Child pages
  • GDPR Guidance and Interpretation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

What this means (guidance for organisationsorganizations):

The right to be informed encompasses your obligation to provide ‘fair processing information’, typically through a privacy notice. It emphasises emphasizes the need for transparency over how you use personal data.

What this means (guidance for individuals):

The individual has You have the ability to ask the data controller, who is obligation obligated to provide ‘fair processing information’ to them, typically through a simple to understand privacy notice. Emphasizing the requirement to be Being clear over how their your personal data is used.

Examples: (individuals)

A person goes to a website and doesn't completely understand the privacy notice, they contact the person responsible for understanding what will happen to their data. This person then explains in simpler terms what will happen to the data, why it is being collected. etc...

2) The right to access

What this means (guidance for organisationsorganizations)

Under the GDPR, individuals will have the right to obtain:

...

What this means (guidance for individuals):

Individuals will have the right to obtain: what personal data is being used, allow who is allowed access to such data and other related information in the privacy notice.

These are similar to existing subject access rights under the DPA Data Protection Act).

Examples: (individuals)

A person has shared data and has forgotten why.  

3)   The right to rectification

What this means (guidance for organisationsorganizations):

Individuals are entitled to have personal data rectified if it is inaccurate or incomplete.

...

If personal data is not correct or complete, indivduals individuals have the ability to have it corrected.

Examples: (individuals)

You go to a website whose main purpose is collecting public data about you and notice some of the information is not correct, by contacting the company and alerting them they must correct the data in a timely fashion. 

4)   The right of Erasure

What this means (guidance for organisationsorganizations):

The right to erasure is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.

What this means (guidance for individuals):

Individuals are empowered to request personal data to be deleted and removed, it is also known as ‘the right to be forgotten’. This broad principle Principally underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing, when not bound by a legal restriction.

Examples: (individuals)

You've been sharing data with a known entity deciding you wish to no longer be associated with this entity in any way whatsoever. You contact them and request they remove all and any personal data regarding your relationship with them. They, in turn, delete this information as long as they are not legally bound by some other jurisdiction and or law.

5)   The right to restrict processing

What this means (guidance for organisationsorganizations):

Under the DPA, individuals have a right to ‘block’ or suppress processing of personal data. The restriction of processing under the GDPR is similar.

...

What this means (guidance for organisationsorganizations):

The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.

...

Individuals are permitted to downlaod download a copy of thier their personal data and easily use it in another way, without hindrance to usability.

...

What this means (guidance for organisationsorganizations):

Individuals have the right to object to:

...

Individuals can stop the use of thier their personal data via a request.

...

What this means (guidance for organisationsorganizations):

The GDPR provides safeguards for individuals against the risk that a potentially damaging decision is taken without human intervention. These rights work in a similar way to existing rights under the DPA.

...

Individuals are protected by safeguards against the risk of potentially damaged damaging outcomes were taken without any human intervention in the process. The processing of personal information through automated decision should casue cause no harm.


Examples

Other Relevant Aspects of GDPR

...