Privacy and Data Protection based on the GDPR. Leo Besemer
Where the GDPR refers to “Member States”, the Member States of the EEA are meant. This was confirmed in The DECISION of the EEA Joint Committee No 154/2018 of 6 July 2018.
13 Judgment of the Court of 6 November 2003 in CASE C-101/01 (https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:62001CJ0101&from=EN)
14 As confirmed in Decision of the EEA Joint Committee No 154/2018 of 6 July 2018.
PART II | Principles and practice of processing
You might have the idea that there are two sides to the story, on the one hand the individuals whose personal data we are talking about – the “data subjects” in terms of the GDPR, and on the other those who need to use the personal data of these individuals.
In practice, there are more roles in processing, and in most cases it is not “us against them”, but a mutual interest. At least, it should be, and if it is not we will come back to this in Chapter 5 (on the rights of the data subject) and in Chapter 12 (on the role of the supervisory authorities).
In this part we will look into the roles of the people and organizations processing personal data. What makes you a controller, responsible (and accountable!) for compliance to the GDPR. What are the role and responsibilities of a data protection officer?
We will then look into the principles of processing as defined by the GDPR. Or rather, as defined in international treaties over 50 years ago. Part of this are the lawful grounds for processing. At least one of those grounds must apply for the processing to be legitimate.
Chapter 5 is about the rights of individuals whose personal data is being processed, namely the data subjects. Nothing new, in fact, except that with the entry into force of the GDPR these rights are really being enforced. The rest of this Part II is devoted to the practical side of things. How can you build a mature organization, able to govern the use of personal data in a responsible and secure manner? Which technical means are available to gather data, and how does that relate to the GDPR?
Конец ознакомительного фрагмента.
Текст предоставлен ООО «ЛитРес».
Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.