Mervinskiy 495

Page 53

SUGGESTION Judges invoke legal principles such as these to interpret laws and fill in the actual or potential legal gaps when addressing legal disputes.90 Similarly, data protection principles may support SMEs in better understanding the other provisions of the GDPR that they are required to comply with. For example, the obligation of the data controller to provide information about the processing of personal data to a data subject91 is one of the ways in which the GDPR puts into practice the

2.4. What are the possible legal bases for personal data processing? 2.4.1. Background To process personal data lawfully, meaning in accordance with the principle of lawfulness, SMEs need to specify a legal basis (legal ground). The Article 6 of the GDPR foresees these legal bases:

2. Personal data protection basics

principles of lawfulness, fairness and transparency.

» the data subject consented to the processing; » the processing is necessary for the performance of a contract to which the data subject is a party;

» the processing is necessary to comply with a legal obligation existing upon the controller;

» the processing is necessary to protect the vital interests of data subjects or of another person;

» the processing is necessary for the performance of a task carried out by the data controller in the public interest or in exercising official authority; and

90

Footnote 79.

91

See 2.5 What are data subjects’ rights? 51


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.