Personal information is any information related to a natural person = the data subject => the person to whom the data relate, this data subject is considered to be determined or determinable if the data subject can be identified, directly or indirectly, by virtue of, in particular, more elements specific to its physical, physiological, psychological, economic, cultural or social identity.
Some personal data are of such a nature that the data subject can harm himself or herself in society, at work or at school, and may discriminate against them. For this reason, a group of data that is considered to be sensitive to the data subject and which is provided with increased protection during processing is defined (exhaustively).
Personal information may be sensitive or anonymous. Sensitive data is personal data of ethnic, racial or ethnic origin, political attitudes, membership of trade unions, religion and philosophical beliefs, convictions for the offense, health status and sexuality of the data subject and the genetic data of the data subject; sensitive data is also a biometric data that allows direct identification or authentication of the data subject = physical person. An anonymous indication is one that either in its original form or after processing cannot be attributed to a designated or identifiable data subject.
The processing of personal data means any operation or set of operations that the controller or processor manages systematically with personal data by automated or other means. These include, in particular, collecting, storing information, accessing, modifying or altering, searching, using, transmitting, disseminating, publishing, storing, exchanging, sorting or combining, blocking and disposing. Automated means that it is information system processing, i.e. through software that is automated from logic. It can therefore be simplified by means of computerized automation.
The processing principles are:
legality, fairness, transparency – the controller must process personal data based on at least one legal reason and on the data subject in a transparent and correct manner,
purpose limitation – Personal data must be collected for certain and legitimate purposes and must not be processed in an incompatible manner with those purposes,
Data minimization – Personal data must be reasonable and relevant to the purpose for which they are processed,
Accuracy – Personal data must be accurate,
limitation of storage – personal data should be stored in a form that allows the data subject to be identified only for the necessary time for the purposes for which they are processed,
integrity and confidentiality – technical and organizational security of personal data.
The data subject has the right to be informed about the processing of his or her personal data. This means the right to certain information about the processing of his or her personal data so that the principle of transparency of processing is met in particular. This includes information about the purpose of the processing, the identity of the controller, his legitimate interests, and the recipients of the personal data. In this case, it is a passive right, as the activity has to be developed by the controller against the data subject, so that the required information provided in the general regulation of the data subject provides, respectively, accessed.
Other rights of the data subject, which are often based on the data subject’s (application) activity, include:
the right of access to personal data,
the right to repair, or supplement,
the right to delete,
the right to limit the processing,
the right to data portability,
the right to object,
the right not to be subject to automated individual decision making with legal or similar effects, including profiling.
Personal information is any information related to a natural person = the data subject => the person to whom the data relate, this data subject is considered to be determined or determinable if the data subject can be identified, directly or indirectly, by virtue of, in particular, more elements specific to its physical, physiological, psychological, economic, cultural or social identity.
Some personal data are of such a nature that the data subject can harm himself or herself in society, at work or at school, and may discriminate against them. For this reason, a group of data that is considered to be sensitive to the data subject and which is provided with increased protection during processing is defined (exhaustively).
Personal information may be sensitive or anonymous. Sensitive data is personal data of ethnic, racial or ethnic origin, political attitudes, membership of trade unions, religion and philosophical beliefs, convictions for the offense, health status and sexuality of the data subject and the genetic data of the data subject; sensitive data is also a biometric data that allows direct identification or authentication of the data subject = physical person. An anonymous indication is one that either in its original form or after processing cannot be attributed to a designated or identifiable data subject.
The processing of personal data means any operation or set of operations that the controller or processor manages systematically with personal data by automated or other means. These include, in particular, collecting, storing information, accessing, modifying or altering, searching, using, transmitting, disseminating, publishing, storing, exchanging, sorting or combining, blocking and disposing. Automated means that it is information system processing, i.e. through software that is automated from logic. It can therefore be simplified by means of computerized automation.
The processing principles are:
The data subject has the right to be informed about the processing of his or her personal data. This means the right to certain information about the processing of his or her personal data so that the principle of transparency of processing is met in particular. This includes information about the purpose of the processing, the identity of the controller, his legitimate interests, and the recipients of the personal data. In this case, it is a passive right, as the activity has to be developed by the controller against the data subject, so that the required information provided in the general regulation of the data subject provides, respectively, accessed.
Other rights of the data subject, which are often based on the data subject’s (application) activity, include: