Category: Uncategorized

Recital 74 – Responsibility and liability of the controller

Recital 74 Responsibility and liability of the controller The responsibility and liability of the controller for any processing of personal data carried out by the controller or on the…

Read more 0 comments

Recital 76 – Risk assessment

Recital 76 Risk assessment The likelihood and severity of the risk to the rights and freedoms of the data subject should be determined by reference to the nature, scope,…

Read more 0 comments

Recital 77 – Risk assessment guidelines

Recital 77 Risk assessment guidelines Guidance on the implementation of appropriate measures and on the demonstration of compliance by the controller or the processor, especially as regards the identification…

Read more 0 comments

Recital 78 – Appropriate technical and organisational measures

Recital 78 Appropriate technical and organisational measures The protection of the rights and freedoms of natural persons with regard to the processing of personal data require that appropriate technical…

Read more 0 comments

Recital 62 – Exceptions to the obligation to provide information

Recital 62 Exceptions to the obligation to provide information However, it is not necessary to impose the obligation to provide information where the data subject already possesses the information,…

Read more 0 comments

Recital 80 – Designation of a representative

Recital 80 Designation of a representative Where a controller or a processor not established in the Union is processing personal data of data subjects who are in the Union…

Read more 0 comments

Recital 63 – Right of access

Recital 63 Right of access A data subject should have the right of access to personal data which have been collected concerning him or her, and to exercise that…

Read more 0 comments

Recital 81 – The use of processors

Recital 81 The use of processors To ensure compliance with the requirements of this Regulation in respect of the processing to be carried out by the processor on behalf…

Read more 0 comments

Recital 64 – Identity verification

Recital 64 Identity verification The controller should use all reasonable measures to verify the identity of a data subject who requests access, in particular in the context of online…

Read more 0 comments

Recital 65 – Right of rectification and erasure

Recital 65 Right of rectification and erasure A data subject should have the right to have personal data concerning him or her rectified and a ‘right to be forgotten’…

Read more 0 comments

Recital 66 – Right to be forgotten

Recital 66 Right to be forgotten To strengthen the right to be forgotten in the online environment, the right to erasure should also be extended in such a way…

Read more 0 comments

Recital 49 – Network and information security as overriding legitimate interest

Recital 49 Network and information security as overriding legitimate interest The processing of personal data to the extent strictly necessary and proportionate for the purposes of ensuring network and…

Read more 0 comments

Recital 50 – Further processing of personal data

Recital 50 Further processing of personal data The processing of personal data for purposes other than those for which the personal data were initially collected should be allowed only…

Read more 0 comments

Recital 51 – Protecting sensitive personal data

Recital 51 Protecting sensitive personal data Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of…

Read more 0 comments

Recital 52 – Exceptions to the prohibition on processing special categories of personal data

Recital 52 Exceptions to the prohibition on processing special categories of personal data Derogating from the prohibition on processing special categories of personal data should also be allowed when…

Read more 0 comments

Recital 53 – Processing of sensitive data in health and social sector

Recital 53 Processing of sensitive data in health and social sector Special categories of personal data which merit higher protection should be processed for health-related purposes only where necessary…

Read more 0 comments

Recital 54 – Processing of sensitive data in public health sector

Recital 54 Processing of sensitive data in public health sector The processing of special categories of personal data may be necessary for reasons of public interest in the areas…

Read more 0 comments

Recital 57 – Additional data for identification purposes

Recital 57 Additional data for identification purposes If the personal data processed by a controller do not permit the controller to identify a natural person, the data controller should…

Read more 0 comments

Recital 58 – The principle of transparency

Recital 58 The principle of transparency The principle of transparency requires that any information addressed to the public or to the data subject be concise, easily accessible and easy…

Read more 0 comments

Recital 59 – Procedures for the exercise of the rights of the data subjects

Recital 59 Procedures for the exercise of the rights of the data subjects Modalities should be provided for facilitating the exercise of the data subject’s rights under this Regulation,…

Read more 0 comments

Recital 60 – Information obligation

Recital 60 Information obligation The principles of fair and transparent processing require that the data subject be informed of the existence of the processing operation and its purposes. The…

Read more 0 comments

Recital 42 – Burden of proof and requirements for consent

Recital 42 Burden of proof and requirements for consent Where processing is based on the data subject’s consent, the controller should be able to demonstrate that the data subject…

Read more 0 comments

Recital 61 – Time of information

Recital 61 Time of information The information in relation to the processing of personal data relating to the data subject should be given to him or her at the…

Read more 0 comments

Recital 43 – Freely given consent

Recital 43 Freely given consent In order to ensure that consent is freely given, consent should not provide a valid legal ground for the processing of personal data in…

Read more 0 comments

Recital 45 – Fulfillment of legal obligations

Recital 45 Fulfillment of legal obligations Where processing is carried out in accordance with a legal obligation to which the controller is subject or where processing is necessary for…

Read more 0 comments