The GDPR does introduce a concept of joint and several liability, but only in the context of damages incurred by data subjects ... a controller for the alleged violation of a processor.

The Guidelines 01/2024 will be subject to public consultation until November 20, 2024. Data controllers must always ... the six legal bases for the lawful processing of personal data under the ...

The GDPR defines: individuals’ fundamental rights in the digital age the obligations of those processing data methods for ensuring compliance sanctions for those in breach of the rules The GDPR lists ...

Moreover, in addition to the duty to notify data subjects, a data controller or processor seeking to process personal data relating to a child for whatever purpose must obtain consent from the ...

the basis for processing, relevant contact information and any other procedures such as data subject access requests. Data controllers must also consider any other business processes, policies ...

data processor or the data subject. Others have been due to accidental or negligent acts by the employees or other agents of the data controller, such as sending emails with the incorrect attachments.

The data controller or processor is required to reveal the kind of personal data they process, their target subjects and the reasons for collecting and storing it. Despite the ODPC making some ...

The law distinguishes between “controllers,” entities determining how and why personal data is processed, and “processors,” entities processing ... not apply to data subject to HIPAA ...