Authority4 KB (483 words) - 08:17, 12 July 2022
- The Data State Inspectorate (Datu valsts inspekcija, "DVI") is the national Data Protection Authority for Latvia and was established in 2001. It resides6 KB (544 words) - 04:39, 11 October 2022
- The European Data Protection Board (EDPB) coordinates the national data protection authorities. It replaces the previous Article 29 Working Party. All2 KB (207 words) - 14:56, 7 December 2023
- The Portuguese Data Protection Authority (Comissão Nacional de Protecção de Dados) is the national Data Protection Authority for Portugal. It resides in5 KB (531 words) - 13:25, 3 May 2023
- The European Data Protection Supervisor (EDPS) is the Data Protection Authority for European Union Institutions. The EDPS resides in Bruxelles and is in8 KB (1,078 words) - 12:58, 10 May 2024
- The Office for Personal Data Protection (Úřad pro ochranu osobních údajů) is the national Data Protection Authority for the Czech Republic. It resides5 KB (441 words) - 09:34, 17 September 2022
- The Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov) is the national Data Protection Authority for Slovakia9 KB (1,006 words) - 07:13, 7 July 2021
- The Data Protection Office (Valstybinė duomenų apsaugos inspekcija) is the national Data Protection Authority for Lithuania. It resides in Vilnius and2 KB (155 words) - 08:58, 17 November 2023
- the basic principles for data processing are mentioned. The third section contains provisions about specific situations of data processing. The provisions4 KB (363 words) - 22:01, 7 December 2020
- The Bulgarian Data Protection Authority (Комисия за защита на личните данни) is the national Data Protection Authority for Bulgaria. It resides in Sofia2 KB (158 words) - 14:35, 1 December 2020
- Bundesbeauftragte für den Datenschutz und die Informationsfreiheit) is the federal Data Protection Authority for Germany. It resides in Bonn and is in charge of3 KB (297 words) - 14:49, 1 December 2020
- (Berliner Beauftragte für Datenschutz und Informationsfreiheit) is the state Data Protection Authority for the German state of Berlin. It is in charge of enforcing2 KB (164 words) - 09:53, 18 May 2022
- GDPR and references data processing on which the GDPR shall be applicable (§ 2 NDSG). It is more specific to the German Federal Data Protection Act (Bu5 KB (465 words) - 08:57, 9 January 2024
- LVwVfG) unless there are rules in the Data Protection Act of Baden-Württemberg (Landesdatenschutzgesetz - LDSG), in the Data Protection Act for Judicial and4 KB (275 words) - 11:13, 8 May 2022
- Bavaria DPA (Bayerisches Landesamt für Datenschutzaufsicht) is the state Data Protection Authority for the German state of Bavaria. It is in charge of2 KB (174 words) - 13:49, 23 December 2021
- The State Data Protection Inspectorate (Datenschutzstelle) is the national Data Protection Authority for Liechtenstein. It resides in Vaduz and is in charge2 KB (153 words) - 09:41, 30 April 2024
- or Autoridad Catalana de Protección de Datos, in Spanish) is the regional Data Protection Authority for the Spanish autonomous region of Catalonia. It is3 KB (182 words) - 13:19, 15 September 2021
- own data protection law. In addition, some provisions of the Federal Data Protection Act apply. These include representation in the European Data Protection4 KB (372 words) - 10:45, 22 September 2021
- sector DPA (Bayerischer Landesbeauftragter für den Datenschutz) is the state Data Protection Authority for the public sector for the German state of Bavaria2 KB (169 words) - 15:54, 21 September 2021
- (Hessischer Beauftragter für Datenschutz und Informationsfreiheit) is the state Data Protection Authority for the German state of Hesse. It is in charge of enforcing2 KB (164 words) - 13:59, 28 June 2022
- den Datenschutz und die Informationsfreiheit Rheinland-Pfalz) is the state Data Protection Authority for the German state of Rhineland-Palatinate. It is2 KB (170 words) - 22:26, 7 December 2020
- The Saarland DPA (Unabhängiges Datenschutzzentrum Saarland) is the state Data Protection Authority for the German state of Saarland. It is charge of enforcing2 KB (160 words) - 14:50, 1 December 2020
- The Saxony DPA (Sächsische Datenschutzbeauftragte) is the state Data Protection Authority for the German state of Saxony. It is in charge of enforcing2 KB (160 words) - 22:28, 7 December 2020
- Datenschutz und Informationsfreiheit der Freien Hansestadt Bremen) is the state Data Protection Authority for the German state of Bremen. It is in charge of enforcing2 KB (167 words) - 22:24, 7 December 2020
- DPA (Landesbeauftragter für den Datenschutz Sachsen-Anhalt) is the state Data Protection Authority for the German state of Saxony-Anhalt. It is in charge2 KB (167 words) - 22:23, 7 December 2020
- (Landesbeauftragte für den Datenschutz Mecklenburg-Vorpommern) is the state Data Protection Authority for the German state of Mecklenburg-Vorpommern. It is2 KB (167 words) - 22:25, 7 December 2020
- (Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht) is the state Data Protection Authority for the German state of Brandenburg. It is in charge2 KB (168 words) - 22:22, 7 December 2020
- (Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein) is the state Data Protection Authority for the German state of Schleswig-Holstein. It is in2 KB (167 words) - 22:29, 7 December 2020
- Landesbeauftragte für den Datenschutz und die Informationsfreiheit) is the state Data Protection Authority for the German state of Thuringia. It is charge of enforcing2 KB (165 words) - 14:54, 1 December 2020
- or AVPD, Agencia Vasca de Protección de Datos, in Spanish) is the regional Data Protection Authority for the Spanish autonomous region of the Basque Country3 KB (195 words) - 13:21, 15 September 2021
- The Ålandic DPA (Datainspektionen på Åland, in Swedish) is the regional Data Protection Authority for Finland's autonomous region of Åland. It is in charge3 KB (209 words) - 14:42, 30 November 2021
- (Consejo de Transparencia y Protección de Datos de Andalucía) is the regional Data Protection Authority for the Spanish autonomous region of Andalusia. It is3 KB (211 words) - 09:58, 18 June 2021
- The Swedish Data Protection Authority (Integritetsskyddsmyndigheten - "IMY"), formerly Datainspektionen, is the national Data Protection Authority for4 KB (356 words) - 11:51, 20 October 2022
- CJEU - C-311/18 - Schrems II (redirect from CJEU - C-311/18 - Data Protection Commissioner v Facebook Ireland Limited and Maximillian Schrems)that regulation, any data subject is entitled to lodge where that data subject considers that the processing of his or her personal data infringes the regulation12 KB (1,780 words) - 17:22, 10 March 2022
- of the data subject could in particular override the interest of the data controller where personal data are processed in circumstances where data subjects182 KB (24,065 words) - 13:40, 9 July 2021
- The birthday of data protection law in Germany is 30 September 1970, the date on which the Hessian state parliament passed the Data Protection Act. On18 KB (1,831 words) - 13:49, 3 November 2022
- CJEU - C‑131/12 - Google Spain (section Scope of the data subject’s rights guaranteed by Directive 95/46)"that it has the power to require the withdrawal of data and the prohibition of access to certain data by the operators of search engines when it considers16 KB (2,423 words) - 13:03, 1 June 2023
- directive establishes a difference between the collection of “personal data” and other data. The Court referenced the earlier opinion of the AG, noting that6 KB (893 words) - 15:22, 24 March 2022
- for processing health data for research purposes. Among other aspects, the use of pseudonymised data is considered lawful, if the data is pseudonymised by15 KB (1,875 words) - 16:18, 13 July 2022
- that even if there had been a data transfer to Google LLC in the U.S., the transferred data do not qualify as personal data under Article 4(1) GDPR as they108 KB (17,097 words) - 13:52, 12 May 2023
- GDPR. It was ruled that there is no threshold for non-material damages for a data subject to receive compensation. The Austrian Postal Service (Österreichische5 KB (683 words) - 12:50, 28 June 2023
- the property owners have forwarded their personal data to a facility (server) for data storage and data processing belonging to the operator of the website13 KB (1,888 words) - 13:07, 1 June 2023
- controller to delete their data. Example: Not The data subject asked the controller to delete his or her data. On GDPRhub all cases are named by Court/DPA, a17 KB (2,510 words) - 13:56, 24 April 2023
- contact details of the data controller and, where applicable, the joint data controller, the data controller's representative and the data protection adviser;48 KB (7,442 words) - 10:24, 12 September 2022
- that since the data shared were associated with/included advertising ID provided by the mobile devices, the data at stake are personal data. The NO DPA referred18 KB (2,375 words) - 16:17, 6 December 2023
- controller to disclose the identity of specific recipients of personal data if the data subject requests it, unless the request is manifestly unfounded or8 KB (992 words) - 17:03, 4 February 2023
- transparency) a copy of data undergoing processing must reproduce data “fully and faithfully” in a manner that enables the data subject to exercise their3 KB (417 words) - 15:20, 8 May 2023
- concerning the processing of personal data by a German state agency with respect to a dynamic IP address of a data subject. Mr. Breyer accessed several9 KB (1,113 words) - 13:10, 1 June 2023
- area of personal data protection, and, in particular, the principles relating to the quality of such data and the criteria for making data processing legitimate6 KB (766 words) - 21:17, 5 March 2024
- protection of personal data and the free movement of such data; Considering the law n o 78-17 of January 6, 1978 relating to data processing, files and93 KB (14,936 words) - 17:09, 6 December 2023
- Diagnostic Data Lack of authority for Google to process personal data as data controller Lack of control over the way Google processes personal data Lack of117 KB (18,075 words) - 10:19, 12 September 2022
- the data subjects and therefore had not given rise to reporting a breach of personal data security to the Data Protection Authority, cf. the data protection75 KB (11,733 words) - 16:33, 21 August 2022
- provided a table that contained the personal data (name, date of birth, address data business functions of the data subject) in an aggregated form but refused51 KB (8,592 words) - 07:03, 2 November 2021
- encryption technology to protect personal data, so-called “data in rest" ("data at rest") in data centers, where user data is stored on a disk or backup media113 KB (12,773 words) - 15:20, 6 December 2023
- personal data of the employee, as well as personal data of the employee's children and other members of his/her family, if the provision of such data is necessary9 KB (1,215 words) - 16:58, 18 May 2021
- retention and erasure of personal data, and indicate how long such personal data is likely to be retained. Where personal data is processed in reliance of this14 KB (2,011 words) - 15:42, 25 November 2020
- section! You can help us fill this section! The Data Protection Authority (Datenschutzstelle) is the national data protection authority for Liechtenstein. →2 KB (111 words) - 08:57, 25 April 2024
- the processing of personal data for journalistic purposes. In particular, Article 137 of the Code provides that personal data, including those referred6 KB (757 words) - 13:53, 16 August 2022
- Communications) Regulations 2011) The Data Protection Commission (Data Protection Commission) is the national data protection authority for Ireland. → Details2 KB (166 words) - 10:38, 11 September 2020
- cookies constitutes personal data, The Norwegian Data Protection Authority will handle the complaint. The Norwegian Data Protection Authority handles8 KB (1,064 words) - 12:53, 23 June 2023
- help us fill this section! The Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) is the national data protection authority for Estonia. → Details2 KB (114 words) - 23:24, 14 January 2020
- fill this section! The Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto) is the national data protection authority for Finland. →2 KB (117 words) - 09:51, 24 April 2024
- the data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where those data have15 KB (2,180 words) - 08:23, 13 December 2023
- to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). An English16 KB (2,260 words) - 19:26, 30 November 2021
- whether Article 7(f) of DPD imposes an obligation on a Data Controller to disclose all the personal data necessary to start court proceedings against a person5 KB (749 words) - 12:58, 1 June 2023
- General Data Protection Regulation (GDPR) 2016/679 was enacted, it was transposed into national law through the Personal Data Act. The Personal Data Act is5 KB (427 words) - 15:48, 24 January 2022
- activities included the processing of tenants' personal data. The data handled included: proof of identity, data on health and social insurance, tax, and information7 KB (936 words) - 16:39, 12 December 2023
- when a data subject did not know about the specific recipients." "The DPA held that even the probability of political affiliations constitutes data revealing17 KB (2,638 words) - 11:18, 19 February 2024
- requested the data subject's consent to the fact that the data subject's health data from different health care units can be handed over to the data controller49 KB (7,496 words) - 14:44, 24 January 2024
- which the data controller is authorized to manage legally collected data, nor to determine that the can the latter data controller copy this data into a test49 KB (7,800 words) - 09:22, 5 January 2024
- and even if these data were to be qualified as personal data they would not qualify as special categories of personal data. Do data on a natural person's79 KB (12,652 words) - 09:41, 10 September 2021
- encryption technology to protect personal data, so-called “data in rest" ("data at rest") in data centers, where user data is stored on a disk or backup media131 KB (14,752 words) - 08:36, 5 July 2023
- encryption technology to protect personal data, so-called “data in rest" ("data at rest") in data centers, where user data is stored on a disk or backup media121 KB (13,722 words) - 15:16, 5 July 2023
- encryption technology to protect personal data, so-called “data in rest" ("data at rest") in data centers, where user data is stored on a disk or backup media115 KB (12,842 words) - 08:38, 5 July 2023
- persoonsgegevens established a stronger data protection by emphasizing individuals' rights over their personal data and giving the Dutch Data Protection Authority (DPA)7 KB (764 words) - 07:50, 6 May 2024
- No separate data protection law. Directive 95/46/EC was implemented by the Personal Data Protection Act (Закон за защита на личните данни), promulgated10 KB (1,440 words) - 08:54, 17 January 2020
- personal data of the applicants, not limited to criminal record but wide-ranging data from the data subject's police records, such as cases where data subject41 KB (6,555 words) - 08:37, 4 March 2024
- protection of personal data. In Cyprus the GDPR is implemented by the Data Protection Act (2018). According to Article 8 of the Data Protection Act (2018)6 KB (580 words) - 23:49, 18 January 2020
- protection of individuals from the processing of personal data. By this law the Hellenic Data Protection Authority was established. From 29.8.2019 this10 KB (1,037 words) - 14:52, 10 July 2020
- Databeskyttelsesloven (Data Protection Act). The age of consent is 13 years under § 6 of the Data Protection Act. According to § 3(8) of the Data Protection Act5 KB (582 words) - 17:53, 3 March 2020
- Sweden introduced one of the first data protection laws in the world in 1973 with the introduction of the Data Act (Datalagen). The supervisory authority7 KB (793 words) - 14:08, 1 October 2021
- Personvernnemnda (Norway) - 2018-14 (15/01355) (section Legal grounds for processing personal data about the users)the Article 29 Data Protection Working Party guidelines 225, number 2: «Does the data subject play a role in public life? Is the data subject a public144 KB (23,058 words) - 18:48, 5 March 2022
- Austria has passed the first data protection law in 1979 (BGBl I Nr. 565/1978). Directive 95/46/EC was implemented by the Data Protection Act 2000 (Datenschutzgesetz8 KB (721 words) - 09:32, 24 April 2024
- specifies the concrete form of the data (positive data) in a descriptive manner: "Positive data, i.e. personal data which do not contain payment experiences66 KB (9,990 words) - 12:30, 29 January 2024
- establishing the Data Protection Authority (BDPA Act). You can help us fill this section! In Belgium the GDPR is implemented by the Data Protection Act (2019)5 KB (503 words) - 10:13, 18 October 2020
- concept of personal data and the possibilities for processing and protection will be defined by the law. The same article reaffirms the data subjects' rights3 KB (332 words) - 13:31, 3 May 2023
- the Information and Data Protection Commissioner (Office of the Information and Data Protection Commissioner) is the national data protection authority2 KB (132 words) - 23:46, 14 January 2020
- to the data subjects when their data is processed. However, it is obvious, the AEPD, that Equifax did not notify all the data subjects which data were processing602 KB (102,229 words) - 14:21, 13 December 2023
- The Slovenian Constitution of 1991 guarantees the protection of personal data at the constitutional level and within the framework of guaranteed human4 KB (391 words) - 09:57, 17 May 2021
- National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság) is the national data protection authority2 KB (124 words) - 23:32, 14 January 2020
- can help us fill this section! The Icelandic Data Protection Authority (Persónuvernd) is the national data protection authority for Iceland. → Details see2 KB (116 words) - 23:33, 14 January 2020
- this section! The Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka) is the national data protection authority for Croatia.2 KB (117 words) - 10:43, 26 February 2020
- this section! The Luxemburg Data Protection Commission (Commission Nationale pour la Protection des Données) is the national data protection authority for2 KB (121 words) - 23:46, 14 January 2020
- You can help us fill this section! The Data State Inspectorate (Datu valsts inspekcija) is the national data protection authority for Latvia. → Details2 KB (123 words) - 23:45, 14 January 2020
- section! The Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov) is the national data protection authority for Slovakia2 KB (124 words) - 09:38, 24 April 2024
- can help us fill this section! The Data Protection Office (Valstybinė duomenų apsaugos inspekcija) is the national data protection authority for Lithuania2 KB (112 words) - 10:25, 15 October 2020
- fill this section! The Office for Personal Data Protection (Úřad pro ochranu osobních údajů) is the national data protection authority for the Czech Republic2 KB (123 words) - 00:01, 15 January 2020
- personal data and on the free movement of such data ; Having regard to the amended law n° 78-17 of 6 January 1978 relating to data processing, data files41 KB (6,558 words) - 17:09, 6 December 2023
- containing personal data, or is it limited to a copy of the patient's personal data, allowing the treating physician to decide how to compile the data concerning10 KB (1,478 words) - 11:17, 2 November 2023
- 9 July 2004. The French Data Protection Commission (Commission Nationale de l’Informatique et des Libertés) is the national data protection authority for10 KB (1,108 words) - 09:37, 29 September 2021
- CJEU - C-136/17 - GC and Others (redirect from CJEU - C-136/17 - GC and Others (de-referencing of sensitive data))request made by the data subject. Instead, in order to determine whether to remove links to pages that contain sensitive personal data, the search engine4 KB (438 words) - 14:23, 11 August 2022
- The CJEU ruled that the fear of a data subject over the possible misuse of their data from a data breach counts as a non-material damage and can lead to13 KB (1,963 words) - 11:04, 5 January 2024
- of the data subject could not be considered “freely given”. Firstly, there existed a clear imbalance of power between data controller and data subject53 KB (8,413 words) - 14:10, 30 January 2023
- 5 and 6 GDPR. Concerning specifically data of people other than the users, namely those data subjects whose data were collected on the internet, the DPA14 KB (2,049 words) - 07:46, 1 August 2023
- to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (general data protection regulation). IPAGE60 KB (9,144 words) - 16:17, 22 March 2022
- to a complete overview of all personal data, in a form that enables the data subject to inspect his or her data and to check that they are correct and14 KB (2,154 words) - 16:27, 10 March 2022
- infringement fee and the Data Inspectorate states that these are not emphasized by the Data Inspectorate. § 2 letter e. The Danish Data Protection Agency assessed31 KB (5,018 words) - 18:44, 5 March 2022
- regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)). The storage51 KB (8,215 words) - 09:55, 13 May 2022
- the applicable data protection law. The use of A's services violates applicable data protection law, as it is considered unlawful data processing pursuant62 KB (10,113 words) - 12:48, 17 August 2022
- third-party websites and apps (“off-Facebook data”) and links such data to the users’ accounts. The aggregate view of the data allows Meta to draw detailed conclusions8 KB (1,231 words) - 08:22, 6 July 2023
- 4624/2019, because of an unresolved data breach, which allowed unauthorised users to access citizens' personal data via URL manipulation. On 20 June 20239 KB (1,211 words) - 20:32, 8 January 2024
- 101/2000 with respect to the protection of personal data. In particular, he was found to be a data controller who used the camera system to collect information6 KB (580 words) - 13:05, 1 June 2023
- described as "processing of personal data". (46) "Personal data" is defined in Article 4 (1) and includes "any data relating to an identified or identifiable46 KB (7,024 words) - 06:18, 6 March 2022
- predictions about the political affiliation of a data subject does not itself constitute "special categories of data" under Article 9 GDPR. What is the relationship8 KB (611 words) - 16:12, 6 December 2023
- transmission of personal data to Facebook Ireland. Facebook Ireland also had a commercial benefit of processing such personal data. Thus, the fact that Fashion6 KB (492 words) - 13:09, 1 June 2023
- advised the data subject that it was likely that Wise was compliant with the UK GDPR, making clear that no further action would be taken. The data subject9 KB (1,191 words) - 08:44, 23 January 2024
- an infringement? (2) In the event that the data subject – in whose opinion the processing of personal data relating to him has infringed the GDPR – simultaneously9 KB (1,308 words) - 12:54, 28 June 2023
- to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation, hereinafter8 KB (1,156 words) - 16:56, 12 December 2023
- processing of personal data and the free movement of such data, and repealing Directive 95/46 / EC (general regulation on data protection), hereinafter19 KB (2,707 words) - 16:50, 12 December 2023
- Deputy Data Protection Commissioner and Sanctions Board Thing The data subject's right to have access to data ("right of inspection"), informing data subjects52 KB (7,936 words) - 22:32, 2 March 2024
- the protection of personal data to the data subject. The storage of personal data cannot be justified by the fact that the data subject may later exercise77 KB (12,352 words) - 07:20, 23 April 2024
- of the data subject by using the right to inspect the data subject's own data referred to in Article 15 of the Data Protection Regulation. The Data Protection73 KB (11,237 words) - 05:34, 21 July 2022
- personal data. The General Data Protection Regulation has been applied since May 25, 2018, and the Personal Data Act has been repealed by the Data Protection60 KB (9,117 words) - 14:46, 24 January 2024
- of the General Data Protection Regulation to comply with the initiator's request for access to data insofar as it concerns data whose data controller is22 KB (3,193 words) - 10:34, 29 February 2024
- movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), [in:] General Data Protection Regulation. Personal Data Protection58 KB (9,357 words) - 10:02, 17 November 2023
- freedoms of the data subjects. Since Intervare has not already informed the data subjects of the breach of the personal data security, the Data Inspectorate24 KB (3,365 words) - 16:37, 6 December 2023
- default data would be unreasonable from the point of view of the data subjects. It is not reasonable for the data controller to gain access to the data subject's41 KB (6,133 words) - 10:29, 25 March 2024
- expression of the data subject, by which the data subject, by declaration or clear confirmation, agrees that personal data relating to the data subject is made65 KB (9,767 words) - 16:22, 6 December 2023