Useful Links
Computer Science
Cybersecurity
General Data Protection Regulation (GDPR)
1. Foundations of GDPR
2. Principles of Data Processing
3. Lawful Bases for Processing
4. Rights of the Data Subject
5. Obligations of Controllers and Processors
6. International Data Transfers
7. Enforcement, Remedies, and Penalties
8. Special Categories and Specific Processing Situations
Lawful Bases for Processing
Consent
Conditions for Valid Consent
Freely Given
No Coercion or Pressure
Genuine Choice
Conditional Services
Specific
Granular Consent
Separate Consents for Different Purposes
Informed
Clear Information Requirements
Understanding of Consequences
Unambiguous
Clear Affirmative Action
Opt-in Requirements
Explicit Consent
When Explicit Consent is Required
Methods of Obtaining Explicit Consent
Documentation Requirements
Withdrawing Consent
Mechanisms for Withdrawal
Ease of Withdrawal
Effects of Withdrawal
Continued Processing After Withdrawal
Children's Consent
Age Thresholds
Parental Consent Requirements
Verification Methods
Contractual Necessity
Processing Necessary for Contract Performance
Essential Processing Activities
Core Contract Functions
Pre-Contractual Steps
Quotation Processes
Due Diligence Activities
Legal Obligation
Compliance with Legal Requirements
EU Law Obligations
Member State Law Obligations
Examples of Legal Obligations
Tax Requirements
Employment Law
Financial Regulations
Vital Interests
Protecting Life or Physical Integrity
Emergency Situations
Medical Emergencies
Application in Emergency Situations
Natural Disasters
Public Health Emergencies
Public Task
Processing for Official Authority
Public Bodies
Delegated Authority
Processing in Public Interest
Statutory Functions
Public Service Delivery
Examples of Public Task Processing
Legitimate Interests
Definition and Scope
Controller's Interests
Third Party Interests
Societal Interests
Balancing Test
Assessing Legitimate Interests
Compelling Interests
Reasonable Expectations
Weighing Against Data Subject Rights
Impact Assessment
Fundamental Rights Considerations
Right to Object to Processing
Absolute Right for Direct Marketing
Compelling Legitimate Grounds
Previous
2. Principles of Data Processing
Go to top
Next
4. Rights of the Data Subject