항해
GDPR > 제16조. 정정권
다운로드 PDF

제16조 GDPR. 정정권

Article 16 GDPR. Right to rectification

정보주체는 본인에 관하여 부정확한 개인정보를 부당한 지체 없이 정정하도록 컨트롤러에게 요구할 권리를 가진다. 정보주체는 처리목적을 참작하여 추가 진술을 제공할 수단을 통하는 등, 불완전한 개인정보를 보완할 권리를 가진다.

The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

전문가 해설 ISO 27701 지침 및 사례 법률 코멘트를 남겨주세요
전문가 해설

(EN) The Council of Europe recommended, in 1973, that “inaccurate information” should be corrected in the context of data compiled in electronic data banks (Resolution on the Protection of the Privacy of Individuals vis-a-vis Electronic Data Banks in the Private Sector). So, it is not surprising that the European Union 2016 General Data Protection Regulation provides for a “right to rectification”. The surprise comes from the absence of guidance regarding the rights and responsibilities related to the exercise of that right.


전체 텍스트에 액세스하려면

(EN) Author
Louis-Philippe Gratton
(EN) Louis-Philippe Gratton PhD, LLM
(EN) Privacy Expert

(EN)

Data Subject Request Letter Sample

Concern: Request to rectify inaccurate personal data

Dear Madam, Dear Sir,

You have data concerning me that are inaccurate…


전체 텍스트에 액세스하려면

(EN) Author
Louis-Philippe Gratton
(EN) Louis-Philippe Gratton PhD, LLM
(EN) Privacy Expert

(EN)

Data Subject Request Letter Sample

Concern: Request to rectify incomplete personal data

Dear Madam, Dear Sir,

You have data concerning me that are incomplete…


전체 텍스트에 액세스하려면

(EN) Author
Louis-Philippe Gratton
(EN) Louis-Philippe Gratton PhD, LLM
(EN) Privacy Expert
(EN) Author
Siarhei Varankevich
(EN) Siarhei Varankevich CIPP/E, CIPM, CIPT, MBA, FIP
FIP_IAPP
(EN) Co-Founder & CEO of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
ISO 27701

(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.

Here is the relevant paragraph to article 16 GDPR:

7.3.6 Access, correction and/or erasure

Control

The organization should implement policies, procedures and/or mechanisms to meet their obligations to PII principals to access, correct and/or erase their PII.

Implementation guidance

The organization should implement policies, procedures and/or mechanisms for enabling PII principals to obtain access to, correct and erase of their PII, if requested and without undue delay.


전체 텍스트에 액세스하려면

지침 및 사례 법률 코멘트를 남겨주세요
[js-disqus]