Nascleanúint
RGCS (GDPR) > Airteagal 26. Rialaitheoirí comhpháirteacha
Íoslódáil PDF

Airteagal 26 RGCS (GDPR). Rialaitheoirí comhpháirteacha

Article 26 GDPR. Joint controllers

1. I gcás ina gcinneann dhá rialaitheoir nó níos mó go comhpháirteach críocha agus bealaí na próiseála, beidh siad ina rialaitheoirí comhpháirteacha. Cinnfidh siad, ar bhealach trédhearcach, na freagrachtaí a bheidh orthu faoi seach maidir leis na hoibleagáidí faoin Rialachán seo a chomhlíonadh, go háirithe maidir le feidhmiú chearta na n-ábhar sonraí agus na dualgais a bheidh orthu faoi seach an fhaisnéis dá dtagraítear in Airteagal 13 agus in Airteagal 14 a chur ar fáil, trí chomhshocrú eatarthu, murar rud é gur le dlí an Aontais nó le dlí Ballstáit a chinntear na freagrachtaí atá ar na rialaitheoirí faoi seach, nó a mhéid ar leis na dlíthe sin a chinntear na freagrachtaí atá orthu, agus ar faoina réir atá na rialaitheoirí. Faoin gcomhshocrú, féadfar pointe teagmhála a ainmniú do na hábhair sonraí.

1. Where two or more controllers jointly determine the purposes and means of processing, they shall be joint controllers. They shall in a transparent manner determine their respective responsibilities for compliance with the obligations under this Regulation, in particular as regards the exercising of the rights of the data subject and their respective duties to provide the information referred to in Articles 13 and 14, by means of an arrangement between them unless, and in so far as, the respective responsibilities of the controllers are determined by Union or Member State law to which the controllers are subject. The arrangement may designate a contact point for data subjects.

Téacsanna gaolmhara

2. Maidir leis an gcomhshocrú dá dtagraítear i mír 1, leireofar ann róil agus gaoil faoi seach na rialaitheoirí comhpháirteacha i leith na n-ábhar sonraí. Cuirfear buneolas maidir leis an gcomhshocrú sin ar fáil don ábhar sonraí.

2. The arrangement referred to in paragraph 1 shall duly reflect the respective roles and relationships of the joint controllers vis-à-vis the data subjects. The essence of the arrangement shall be made available to the data subject.

Téacsanna gaolmhara

3. Beag beann ar théarmaí an chomhshocraithe dá dtagraítear i mír 1, féadfaidh an t-ábhar sonraí a chearta nó a cearta a fheidhmiú faoin Rialachán seo i ndáil le gach rialaitheoir ar leithligh agus i gcoinne gach rialaitheora.

3. Irrespective of the terms of the arrangement referred to in paragraph 1, the data subject may exercise his or her rights under this Regulation in respect of and against each of the controllers.

Tráchtaireacht ISO 27701 Recitals Dlí Treoirlínte & Cásanna Leave a comment
Tráchtaireacht

(EN) The expression “joint controller” is one of the most difficult to grasp in practice. It is nonetheless essential to delimit the role of the parties involved in the processing of personal data to determine their responsibilities under the General Data Protection Regulation (GDPR).

(EN) […]


to read the full text

(EN) Author
Louis-Philippe Gratton
(EN) Louis-Philippe Gratton PhD, LLM
(EN) Privacy Expert
ISO 27701

(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.

Here is the relevant paragraph to articles 26(1), 26(2), and 26(3) GDPR:

7.2.7 Joint PII controller

Control

The organization should determine respective roles and responsibilities for the processing of PII (including PII protection and security requirements) with any joint PII controller.

Implementation guidance

Roles and responsibilities for the processing of PII should be determined in a transparent manner.

(EN) […]


to read the full text

Recitals

(79) Le cosaint ceart agus saoirsí ábhar sonraí agus freagracht agus dliteanas rialaitheoirí agus próiseálaithe, agus a mhéid a bhaineann le faireachán agus bearta a dhéanann na húdaráis mhaoirseachta, ceanglaítear go leithroinntear na freagrachtaí faoin Rialachán seo go soiléir, lena n-áirítear i gcás ina gcinneann rialaitheoir críocha agus modhanna na próiseála i gcomhpháirt le rialaitheoirí eile nó i gcás ina ndéantar an phróiseáil thar ceann rialaitheora.

(79) The protection of the rights and freedoms of data subjects as well as the responsibility and liability of controllers and processors, also in relation to the monitoring by and measures of supervisory authorities, requires a clear allocation of the responsibilities under this Regulation, including where a controller determines the purposes and means of the processing jointly with other controllers or where a processing operation is carried out on behalf of a controller.

Dlí Treoirlínte & Cásanna Leave a comment
[js-disqus]