Privacy and Data Protection based on the GDPR. Leo Besemer
rel="nofollow" href="#ulink_c2e2cbf0-4599-55b7-931b-15dc92383085">5.5.3 Refusing a request
5.5.5 Conditions for compliance
5.6.1 Concepts addressed in the right to portability
5.6.2 Timing of the response to a request
5.6.4 Conditions for compliance
5.7.1 Timing of the response to a request
5.7.3 Conditions for compliance
5.8 Rights related to automated decision-making, including profiling
5.8.1 The concepts of profiling and automated decision-making
5.8.2 Legitimate use of profiling and/or automated decision-making
5.8.3 Conditions for compliance
5.9 Right to lodge a complaint with a supervisory authority
6.1.1 Understanding the data streams
6.1.2 Data lifecycle management (DLM)
6.2.2 Contents of an audit plan
7 Processing and the online world
7.1 The use of personal data in marketing
7.1.1 Cookies – the technical view
7.1.2 Cookies - the privacy perspective
7.1.3 The price of “free” services
7.1.5 Automated decision-making
7.2 Big data, artificial intelligence and machine learning
7.2.2 AI challenges regarding GDPR compliance
7.3 Interplay between GDPR and ePrivacy Directive
PART III | International data transfers
8 Cross-border transfers within the EEA
8.1 The concept of data transfer
8.2.1 Identifying the lead supervisory authority
8.2.2 Processing across different jurisdictions
9 Cross-border transfers outside the EEA
9.1 Transfers on the basis of an adequacy decision
9.2 Transfers subject to appropriate safeguards
9.3 Binding corporate rules (BCR)
9.4 Standard Contractual Clauses (SCCs)
9.5 Transfers or disclosures not authorized by Union law
PART IV | Risk assessment and mitigation
10 Data Protection Impact Assessment (DPIA) and prior consultation