Nascleanúint
RGCS (GDPR) > Aithris 68
Íoslódáil PDF

Aithris 68

Recital 68

(68) Ionas go gcuirfear neart tuilleadh leis an smacht a bhíonn ag ábhar sonraí ar a chuid nó a cuid sonraí féin, i gcás go ndéantar na sonraí pearsanta a phróiseáil ar bhealach uathoibrithe, ba cheart a cheadú freisin don ábhar sonraí na sonraí pearsanta a bhaineann leis nó léi agus a chuir sé nó sí ar fáil do rialaitheoir i bhformáid atá struchtúrtha, a úsáidtear go coiteann, atá inléite ag meaisín agus atá idir-inoibritheach a fháil, agus iad a tharchur chuig rialaitheoir eile.

Ba cheart rialaitheoirí sonraí a spreagadh chun formáidí idir-inoibritheacha lena gcumasaítear iniomparthacht sonraí a fhorbairt.

Ba cheart feidhm a bheith ag an gceart sin i gcás gur ar bhonn a thoil nó a toil a chuir an t-ábhar sonraí na sonraí ar fáil nó más gá an phróiseáil a dhéanamh chun conradh a chomhlíonadh.

Níor cheart feidhm a bheith ag an gceart sin i gcás ina bhfuil próiseáil bunaithe ar fhoras dlíthiúil seachas toiliú nó conradh.

Mar gheall ar chineál an chirt sin, níor cheart é a fheidhmiú i gcoinne rialaitheoirí a dhéanann sonraí pearsanta a phróiseáil agus a ndualgais phoiblí á bhfeidhmiú acu.

Níor cheart, dá bhrí sin, feidhm a bheith aige i gcás ina bhfuil sé an phróiseáil a dhéantar ar shonraí pearsanta riachtanach chun go gcomhlíonfaí oibleagáid dhlíthiúil ar faoina réir atá an rialaitheoir nó chun cúram a chur i gcrích a dhéantar ar mhaithe le leas an phobail nó i bhfeidhmiú údaráis oifigiúil atá dílsithe don rialaitheoir.

Leis an gceart atá ag an ábhar sonraí sonraí pearsanta a bhaineann leis nó léi a tharchur nó a fháil, níor cheart oibleagáid a chruthú do na rialaitheoirí córais próiseála a ghlacadh nó a choimeád, ar córais iad atá comhoiriúnach ó thaobh na teicneolaíochta.

Más rud é, i sraith áirithe de shonraí pearsanta, go bhfuil níos mó ná ábhar sonraí amháin i gceist, ba cheart an ceart sonraí pearsanta a fháil a bheith gan dochar do chearta agus do shaoirsí ábhair eile eile sonraí i gcomhréir leis an Rialachán seo.

Thairis sin, níor cheart gur dhochar an ceart sin do cheart an ábhair sonraí go léirscriosfaí sonraí pearsanta ná do theorainneacha ar an gceart sin mar a leagtar amach iad sa Rialachán seo agus níor cheart, go háirithe, é a bheith i gceist leis go léirscriosfaí sonraí pearsanta a bhaineann leis an ábhar sonraí, a chuir sé nó sí ar fáil chun conradh a chomhlíonadh a mhéid agus a fhad is a bheidh na sonraí pearsanta riachtanach chun an conradh sin a fheidhmiú.

I gcás ina bhfuil sé indéanta go teicniúil, ba cheart an ceart a bheith ag an ábhar sonraí go ndéanfaí na sonraí pearsanta a tharchur go díreach ó rialaitheoir amháin go rialaitheoir eile.

(68) To further strengthen the control over his or her own data, where the processing of personal data is carried out by automated means, the data subject should also be allowed to receive personal data concerning him or her which he or she has provided to a controller in a structured, commonly used, machine-readable and interoperable format, and to transmit it to another controller.

Data controllers should be encouraged to develop interoperable formats that enable data portability.

That right should apply where the data subject provided the personal data on the basis of his or her consent or the processing is necessary for the performance of a contract.

It should not apply where processing is based on a legal ground other than consent or contract.

By its very nature, that right should not be exercised against controllers processing personal data in the exercise of their public duties.

It should therefore not apply where the processing of the personal data is necessary for compliance with a legal obligation to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of an official authority vested in the controller.

The data subject’s right to transmit or receive personal data concerning him or her should not create an obligation for the controllers to adopt or maintain processing systems which are technically compatible.

Where, in a certain set of personal data, more than one data subject is concerned, the right to receive the personal data should be without prejudice to the rights and freedoms of other data subjects in accordance with this Regulation.

Furthermore, that right should not prejudice the right of the data subject to obtain the erasure of personal data and the limitations of that right as set out in this Regulation and should, in particular, not imply the erasure of personal data concerning the data subject which have been provided by him or her for the performance of a contract to the extent that and for as long as the personal data are necessary for the performance of that contract.

Where technically feasible, the data subject should have the right to have the personal data transmitted directly from one controller to another.