Search results

of the personal data, in particular whether special categories of personal data are processed, pursuant to Article 9, or whether personal data related

special categories of personal data (Article 9 GDPR); personal data relating to criminal convictions and offences (Article 10 GDPR); data knowingly and actively

is no longer possible. Encrypted personal data are pseudonymised personal data and thus still personal data (see Article 4, point 5 of the General Regulation)

Article 13: Information to be provided where personal data are collected from the data subject 1. Where personal data relating to a data subject are collected

of data protection by design and data protection by default. Such measures could consist, inter alia, of minimising the processing of personal data, pseudonymising

the Greek Data Protection Act 2019, the ePrivacy Directive implementation law and other provisions regarding the protection of personal data. It was first

independent data protection supervision and should provide for cooperation mechanisms with the Member States' data protection authorities, and the data subjects

processing the personal data of the data subject's request. Article 17 confers upon the data subject the right to have their personal data erased, however

necessary requirements to ensure the protection of personal data of the data subjects concerned referred to in Article 47; (j) issue guidelines, recommendations

exist before. Article 8 introduces a new fundamental right to data protection, which reads as follows: Article 8 Protection of personal data 1.   Everyone

how the personal data is processed; You have entrusted the processing of personal data to an external organisation to process the personal data on your

Example: The Austrian Data Protection Act ('Datenschutzgesetz') regulates the use of personal data by journalists in § 9 Data Protection Act, as made possible

disclosure of, or access to, personal data transmitted, stored or otherwise processed; 13. ‘genetic data’ means personal data relating to the inherited or

of the controller, return or delete the personal data, unless there is a requirement to store the personal data under Union or Member State law to which

to carry out a data protection impact assessment from Article 35 GDPR or the obligation to designate a data protection officer from Article 37 GDPR. The

related to the protection of personal data in the Union, including advice regarding proposed amendments to the GDPR (pursuant to Article 70(1)(b) GDPR)

unlike delegated acts made under Article 92 GDPR. Article 93(2) GDPR explicitly provides for the application of Article 5 of Regulation (EU) No 182/2011

if the SA is 'concerned' by the processing of personal data under Article 4(22)(6) or (c) (i.e. when data subjects are substantially affected or a complaint

General Data Protection Regulation (GDPR), Article 76 GDPR, p. 1111-1112 (Oxford University Press 2020). Docksey, in Kuner et al., The EU General Data Protection

and in particular their right to the protection of personal data and to ensure the free movement of personal data within the Union, the power to adopt

Austrian Data Protection Act (Datenschutzgesetz - DSG) sets a penalty of €50,000 for, inter alia, (1) intentionally obtaining illegal access to personal data

accordance with Article 42(5); (g) to adopt standard data protection clauses referred to in Article 28(8) and in point (d) of Article 46(2); (h) to authorise

commentary to Article 60 GDPR, Article 61 GDPR, Article 62 GDPR, Article 63 GDPR, Article 64 GDPR, Article 65 GDPR, Article 66 GDPR and Article 56 GDPR. The

identify the purpose of personal data processing for scientific research purposes at the time of data collection. Therefore, data subjects should be allowed

if the data subject considers that the processing of personal data relating to them infringes the GDPR. The right to file a complaint under Article 77(1)

mechanisms and data protection seals and marks should be encouraged, allowing data subjects to quickly assess the level of data protection of relevant products

processing, on a large scale, of special categories of personal data or the processing of personal data relating to criminal convictions and offences, and

dispute resolution mechanism under Article 65 GDPR in connection with Article 63 GDPR is triggered (Article 60 (4) GDPR). Article 60(2) GDPR clarifies that also

persons in relation to the processing of their personal data and to facilitate the free flow of personal data within the internal market. For that purpose

Article 68 - European Data Protection Board 1. The European Data Protection Board (the ‘Board’) is hereby established as a body of the Union and shall

this article. → You can find all related decisions in Category:Article 48 GDPR Kuner, in Kuner, Bygrave, Docksey, The EU General Data Protection Regulation

period for which the personal data are processed, the recipients of the personal data, the logic involved in any automatic personal data processing and, at

referred to in Article 64. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 93(2). Recital

should replace the Working Party on the Protection of Individuals with Regard to the Processing of Personal Data established by Directive 95/46/EC. It should

under Article 30(1) GDPR, documenting personal data breaches under Article 33(5) GDPR or performing a data protection impact assessment under Article 35 GDPR)

processing of genetic data, biometric data or data concerning health. Article 9(1) GDPR provides a list of special categories of personal data whose processing

mechanisms and data protection seals and marks should be encouraged, allowing data subjects to quickly assess the level of data protection of relevant products

not affected by Article 11 GDPR. Article 11 GDPR applies when “personal data do not or do no longer require the identification of a data subject”. One could

categories of data as referred to in Article 9(1) or processing of personal data relating to criminal convictions and offences referred to in Article 10" on a

restrictions. Article 16 gives data subjects the right to have incomplete personal data completed. Whether data is incomplete within the meaning of Article 16 GDPR

general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design

Fundamental Rights The processing of personal data should be designed to serve mankind. The right to the protection of personal data is not an absolute right; it

Article 39 - Tasks of the data protection officer 1. The data protection officer shall have at least the following tasks: (a) to inform and advise the

the personal data of deceased persons. Member States may provide for rules regarding the processing of personal data of deceased persons. Article 2 GDPR

the processing of personal data, such as the legal grounds for processing or data protection principles. The European Data Protection Board established

(iii) has been fined under Article 83 GDPR or (iv) is subject to a penalty under Article 84 GDPR. If a data subject’s personal data is otherwise affected by

Article 34 - Communication of a personal data breach to the data subject 1. When the personal data breach is likely to result in a high risk to the rights

security measures, compliance with data retention requirements, data location, data transfers, data access, recipients of data, use of sub-processors, and other

where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are

under Article 30 GDPR, to carry out a data protection impact assessment under Article 35 GDPR, or to designate a data protection officer under Article 37