Nascleanúint
RGCS (GDPR) > Airteagal 10. Sonraí pearsanta a bhaineann le ciontuithe coiriúla agus coireanna a phróiseáil
Íoslódáil PDF

Airteagal 10 RGCS (GDPR). Sonraí pearsanta a bhaineann le ciontuithe coiriúla agus coireanna a phróiseáil

Article 10 GDPR. Processing of personal data relating to criminal convictions and offences

Ní dhéanfar sonraí pearsanta a bhaineann le ciontuithe coiriúla agus coireanna nó le bearta slándála gaolmhara bunaithe ar Airteagal 6(1) a phróiseáil ach amháin faoi rialú údaráis oifigiúil nó nuair atá an phróiseáil sin údaraithe le dlí an Aontais nó le dlí Ballstáit lena bhforáiltear do choimircí iomchuí do chearta agus saoirsí ábhar sonraí. Ní choinneofar aon chlár cuimsitheach de chiontuithe coiriúla ach faoi rialú údaráis oifigiúil.

Processing of personal data relating to criminal convictions and offences or related security measures based on Article 6(1) shall be carried out only under the control of official authority or when the processing is authorised by Union or Member State law providing for appropriate safeguards for the rights and freedoms of data subjects. Any comprehensive register of criminal convictions shall be kept only under the control of official authority.

Téacsanna gaolmhara
Tráchtaireacht ISO 27701 Dlí Treoirlínte & Cásanna Leave a comment
Tráchtaireacht

(EN) Criminal offence data are treated specifically by the General Data Protection Regulation. They represent sensitive data that must be dealt with appropriate care, similarly to special categories of personal data (article 9). They obey particular rules, but they do not expressly fall under thespecial categories of personal data”. They have their own legal regime and they do not benefit from similar exceptions as the aforementioned data [article 9 (2)].

 

(EN) […]


to read the full text

(EN) Author
Louis-Philippe Gratton
(EN) Louis-Philippe Gratton PhD, LLM
(EN) Privacy Expert
ISO 27701

(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.

Here is the relevant paragraph to article 10 GDPR:

7.2.2 Identify lawful basis

Control

The organization should determine, document and comply with the relevant lawful basis for the processing of PII for the identified purposes.

Implementation guidance

Some jurisdictions require the organization to be able to demonstrate that the lawfulness of processing was duly established before the processing.

The legal basis for the processing of PII can include:

(EN) […]


to read the full text

Dlí Treoirlínte & Cásanna Leave a comment
[js-disqus]