Ethics and Data Protection Flashcards
What is stated in Article 2 GDPR?
- Material Scope
- Processing of personal data
- Exception: household activity
What is stated in Article 3 GDPR?
Establishment of a controller or a processor in the Union
What is stated in Article 4 GDPR?
Definitions
What is personal data?
Any information relating to an identified or identifiable natural person (’data subject’) directly or indirectly
What is processing?
Any operation or set of operations which is performed on personal data
What is profiling?
Use of personal data to evaluate certain personal aspects relating to a natural person
What does the GDPR apply to?
- Article 10 Data relating to criminal convictions and offences
- Article 4 Personal data
What are the special categories?
- Racial or ethnic origin
- Political opinions, religious or philosophical beliefs
- Trade Union Membership
- Genetic and/or biometric data processed for the purpose of identifying a person
- Health, sexual life or sexual orientation
When do the special categories not apply?
- Explicit consent
- Made public by the data subject
What are the principles related to processing of personal data in Article 5?
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Data accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
When is processing considered lawful?
When:
- Freely given
- Specific
- Informed
- Unambiguous
What does the purpose limitation ground include?
A purpose must be:
- Specific
- Explicit
- Legitimate
- Not further processed that is incompatible with the current purpose
What are the exceptions in Article 89?
- Public Interest
- Scientific or Historical Research purposes
- Statistical purposes
What does the Data minimization ground tell?
- Adequate, relevant and limited
- Necessary in relevant to the purpose
What does the Data accuracy ground tell?
- Accurate and kept up-to-date
- Erased or rectified without any delay if wrong
