Navigazzjoni
RĠPD (GDPR) > Premessa 108
Download PDF

Premessa 108

Recital 108

(108) Fin-nuqqas ta’ deċiżjoni dwar l-adegwatezza, il-kontrollur jew il-proċessur għandu jieħu miżuri sabiex jikkumpensa għan-nuqqas ta’ protezzjoni tad-data f’pajjiż terz permezz ta’ salvagwardji adatti għas-suġġett tad-data.

Tali salvagwardji adatti jistgħu jikkonsistu mill-użu ta’ regoli korporattivi vinkolanti, klawżoli standard dwar il-protezzjoni tad-data adottati mill-Kummissjoni, klawżoli standard dwar il-protezzjoni tad-data adottati minn awtorità superviżorja jew klawżoli kuntrattwali awtorizzati minn awtorità superviżorja.

Dawk is-salvagwardji għandhom jiżguraw konformità mar-rekwiżiti għall-protezzjoni tad-data u d-drittijiet tas-suġġetti tad-data adatti għall-ipproċessar fl-Unjoni, inkluż id-disponibbiltà tad-drittijiet eżegwibbli tas-suġġett tad-data u tar-rimedji legali effettivi, inkluż id-dritt li jinkiseb rimedju amministrattiv jew ġudizzjarju effettiv u li jintalab kumpens, fl-Unjoni jew f’pajjiż terz.

B’mod partikolari, għandhom jirrigwardaw il-konformità mal-prinċipji ġenerali dwar l-ipproċessar tad-data personali, il-prinċipji tal-protezzjoni tad-data mid-disinn u b’mod awtomatiku.

Jistgħu jsiru trasferimenti wkoll mill-awtoritajiet jew mill-korpi pubbliċi ma’ awtoritajiet jew korpi pubbliċi f’pajjiżi terzi jew ma’ organizzazzjonijiet internazzjonali b’doveri jew funzjonijiet korrispondenti, inkluż abbażi ta’ dispożizzjonijiet li jiddaħħlu f’arranġamenti amministrattivi, bħal memorandum ta’ qbil, u jkunu previsti drittijiet infurzabbli u effettivi għas-suġġetti tad-data.

L-awtorizzazzjoni mill-awtorità superviżorja kompetenti għandha tinkiseb meta jkun hemm provvediment għas-salvagwardji f’arranġamenti amministrattivi li ma jkunux legalment vinkolanti.

(108) In the absence of an adequacy decision, the controller or processor should take measures to compensate for the lack of data protection in a third country by way of appropriate safeguards for the data subject.

Such appropriate safeguards may consist of making use of binding corporate rules, standard data protection clauses adopted by the Commission, standard data protection clauses adopted by a supervisory authority or contractual clauses authorised by a supervisory authority.

Those safeguards should ensure compliance with data protection requirements and the rights of the data subjects appropriate to processing within the Union, including the availability of enforceable data subject rights and of effective legal remedies, including to obtain effective administrative or judicial redress and to claim compensation, in the Union or in a third country.

They should relate in particular to compliance with the general principles relating to personal data processing, the principles of data protection by design and by default.

Transfers may also be carried out by public authorities or bodies with public authorities or bodies in third countries or with international organisations with corresponding duties or functions, including on the basis of provisions to be inserted into administrative arrangements, such as a memorandum of understanding, providing for enforceable and effective rights for data subjects.

Authorisation by the competent supervisory authority should be obtained when the safeguards are provided for in administrative arrangements that are not legally binding.