GDPR for Developers: Difference between revisions

From Rixort Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
== What is GDPR? ==
== Who is affected? ==
== Why should you care? ==
== Why should you care? ==



Revision as of 13:42, 11 November 2019

What is GDPR?

Who is affected?

Why should you care?

  • The way you build systems can affect ease of compliance.
  • You probably have more access to personal data than anyone else.

Personal data

  • Anything that can be used to identify a named person (i.e. living and not a corporate entity).

Legal basis for processing

  • Must rely on at least one of these.
  • 6 to choose from, but only 3 will be valid in most circumstances.
  • Consent is not always a good choice - withdrawal for example.
  • Do not confuse consent as a legal basis vs informing people how their data will be processed.

Subject Access Requests and Requests to Erase

  • These are requests not demands.
  • Not always necessary to comply with either.
  • Legal requirements may necessitate retention of data.
  • Some data may be protected from access by the subject (e.g. health, police).
  • Can charge a fee of up to £10 (£50 in some cases, e.g. health records).

Links