SlideShare a Scribd company logo

GDPR Transparency Basics

Download as PPTX, PDF
M
Mathew Chacko

This document provides an introduction to transparency under the GDPR. It discusses the overarching obligation of transparency that applies throughout the entire data processing period. It outlines the requirements for providing information to data subjects under Articles 13 and 14, including what information must be provided, when it must be provided, and exceptions. The information must be concise, transparent, intelligible, easily accessible, and in clear plain language. Privacy statements are recommended to communicate this information to data subjects.

Law
1 of 17
TRANSPARENCY: GDPR BASICS SPICE ROUTE LEGAL 14 MAY 2018
AN INTRODUCTION TO TRANSPARENCY  No definition under the GDPR.  It is an overarching obligation that applies irrespective of the legal basis for processing and through the entire processing period.
PROVIDING DATA SUBJECTSWITH INFORMATION RELATINGTO FAIR PROCESSING COMMUNICATING WITH DATA SUBJECTS IN RELATIONTOTHEIR RIGHTS FACILITATINGTHE EXERCISE BY DATA SUBJECTS OFTHEIR RIGHTS APPLICATION
ELEMENTS ARTICLE 12 ARTICLE 13-14 ARTICLE 15-22 ARTICLE 34 PROVISIONOF INFORMATIONTO DATA SUBJECTS COMMUNICATIONS IN RELATIONTO DATA BREACHES COMMUNICATIONS CONCERNING RIGHTS OF DATA SUBJECTS
ARTICE 13  Article 13 – Information to be provided when data is collected from the data subject.This includes personal personal data when:  A data subject consciously provides information to the data controller;  A data controller collects data from a data subject by observation.
ARTICE 14  Article 14 – Information to be provided when data has not been obtained from the data subject. This includes personal data that has been obtained from sources such as:  Third party data controllers;  Data brokers;  Publicly available sources.
ELEMENTS ARTICLE 12 Information must comply with the following requirements  Concise, transparent, intelligible, and easily accessible;  Clear and plain language;  Must be in writing or by other means;  When requested by a data subject, it should be provided orally;  Should be provided free of charge, with a few exceptions (i.e., when requests are “manifestly unfounded or excessive”).
ELEMENTS ARTICLE 12 CONCISE, TRANSPARENT, INTELLIGIBLE, AND EASILY ACCESSIBLE  Information should be communicated efficiently, should avoid information fatigue, and should be differentiated from other non- privacy related information.  It should be understood by an average member of the intended audience & is closely linked to clear and plain language.  The data subject should not have to seek out information and should not be more than 2 taps away (for example: the use of contextual pop-ups when filling out forms or though the use of layered privacy statements).
ELEMENTS ARTICLE 12 CLEARAND PLAIN LANGUAGE  GOOD: We will retain your shopping history and use details of the products you have purchased to make suggestions for other products which we believe you will be interested in.  BAD: We may use your personal information to develop a new service.  Indefinite language - “may”, “might”, “possible”, etc. - should be avoided.
ELEMENTS ARTICLE 12 INWRITINGOR BY OTHER MEANS
ELEMENTS ARTICLE 12 FREE OF CHARGE
INFORMATION TO BE PROVIDED CONTENT
INFORMATION TO BE PROVIDED  Use privacy statements (or notices or policies) or fair processing notices .  The data controller should take appropriate measures in relation to the provision of information for transparency. This means gauging the situation to decide the best way to communicate information.  Test different methods.
WHENSHOULD INFORMATION BE PROVIDED?  Article 13 – at the time when personal data is collected.  Article 14 or indirectly obtained personal data – within a reasonable period after obtaining the data, and no later than one month, having regard to the circumstances.  If data is used for communication with the data subject, information should be provided at the latest at the time of first communication.  If data is being disclosed to a third party, information should be provided at the latest at the time of first disclosure.
EXCEPTIONSTO PROVIDING INFORMATION  Article 13 – in the event the data subject already has this information. Data controllers will need to demonstrate and document what information the data subject already has, how and when it was received, and that no changes have occurred to the information to make it out of date.
EXCEPTIONSTO PROVIDING INFORMATION Article 14  Provision of information would prove impossible, would involve a disproportionate effect, would make the objectives of the processing impossible, or seriously impair them.  Data controller is subject to national / EU law to obtain and disclose the personal data and the law provides appropriate protections for data subject’s legitimate interests.  Secrecy obligations
THANK YOU Should you have any questions or comments, please get in touch with aadya.misra@spiceroutelegal.com or mathew@spiceroutelegal.com !

Recommended

Revision of Legal issues for Unit 11.pptx
Revision of Legal issues for Unit 11.pptxRevision of Legal issues for Unit 11.pptx
Revision of Legal issues for Unit 11.pptxBreach_P
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018Webkul Software Pvt. Ltd.
 
2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness WorkshopPaul Jacobson
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
GDPR presentation
GDPR presentationGDPR presentation
GDPR presentationSamantha Deeks
 
Data Privacy in India and data theft
Data Privacy in India and data theftData Privacy in India and data theft
Data Privacy in India and data theftAmber Gupta
 
GDPR - A Concise Treatise
GDPR - A Concise TreatiseGDPR - A Concise Treatise
GDPR - A Concise TreatiseDevopam Mittra
 

Recommended

Revision of Legal issues for Unit 11.pptx
Revision of Legal issues for Unit 11.pptxRevision of Legal issues for Unit 11.pptx
Revision of Legal issues for Unit 11.pptxBreach_P
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018Webkul Software Pvt. Ltd.
 
2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness WorkshopPaul Jacobson
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
GDPR presentation
GDPR presentationGDPR presentation
GDPR presentationSamantha Deeks
 
Data Privacy in India and data theft
Data Privacy in India and data theftData Privacy in India and data theft
Data Privacy in India and data theftAmber Gupta
 
GDPR - A Concise Treatise
GDPR - A Concise TreatiseGDPR - A Concise Treatise
GDPR - A Concise TreatiseDevopam Mittra
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk- Mark - Fullbright
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in MalaysiaMSC Malaysia Cybercentre @ Bangsar South City
 
A quick look at gdpr
A quick look at gdprA quick look at gdpr
A quick look at gdprCookieYes
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesAmazon Web Services
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4Wynthorpe
 
The Data Protection Act What You Need To Know
The Data Protection Act What You Need To KnowThe Data Protection Act What You Need To Know
The Data Protection Act What You Need To KnowEamonnORagh
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewErnest Staats
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentationKholisile Mazaza
 
Data protectionpolicyliec
Data protectionpolicyliecData protectionpolicyliec
Data protectionpolicyliecvrishi31
 
Protection of Personal Information
Protection of Personal InformationProtection of Personal Information
Protection of Personal InformationFrancois Naude Jr.
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africablogzilla
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Werksmans presentations on popi
Werksmans presentations on popiWerksmans presentations on popi
Werksmans presentations on popiWerksmans Attorneys
 
Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationOlivier Vandeputte
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Happiest Minds Technologies
 

More Related Content

What's hot

Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk- Mark - Fullbright
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
 
A quick look at gdpr
A quick look at gdprA quick look at gdpr
A quick look at gdprCookieYes
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesAmazon Web Services
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4Wynthorpe
 
The Data Protection Act What You Need To Know
The Data Protection Act What You Need To KnowThe Data Protection Act What You Need To Know
The Data Protection Act What You Need To KnowEamonnORagh
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewErnest Staats
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
Data protectionpolicyliec
Data protectionpolicyliecData protectionpolicyliec
Data protectionpolicyliecvrishi31
 
Protection of Personal Information
Protection of Personal InformationProtection of Personal Information
Protection of Personal InformationFrancois Naude Jr.
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africablogzilla
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 

What's hot (19)

Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
 
The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in Malaysia
 
A quick look at gdpr
A quick look at gdprA quick look at gdpr
A quick look at gdpr
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud Services
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4
 
The Data Protection Act What You Need To Know
The Data Protection Act What You Need To KnowThe Data Protection Act What You Need To Know
The Data Protection Act What You Need To Know
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the Philippines
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 
GDPR Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewGDPR Benefits and a Technical Overview
GDPR Benefits and a Technical Overview
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
 
Data protectionpolicyliec
Data protectionpolicyliecData protectionpolicyliec
Data protectionpolicyliec
 
Protection of Personal Information
Protection of Personal InformationProtection of Personal Information
Protection of Personal Information
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africa
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
Werksmans presentations on popi
Werksmans presentations on popiWerksmans presentations on popi
Werksmans presentations on popi
 

Similar to GDPR Transparency Basics

Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationOlivier Vandeputte
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Happiest Minds Technologies
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationN N
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupThe Pathway Group
 
How GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneHow GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneThomas Goubau
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. dan hyde
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteSilverTech
 
GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
SCCE Processors and GDPR
SCCE Processors and GDPRSCCE Processors and GDPR
SCCE Processors and GDPRRobert Bond
 
How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?TobyRobinson13
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulationGreg Ezeilo
 

Similar to GDPR Transparency Basics (20)

Key Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection RegulationKey Issues on the new General Data Protection Regulation
Key Issues on the new General Data Protection Regulation
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdf
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Guide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulationGuide to-the-general-data-protection-regulation
Guide to-the-general-data-protection-regulation
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway Group
 
ICSA Irish Region General Data Protection Regulation event, 10 October 2017
ICSA Irish Region General Data Protection Regulation event, 10 October 2017ICSA Irish Region General Data Protection Regulation event, 10 October 2017
ICSA Irish Region General Data Protection Regulation event, 10 October 2017
 
How GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneHow GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect Everyone
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentation
 
GDPR
GDPRGDPR
GDPR
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your Website
 
GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protection
 
SCCE Processors and GDPR
SCCE Processors and GDPRSCCE Processors and GDPR
SCCE Processors and GDPR
 
How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
Data protection regulation
Data protection regulationData protection regulation
Data protection regulation
 

More from Mathew Chacko

Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india Mathew Chacko
 
Competition law and Joint Ventures
Competition law and Joint Ventures Competition law and Joint Ventures
Competition law and Joint VenturesMathew Chacko
 
Startups - data protection
Startups - data protectionStartups - data protection
Startups - data protectionMathew Chacko
 
Video on Demand: Indian Law
Video on Demand: Indian LawVideo on Demand: Indian Law
Video on Demand: Indian LawMathew Chacko
 
The defence india start up challenge
The defence india start up challengeThe defence india start up challenge
The defence india start up challengeMathew Chacko
 
Anatomy of a simple India - Delaware flip
Anatomy of a simple India - Delaware flip Anatomy of a simple India - Delaware flip
Anatomy of a simple India - Delaware flip Mathew Chacko
 
Online wallets: part 2 (compliance)
Online wallets: part 2 (compliance) Online wallets: part 2 (compliance)
Online wallets: part 2 (compliance) Mathew Chacko
 
The long arm of the gdpr
The long arm of the gdprThe long arm of the gdpr
The long arm of the gdprMathew Chacko
 
Spice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy UpdateSpice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy UpdateMathew Chacko
 
The Law on Token sales
The Law on Token salesThe Law on Token sales
The Law on Token salesMathew Chacko
 
Blockchain & the law 101
Blockchain & the law 101Blockchain & the law 101
Blockchain & the law 101Mathew Chacko
 

More from Mathew Chacko (17)

Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india
 
Abuse of dominance
Abuse of dominanceAbuse of dominance
Abuse of dominance
 
Competition law and Joint Ventures
Competition law and Joint Ventures Competition law and Joint Ventures
Competition law and Joint Ventures
 
Startups - data protection
Startups - data protectionStartups - data protection
Startups - data protection
 
Blockchain (2019)
Blockchain (2019)Blockchain (2019)
Blockchain (2019)
 
Video on Demand: Indian Law
Video on Demand: Indian LawVideo on Demand: Indian Law
Video on Demand: Indian Law
 
An eye in the sky?
An eye in the sky? An eye in the sky?
An eye in the sky?
 
The defence india start up challenge
The defence india start up challengeThe defence india start up challenge
The defence india start up challenge
 
Anatomy of a simple India - Delaware flip
Anatomy of a simple India - Delaware flip Anatomy of a simple India - Delaware flip
Anatomy of a simple India - Delaware flip
 
Online wallets: part 2 (compliance)
Online wallets: part 2 (compliance) Online wallets: part 2 (compliance)
Online wallets: part 2 (compliance)
 
Wallets an overview
Wallets an overviewWallets an overview
Wallets an overview
 
The long arm of the gdpr
The long arm of the gdprThe long arm of the gdpr
The long arm of the gdpr
 
ICOs: A Primer
ICOs: A Primer ICOs: A Primer
ICOs: A Primer
 
Spice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy UpdateSpice Route Legal Data Protection & Privacy Update
Spice Route Legal Data Protection & Privacy Update
 
consent:gdpr
consent:gdprconsent:gdpr
consent:gdpr
 
The Law on Token sales
The Law on Token salesThe Law on Token sales
The Law on Token sales
 
Blockchain & the law 101
Blockchain & the law 101Blockchain & the law 101
Blockchain & the law 101
 

Recently uploaded

如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书SD DS
 
Indian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxIndian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxSauravAnand68
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionNilamPadekar1
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书Fir sss
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementShubhiSharma858417
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxmarielouisetulaytay
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...shubhuc963
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书SD DS
 
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书SD DS
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxNeeteshKumar71
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Companyaneesashraf6
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791BlayneRush1
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaAbheet Mangleek
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiBlayneRush1
 

Recently uploaded (20)

如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
 
Indian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptxIndian Contract Act-1872-presentation.pptx
Indian Contract Act-1872-presentation.pptx
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 sedition
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreement
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
 
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptx
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Company
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in India
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
 

GDPR Transparency Basics

  • 2. AN INTRODUCTION TO TRANSPARENCY  No definition under the GDPR.  It is an overarching obligation that applies irrespective of the legal basis for processing and through the entire processing period.
  • 3. PROVIDING DATA SUBJECTSWITH INFORMATION RELATINGTO FAIR PROCESSING COMMUNICATING WITH DATA SUBJECTS IN RELATIONTOTHEIR RIGHTS FACILITATINGTHE EXERCISE BY DATA SUBJECTS OFTHEIR RIGHTS APPLICATION
  • 4. ELEMENTS ARTICLE 12 ARTICLE 13-14 ARTICLE 15-22 ARTICLE 34 PROVISIONOF INFORMATIONTO DATA SUBJECTS COMMUNICATIONS IN RELATIONTO DATA BREACHES COMMUNICATIONS CONCERNING RIGHTS OF DATA SUBJECTS
  • 5. ARTICE 13  Article 13 – Information to be provided when data is collected from the data subject.This includes personal personal data when:  A data subject consciously provides information to the data controller;  A data controller collects data from a data subject by observation.
  • 6. ARTICE 14  Article 14 – Information to be provided when data has not been obtained from the data subject. This includes personal data that has been obtained from sources such as:  Third party data controllers;  Data brokers;  Publicly available sources.
  • 7. ELEMENTS ARTICLE 12 Information must comply with the following requirements  Concise, transparent, intelligible, and easily accessible;  Clear and plain language;  Must be in writing or by other means;  When requested by a data subject, it should be provided orally;  Should be provided free of charge, with a few exceptions (i.e., when requests are “manifestly unfounded or excessive”).
  • 8. ELEMENTS ARTICLE 12 CONCISE, TRANSPARENT, INTELLIGIBLE, AND EASILY ACCESSIBLE  Information should be communicated efficiently, should avoid information fatigue, and should be differentiated from other non- privacy related information.  It should be understood by an average member of the intended audience & is closely linked to clear and plain language.  The data subject should not have to seek out information and should not be more than 2 taps away (for example: the use of contextual pop-ups when filling out forms or though the use of layered privacy statements).
  • 9. ELEMENTS ARTICLE 12 CLEARAND PLAIN LANGUAGE  GOOD: We will retain your shopping history and use details of the products you have purchased to make suggestions for other products which we believe you will be interested in.  BAD: We may use your personal information to develop a new service.  Indefinite language - “may”, “might”, “possible”, etc. - should be avoided.
  • 13. INFORMATION TO BE PROVIDED  Use privacy statements (or notices or policies) or fair processing notices .  The data controller should take appropriate measures in relation to the provision of information for transparency. This means gauging the situation to decide the best way to communicate information.  Test different methods.
  • 14. WHENSHOULD INFORMATION BE PROVIDED?  Article 13 – at the time when personal data is collected.  Article 14 or indirectly obtained personal data – within a reasonable period after obtaining the data, and no later than one month, having regard to the circumstances.  If data is used for communication with the data subject, information should be provided at the latest at the time of first communication.  If data is being disclosed to a third party, information should be provided at the latest at the time of first disclosure.
  • 15. EXCEPTIONSTO PROVIDING INFORMATION  Article 13 – in the event the data subject already has this information. Data controllers will need to demonstrate and document what information the data subject already has, how and when it was received, and that no changes have occurred to the information to make it out of date.
  • 16. EXCEPTIONSTO PROVIDING INFORMATION Article 14  Provision of information would prove impossible, would involve a disproportionate effect, would make the objectives of the processing impossible, or seriously impair them.  Data controller is subject to national / EU law to obtain and disclose the personal data and the law provides appropriate protections for data subject’s legitimate interests.  Secrecy obligations
  • 17. THANK YOU Should you have any questions or comments, please get in touch with aadya.misra@spiceroutelegal.com or mathew@spiceroutelegal.com !