GDPR compliance: how to inform people and ensure transparency?

The General Data Protection Regulation is a device that protects the personal data of individuals. Companies in the field of data processing, whether they are data controllers or subcontractors, are required to comply with this regulation. Find out in our article about the data controller's obligation of transparency.

The available means of information

Data subjects are the persons whose data is collected and processed. The obligation of transparency implies that the data subjects have the right to request information from the data controller. The latter must comply with several conditions imposed by the Regulation. In principle, the information must be concise, comprehensible, accessible, clear and simple. The provision of information is made at the request of the data subject. The request may be made by electronic means. In this case, the information shall be provided by electronic means. However, it may be provided in writing. Oral communication is also possible.

Time limits to be respected by the controller

The controller must provide the information within one month. It runs from the date of receipt of the request. This period may be extended due to multiple requests. It is limited to a period of two months, but the controller must inform the data subject of the reasons for the extension. The controller has the right not to comply with the data subject's request. It must notify the data subject of the reasons for its inaction within one month. Thus, this refusal entitles the applicant to appeal to the court or the administrative supervisory authority.

Questions relating to the costs of providing information

The information provided is free of charge except in specific cases provided for in the Regulations. This applies to unfounded, excessive or repetitive requests from data subjects. In such situations, the controller may request payment of a reasonable sum or refuse to provide the information. The information to be provided is already provided for in the Regulation. The right to information GDPR differentiates between the information to be provided if the data are collected from the data subjects or other persons. The law also sets out further information to be provided if the controller intends to further process the data.
In the same category
Personal data, data processing, GDPR, what is it about?
GDPR compliance: how to collect consent from individuals?
New technologies and medical research

The development of new technologies has made health services more accessible. It is now possible to retrieve remedies in less than 90 minutes thanks to drone delivery.

New technologies that shake up the fashion world

In contact with new technologies, fashion can become a support for humanity. The fashion of the future will be more ethical and natural. Thanks to new technologies, fashion can prevent certain diseases.

New technologies and education

Computer technology facilitates access to education. The internet allows trainees to follow distance learning courses via PowerPoint slides or video. Distance learning also provides access to exercises. Distance learning courses can be taken across a variety of disciplines, particularly technical and scientific disciplines.

Plan du site