Search results
From GDPRhub
- Article 5 GDPR (section (c) Data minimisation)Outdated personal data is a subset of inaccurate personal data, as the data became inaccurate over time. The consequences for data subjects can be very51 KB (6,355 words) - 08:25, 18 April 2024
- of the data subject could in particular override the interest of the data controller where personal data are processed in circumstances where data subjects108 KB (17,005 words) - 15:39, 18 March 2024
- personal data are collected from the data subject, the data subject should also be informed whether he or she is obliged to provide the personal data and of76 KB (11,304 words) - 08:37, 4 March 2024
- Article 4 GDPR (section (1) Personal data)as such, covered by the GDPR. Personal data is often contrasted with 'anonymous' data. Anonymous data is data relating to a person that is not identifiable125 KB (16,328 words) - 16:01, 8 March 2024
- require the controller to comunicate a personal data breach to a data subject, if it considers that the data breach is resulting in a high risk. The order46 KB (5,825 words) - 11:12, 7 November 2023
- Article 32 GDPR (section (c) Ability to restore availability and access to personal data in a timely manner)where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are41 KB (5,197 words) - 12:17, 17 April 2024
- Article 15 GDPR (section Passive ex-post information about the personal data of the specific data subject)provided by the data subject (e.g. account data submitted via forms, answers to a questionnaire); observed data or raw data provided by the data subject by73 KB (9,896 words) - 15:46, 18 March 2024
- Article 13 GDPR (section (1) Information the controller shall provide at the time personal data is obtained)provided where personal data are collected from the data subject 1. Where personal data relating to a data subject are collected from the data subject, the controller71 KB (9,532 words) - 13:30, 6 March 2024
- office is in Madrid. The requirement to have a data protection authority stems from Article 44 of the Spanish Data Protection Act, which is the national act4 KB (386 words) - 15:29, 3 September 2021
- applies to personal data which concerns the data subject. This primarily includes the data subject's own personal data, including profiling data, and not those61 KB (8,488 words) - 15:47, 18 March 2024
- Article 9 GDPR (section (e) Related to personal data which are manifestly made public by the data subject)processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural44 KB (5,905 words) - 14:00, 24 October 2023
- Articles 5, 6, 7 and 9; (b) the data subjects' rights pursuant to Articles 12 to 22; (c) the transfers of personal data to a recipient in a third country55 KB (7,622 words) - 14:04, 7 November 2023
- Article 25 GDPR (section Designed to implement data-protection principles in an effective manner and protecting data subjects' rights and freedoms)of data protection by design and data protection by default. Such measures could consist, inter alia, of minimising the processing of personal data, pseudonymising43 KB (4,675 words) - 06:43, 16 June 2023
- Article 14 GDPR (section (1) Information the controller shall provide when personal data has not been obtained from the data subject)provided where personal data have not been obtained from the data subject 1. Where personal data have not been obtained from the data subject, the controller47 KB (5,644 words) - 17:49, 5 March 2024
- that the data is first processed. However, if data is collected directly from the data subject, Article 13(2)(b) GDPR requires that the data subject will49 KB (5,993 words) - 06:22, 16 June 2023
- Article 24 GDPR (section (2) Data protection policies)where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data; where personal data are30 KB (3,458 words) - 10:31, 25 April 2024
- corrective measures requested, as well as the identification of the data controller or data processor, where known. If possible, the complaint shall contain7 KB (808 words) - 08:17, 16 February 2023
- shall be able to demonstrate that the data subject has consented to processing of his or her personal data. 2. If the data subject's consent is given in the31 KB (3,489 words) - 16:00, 8 March 2024
- inform the affected data subjects. The EDPB emphasizes that a data breach is ultimately a matter of data security directly affecting the data subjects' interests54 KB (6,536 words) - 08:22, 16 June 2023
- Article 28 GDPR (section (e) Assisting with the controller's obligation to respond to data subject's requests)security measures, compliance with data retention requirements, data location, data transfers, data access, recipients of data, use of sub-processors, and other72 KB (9,140 words) - 13:12, 2 June 2023