Blogs

GDPR and Purpose limitation

6:42:00 AM , , ,

 


Article 45. “…Furthermore, that law could specify the general conditions of this Regulation governing the lawfulness of personal data processing, establish specifications for determining the controller, the type of personal data which are subject to the processing, the data subjects concerned, the entities to which the personal data may be disclosed, the purpose limitations,…”

 

Chapter II, Principles, Article 5 Principles relating to processing of personal data 1. (b)

“collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);

Chapter II, Principles, Article 6 Lawfulness of processing 3. (b)

“…performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. That legal basis may contain specific provisions to adapt the application of rules of this Regulation, inter alia: the general conditions governing the lawfulness of processing by the controller; the types of data which are subject to the processing; the data subjects concerned; the entities to, and the purposes for which, the personal data may be disclosed; the purpose limitation; storage periods; and processing operations and processing procedures, including measures to ensure lawful and fair processing such as those for other specific L 119/36 EN Official Journal of the European Union 4.5.2016 processing situations as provided for in Chapter IX…”

Chapter V, Transfers of personal data to third countries or international organisations, Article 47 Binding corporate rules 2. (d)

“the application of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design and by default, legal basis for processing, processing of special categories of personal data, measures to ensure data security, and the requirements in respect of onward transfers to bodies not bound by the binding corporate rules;”

No comments

Post a Comment

Subscribe to: Post Comments ( Atom )
XML response sample: HTTP/1.1 200 OK Content-Length: 0