Under the EU general data protection regulation (GDPR), any data processing activities must be compliant with six privacy principles, which are the cornerstone of the european privacy regulation and most international privacy laws. The privacy principles are set out in
Under the General Data Protection Regulation (GDPR), any person (including organisations) handling personal data is subject to a different level of obligations and responsibilities with regard to the personal data processing operations they carry out depending on whether they are acting as a processor, a controller or a joint controller.
Indeed, all their GDPR obligations and responsibilities stem from their role and may, as a result, differ greatly. In broad words, controllers bear most responsibilities while processors must only act under the instructions of the controller and therefore, bear much less responsibility on its shoulders.
The territorial scope of the new data protection regulation applicable from May 2018 (GDPR) is much wider than the one of the current directive 95/46/CE. As a consequence, the new data protection rules may apply to any business whether or
The General Data Protection Regulation (“GDPR”) is a European regulation applicable since May 25, 2018. It replaces the directive 95/46/EC with the aim to strengthen the protection of individuals’ personal information. What is the purpose of the GDPR? With the