GDPR for Developers: Difference between revisions
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
* These are ''requests'' not ''demands''. | * These are ''requests'' not ''demands''. | ||
* Not always necessary to comply with either. | |||
* Legal requirements may necessitate retention of data. | |||
* Some data may be protected from access by the subject (e.g. health, police). | |||
[[Category:Talks]] | [[Category:Talks]] | ||
Revision as of 07:54, 24 July 2019
Legal basis for processing
- Must rely on at least one of these.
- 6 to choose from, but only 3 will be valid in most circumstances.
- Consent is not always a good choice - withdrawal for example.
- Do not confuse consent as a legal basis vs informing people how their data will be processed.
Subject Access Requests and Requests to Erase
- These are requests not demands.
- Not always necessary to comply with either.
- Legal requirements may necessitate retention of data.
- Some data may be protected from access by the subject (e.g. health, police).