Top Articles

Shield 5.0 comes into force - you can now apply for parking and an exemption from contributions
30 Mar 2023
  1. Home
  2. Service
  3. The right to transfer personal data and the obligations of administrators

The right to transfer personal data and the obligations of administrators

Service

The General Data Protection Regulation (GDPR) will enter into force in May 2018. The GDPR broadly regulates the rights of people whose personal data is processed. The GDPR will introduce the so-called the right to transfer personal data. What is this right and what are the obligations of personal data administrators?

The right to transfer personal data - what is it?

The right to transfer personal data has been regulated in Art. 20 GDPR. As stipulated in this provision, each person has the right to receive from the administrator the personal data provided to the administrator. The administrator is obliged to provide personal data in a structured format (e.g. in a pdf file). The transferred file is to be of such a format that it is possible to read it by computer. It is important that the transfer of personal data will include not only personal data provided to the administrator, e.g. when concluding a contract, but also other personal data generated during the term of the contract. This means that the right to transfer personal data will apply to all data that the administrator has collected about a specific person. For example, if the customer places different orders during the term of the contract, the information about the date of each order, as well as the delivery address data will be covered by the right to data portability.

Who can exercise the right to data portability?

Any person wishing to exercise their right to transfer personal data will be able to request that the current data administrator send the data to another administrator. This is to facilitate the use of the services of other entities to which anyone will be able to provide historical data about him. In the event of a large amount of data collected by administrators, the information generated will be very extensive. However, the GDPR does not limit the right to data portability quantitatively, therefore it should be considered that this right covers all personal data "generated" by the controller.

In order to respond to the GDPR requirements, personal data administrators will have to prepare their IT systems to quickly respond to requests from individuals for the portability of personal data. It can certainly turn out to be costly, as not all IT systems used by administrators are adapted to generate such extensive information as required by Art. 20 GDPR.

Consequences of not providing personal data

It should be remembered that the GDPR introduces pecuniary sanctions for violating the law, including the right to data portability. Failure to provide data in accordance with Art. 20 GDPR may expose the data controller to a fine of up to EUR 20,000,000.When imposing a penalty, GIODO will be required to take into account, inter alia, previous breaches of the GDPR or the degree of cooperation with the administrator during the control procedure.

Considering the complexity of the solutions adopted in the GDPR, as well as the wide range of changes in the field of personal data protection, it is worth considering the implementation of personal data protection procedures in every organization.

Łukasz Łyczkowski

http://c certatydo.pl

Category: Service
Additional care allowance until the end of 2020! Previous Article

Additional care allowance until the end of 2020!
Paid YouTube? What you should know about YouTube Red Next Article

Paid YouTube? What you should know about YouTube Red

Recommended Editor'S Choice 2023

Donation made in installments - part 1
Service-Tax

Donation made in installments - part 1

2021
Alcohol expenses for business meetings
Service-Tax

Alcohol expenses for business meetings

2021
Small Claims Procedure - European Money Recovery Procedure
Service

Small Claims Procedure - European Money Recovery Procedure

2021
Leaseback - possible changes in VAT settlements
Service-Tax

Leaseback - possible changes in VAT settlements

2021
GTU 12 - designation of intangible services in JPK V7!
Website

GTU 12 - designation of intangible services in JPK V7!

2021
Receipt with NIP as a simplified invoice - new KIS position
Service-Tax

Receipt with NIP as a simplified invoice - new KIS position

2021

Recommended

Popular Posts

2023 © https://healinghealthteas.com The right to transfer personal data and the obligations of administrators