gydeline

Right of Access

Context: A fundamental, under-pining concept for the GDPR (outlined in Article 15) is that personal data is the property of the individual. This ownership is enshrined in the right of access which gives the individual the ability to see how, where and why data about them is processed.

Joint Controllers

Context: The GDPR recognises that there will be situations where there are 2 or more ‘joint’ controllers. All controllers have a responsibility to ensure that the requirements of GDPR are delivered. Where  this situation exists the regulation requires that arrangements are transparent and made available to the data subject.

Data Breach

Context: The GDPR acknowledges that data breaches can and do occur. It seeks to have processes and controls put in place to minimise the possibility of a breach, but when there is a breach to minimise the impact and to ensure that those affected are kept informed.