Even though the GDPR is a regulation introduced across the EU, its provisions apply worldwide. The only decisive factor is the processing of data of EU citizens .
3. Separation of legal forms
Legal entities such as companies, associations or foundations do not fall under the definition and are therefore not protected by the GDPR.
4. Exceptions
According to Recital 27, the protection of data gambling data greece of deceased persons does not fall under the guidelines of the GDPR.
No internal state regulation has been made for this by means of the Federal Data Protection Act (BDSG).
5. Specification - Identified or identifiable persons
The term identified is equated here with determined.
And the term identifiable with determinable.
In this context, companies should always ask themselves whether a given piece of information can be assigned to a specific person or whether this would be possible with additional information.
A person is considered identified if the assignment of data is possible without detours and a direct connection can be established.
If this is not possible directly, but with additional knowledge, the person is identifiable .
You do not necessarily have to have this additional knowledge yourself; it can also come from third parties.
Violation of the GDPR? You must expect these sanctions
By the way:
Especially in the case of people in sensitive positions, it is often not possible to establish a personal connection.
The same applies if the specific information is subject to religious, medical or legal confidentiality.
Personal data: What does it include?
In principle, all data that can be used to establish such a personal reference are considered personal data.
- Board index
- All times are UTC
- Delete cookies
- Contact us