Useful Links
Computer Science
Cybersecurity
General Data Protection Regulation (GDPR)
1. Foundations of GDPR
2. Principles of Data Processing
3. Lawful Bases for Processing
4. Rights of the Data Subject
5. Obligations of Controllers and Processors
6. International Data Transfers
7. Enforcement, Remedies, and Penalties
8. Special Categories and Specific Processing Situations
Principles of Data Processing
Lawfulness, Fairness, and Transparency
Meaning of Lawfulness
Legal Basis Requirements
Compliance with Other Laws
Ensuring Fair Processing
Reasonable Expectations
Avoiding Deception
Power Imbalances
Transparency Requirements
Clear and Plain Language
Accessible Information
Proactive Communication
Purpose Limitation
Specified, Explicit, and Legitimate Purposes
Clear Purpose Definition
Legitimate Purpose Assessment
Restrictions on Further Processing
Compatible Use Test
Exceptions for Further Processing
Data Minimisation
Adequacy Requirement
Relevance Requirement
Limitation to Necessary Data
Regular Review of Data Holdings
Accuracy
Keeping Data Up to Date
Verification Processes
Rectification of Inaccurate Data
Data Quality Management
Storage Limitation
Retention Periods
Purpose-Based Retention
Legal Requirements
Business Needs Assessment
Criteria for Data Deletion
Automated Deletion Systems
Manual Review Processes
Integrity and Confidentiality
Protection Against Unauthorised Processing
Access Controls
Authentication Mechanisms
Safeguarding Against Accidental Loss or Damage
Backup Systems
Disaster Recovery
System Resilience
Accountability
Demonstrating Compliance
Evidence of Compliance
Compliance Monitoring
Documentation and Record-Keeping
Processing Records
Policy Documentation
Training Records
Previous
1. Foundations of GDPR
Go to top
Next
3. Lawful Bases for Processing