Search results
From GDPRhub
- Article 5 GDPR (section (c) Data minimisation)Outdated personal data is a subset of inaccurate personal data, as the data became inaccurate over time. The consequences for data subjects can be very51 KB (6,355 words) - 08:25, 18 April 2024
- of the data subject could in particular override the interest of the data controller where personal data are processed in circumstances where data subjects108 KB (17,005 words) - 15:39, 18 March 2024
- personal data are collected from the data subject, the data subject should also be informed whether he or she is obliged to provide the personal data and of76 KB (11,304 words) - 08:37, 4 March 2024
- Article 4 GDPR (section (1) Personal data)as such, covered by the GDPR. Personal data is often contrasted with 'anonymous' data. Anonymous data is data relating to a person that is not identifiable125 KB (16,328 words) - 16:01, 8 March 2024
- require the controller to comunicate a personal data breach to a data subject, if it considers that the data breach is resulting in a high risk. The order46 KB (5,825 words) - 11:12, 7 November 2023
- Article 32 GDPR (section (c) Ability to restore availability and access to personal data in a timely manner)where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are41 KB (5,197 words) - 12:17, 17 April 2024
- Article 15 GDPR (section Passive ex-post information about the personal data of the specific data subject)provided by the data subject (e.g. account data submitted via forms, answers to a questionnaire); observed data or raw data provided by the data subject by73 KB (9,896 words) - 15:46, 18 March 2024
- Article 13 GDPR (section (1) Information the controller shall provide at the time personal data is obtained)provided where personal data are collected from the data subject 1. Where personal data relating to a data subject are collected from the data subject, the controller71 KB (9,532 words) - 13:30, 6 March 2024
- office is in Madrid. The requirement to have a data protection authority stems from Article 44 of the Spanish Data Protection Act, which is the national act4 KB (386 words) - 15:29, 3 September 2021
- applies to personal data which concerns the data subject. This primarily includes the data subject's own personal data, including profiling data, and not those61 KB (8,488 words) - 15:47, 18 March 2024
- Article 9 GDPR (section (e) Related to personal data which are manifestly made public by the data subject)processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural44 KB (5,905 words) - 14:00, 24 October 2023
- Articles 5, 6, 7 and 9; (b) the data subjects' rights pursuant to Articles 12 to 22; (c) the transfers of personal data to a recipient in a third country55 KB (7,622 words) - 14:04, 7 November 2023
- Article 25 GDPR (section Designed to implement data-protection principles in an effective manner and protecting data subjects' rights and freedoms)of data protection by design and data protection by default. Such measures could consist, inter alia, of minimising the processing of personal data, pseudonymising43 KB (4,675 words) - 06:43, 16 June 2023
- Article 14 GDPR (section (1) Information the controller shall provide when personal data has not been obtained from the data subject)provided where personal data have not been obtained from the data subject 1. Where personal data have not been obtained from the data subject, the controller47 KB (5,644 words) - 17:49, 5 March 2024
- that the data is first processed. However, if data is collected directly from the data subject, Article 13(2)(b) GDPR requires that the data subject will49 KB (5,993 words) - 06:22, 16 June 2023
- Article 24 GDPR (section (2) Data protection policies)where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are30 KB (3,458 words) - 10:31, 25 April 2024
- corrective measures requested, as well as the identification of the data controller or data processor, where known. If possible, the complaint shall contain7 KB (808 words) - 08:17, 16 February 2023
- shall be able to demonstrate that the data subject has consented to processing of his or her personal data. 2. If the data subject's consent is given in the31 KB (3,489 words) - 16:00, 8 March 2024
- inform the affected data subjects. The EDPB emphasizes that a data breach is ultimately a matter of data security directly affecting the data subjects' interests54 KB (6,536 words) - 08:22, 16 June 2023
- Article 28 GDPR (section (e) Assisting with the controller's obligation to respond to data subject's requests)security measures, compliance with data retention requirements, data location, data transfers, data access, recipients of data, use of sub-processors, and other72 KB (9,140 words) - 13:12, 2 June 2023
- personal data; Recommendations relating to social, economical and technological developments that can impact on the processing of personal data. Headed9 KB (993 words) - 07:10, 28 July 2022
- persons based on profiling those data or following the processing of special categories of personal data, biometric data, or data on criminal convictions and52 KB (7,297 words) - 08:05, 18 July 2023
- personal data in compliance with GDPR. This can be done by ordering return of data to the EU/EEA, banning future processing of respective data outside the60 KB (7,796 words) - 20:12, 1 April 2024
- where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are33 KB (4,215 words) - 09:57, 19 March 2024
- Article 2 GDPR (section Personal data)the GDPR, this also includes so-called 'pseudonymised data'. However, truly anonymous data and data not relating to a person is not regulated by the GDPR34 KB (4,652 words) - 12:07, 12 November 2023
- controller, or processor must have processed the personal data of the data subject. Consequently, if no data processing has ever occurred, there is obviously no33 KB (3,641 words) - 09:51, 19 March 2024
- because data subjects residing on their territory are substantially affected, or because a complaint has been lodged with them. Also where a data subject35 KB (4,017 words) - 16:04, 18 March 2024
- Article 34 - Communication of a personal data breach to the data subject 1. When the personal data breach is likely to result in a high risk to the rights37 KB (3,962 words) - 15:20, 16 June 2023
- Datatilsynet (Denmark) (section Data Council)The Danish Data Protection Authority (Datatilsynet) is the national Data Protection Authority for Denmark. It resides in Copenhagen and is in charge of6 KB (605 words) - 14:08, 27 April 2021
- processing of personal data is carried out at that location. The presence and use of technical means and technologies for processing personal data or processing55 KB (7,446 words) - 22:28, 1 April 2024
- personal data are collected from the data subject, the data subject should also be informed whether he or she is obliged to provide the personal data and of31 KB (4,768 words) - 06:24, 16 June 2023
- activities shall describe the categories of data subjects and the categories of personal data. Examples of categories of data subjects are "website visitors", "clinic31 KB (3,327 words) - 15:31, 5 June 2023
- access to data by the third country’s authorities, because contractual guarantees, such as the standard data protection clauses agreed between the data exporter34 KB (3,646 words) - 08:53, 27 March 2023
- special categories of personal data and data relating to criminal convictions and offences, a person with expert knowledge of data protection law and practices43 KB (4,904 words) - 12:59, 21 July 2023
- personal data, the right to data portability, the right to object, decisions based on profiling, as well as the communication of a personal data breach to44 KB (4,896 words) - 06:25, 16 June 2023
- Principles of Data Processing Any processing of personal data should be lawful and fair. It should be transparent to natural persons that personal data concerning23 KB (2,489 words) - 23:24, 6 March 2024
- Authority for Personal Data Processing (Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal) is the national Data Protection Authority3 KB (270 words) - 08:26, 2 April 2021
- The Hellenic Data Protection Authority (Αρχή προστασίας δεδομένων προσωπικού χαρακτήρα) is the national Data Protection Authority for Greece. It resides23 KB (2,039 words) - 08:15, 25 April 2024
- special categories of personal data and data relating to criminal convictions and offences, a person with expert knowledge of data protection law and practices29 KB (2,951 words) - 14:19, 25 July 2023
- specific national rules on data protection, such as on special categories of data (Article 9 GDPR) or human resources data (Article 88 GDPR). It is not35 KB (3,971 words) - 21:34, 1 April 2024
- Article 18 GDPR (section (b) Processing is unlawful, data should be erased, but the data subject opposes the erasure)preventing the data controller from erasing the personal data. The data subjects may want to oppose the erasure of their personal data for different reasons32 KB (3,730 words) - 08:43, 7 March 2024
- Article 10: Processing of personal data relating to criminal convictions and offences Processing of personal data relating to criminal convictions and17 KB (1,768 words) - 15:41, 18 March 2024
- their personal data in non-compliance with the GDPR. Article 79 GDPR is a data subject right. Resultantly, the plaintiff must be a data subject within31 KB (3,550 words) - 11:11, 29 November 2023
- new challenges for the protection of personal data. The scale of the collection and sharing of personal data has increased significantly. Technology allows21 KB (1,831 words) - 08:51, 27 March 2023
- unduly burdened by data protection rules. Article 85(1) GDPR sets out a legal framework to reconcile the data subject’s right to data protection with the33 KB (3,748 words) - 14:25, 7 November 2023
- General Data Protection Regulation (GDPR) 2016/679 was enacted, it was transposed into national law through the Data Protection Act 2018. The Data Protection18 KB (2,488 words) - 15:22, 14 December 2021
- or services to data subjects in the Union. Recital 24: Applicable if Monitoring EU Data Subjects The processing of personal data of data subjects who are37 KB (4,635 words) - 13:29, 24 October 2023
- freedoms of data subjects pursuant to this Regulation; (d) where applicable, the contact details of the data protection officer; (e) the data protection31 KB (3,646 words) - 08:51, 21 July 2023
- The Icelandic Data Protection Authority (Persónuvernd) is the national Data Protection Authority for Iceland. It resides in Reykjavík and is in charge2 KB (139 words) - 15:11, 1 December 2020
- Office of the Data Protection Ombudsman is headed by the Data Protection Ombudsman (tietosuojavaltuutettu / dataombudsman) and two Deputy Data Protection5 KB (492 words) - 18:09, 19 March 2024