Under the General Data Protection Regulation (GDPR), the controllers must determine the legal basis for each purpose of data processing operations carried out under its responsibility (i.e. data processing carried out either by itself or by its processor). The different
Data Protection by Design and by Default
Data Protection by design and by default are principles defined in article 25 of the General Data Protection Regulation (GDPR). Data protection by design requires the controller to take technical and organisational measures to implement the data protection principles effectively and
The Privacy Principles
Under the EU general data protection regulation (GDPR), any data processing activities must be compliant with six privacy principles, which are the cornerstone of the european privacy regulation and most international privacy laws. Being familiar with the privacy principles also
Controller or Processor?
Where more than one party are involved in the same personal data processing operations, the first question to answer is: are they acting as a controller or a processor? Indeed, all their GDPR obligations and responsibilities in respect of the
Does GDPR apply to your business?
The territorial scope of the new data protection regulation applicable from May 2018 (GDPR) is much wider than the one of the current directive 95/46/CE. As a consequence, the new data protection rules may apply to any business whether or