Airteagal 3 RGCS (GDPR). Raon feidhme críochach
[…]
2. Tá feidhm ag an Rialachán seo maidir le próiseáil arna déanamh ag rialaitheoir nó ag próiseálaí nach bhfuil bunaithe san Aontas ar shonraí pearsanta ábhar sonraí atá san Aontas, i gcás ina mbaineann na gníomhaíochtaí próiseála leis an méid seo a leanas:
(a) seirbhísí nó earraí a thairiscint d’ábhair sonraí den chineál sin san Aontas, is cuma an gá don ábhar sonraí íocaíocht a dhéanamh; nó
(b) faireachán a dhéanamh ar iompar na ndaoine sin chomh fada agus a dhéantar a n-iompar siúd laistigh den Aontas.
[…]
(EN) ISO/IEC 27701, adopted in 2019, added a requirement additional to ISO/IEC 27002, section 6.1.1.
Here is the relevant paragraph to article 27 GDPR:
6.3.1.1 Information security roles and responsibilities
Implementation guidance
The organization should designate a point of contact for use by the customer regarding the processing of PII. When the organization is a PII controller, designate a point of contact for PII principals regarding the processing of their PII (see 7.3.2).
The organization should appoint one or more persons responsible for developing, implementing, maintaining and monitoring an organization-wide governance and privacy program, to ensure compliance with all applicable laws and regulations regarding the processing of PII.
(EN) […]
(EN) Sign in
to read the full text