GDPR for Developers

From Rixort Wiki

Revision as of 14:41, 11 November 2019 by Paul (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Why should you care?

The way you build systems can affect ease of compliance.
You probably have more access to personal data than anyone else.

Personal data

Anything that can be used to identify a named person (i.e. living and not a corporate entity).

Legal basis for processing

Must rely on at least one of these.
6 to choose from, but only 3 will be valid in most circumstances.
Consent is not always a good choice - withdrawal for example.
Do not confuse consent as a legal basis vs informing people how their data will be processed.

Subject Access Requests and Requests to Erase

These are requests not demands.
Not always necessary to comply with either.
Legal requirements may necessitate retention of data.
Some data may be protected from access by the subject (e.g. health, police).
Can charge a fee of up to £10 (£50 in some cases, e.g. health records).

Links

Sites using Facebook ‘Like’ button liable for data, EU court rules

Retrieved from ‘https://wiki.rixort.com/index.php?title=GDPR_for_Developers&oldid=777’

Talks