(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.
Here is the relevant paragraphs to article 21(4) GDPR:
7.3.2 Determining information for PII principals
Control
The organization should determine and document the information to be provided to PII principals regarding the processing of their PII and the timing of such a provision.
Implementation guidance
The organization should determine the legal, regulatory and/or business requirements for when information is to be provided to the PII principal (e.g. prior to processing, within a certain time from when it is requested, etc.) and for the type of information to be provided.
…
登入
访问全文
Source: https://www.ndc.gov.tw/Content_List.aspx?n=F98A8C27A0F54C30
(EN)
Concern: Request to stop processing my personal data
Dear Madam, Dear Sir,
You have data concerning me that I am asking you to stop processing…
…
登入
访问全文
(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.
Here is the relevant paragraph to article 21 GDPR:
7.3.5 Providing mechanism to object to PII processing
Control
The organization should provide a mechanism for PII principals to object to the processing of their PII.
Implementation guidance
Some jurisdictions provide PII principals with a right to object to the processing of their PII.
…
登入
访问全文
(EN)