Scribd Logo
Upload

Welcome to Scribd!

  • Large Union Ltd. (Lul) - Eu Sme Co. Example

    Uploaded by

    kumar
    13 views3 pages
    David begins his new role by interviewing top management to evaluate how LUL meets its obligations under the seven data protection principles of the GDPR. These principles include ensuring the lawful and fair collection of personal data for specified purposes, minimizing the data collected, keeping data accurate and up-to-date, retaining data only as long as necessary, securing the data, and demonstrating compliance with the principles. David will apply these seven principles to each of LUL's processing operations to assess how compliant the company's practices are.

    Original Description:

    Original Title

    2.2_Example+1+-+part+2 (1).pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    David begins his new role by interviewing top management to evaluate how LUL meets its obligations under the seven data protection principles of the GDPR. These principles include ensuring the lawful and fair collection of personal data for specified purposes, minimizing the data collected, keeping data accurate and up-to-date, retaining data only as long as necessary, securing the data, and demonstrating compliance with the principles. David will apply these seven principles to each of LUL's processing operations to assess how compliant the company's practices are.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views3 pages

    Large Union Ltd. (Lul) - Eu Sme Co. Example

    Uploaded by

    kumar
    David begins his new role by interviewing top management to evaluate how LUL meets its obligations under the seven data protection principles of the GDPR. These principles include ensuring the lawful and fair collection of personal data for specified purposes, minimizing the data collected, keeping data accurate and up-to-date, retaining data only as long as necessary, securing the data, and demonstrating compliance with the principles. David will apply these seven principles to each of LUL's processing operations to assess how compliant the company's practices are.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    LARGE UNION LTD.

    (LUL) Part 2
    – EU SME CO. EXAMPLE
    ASSESSING GDPR
    COMPLIANCE
    David begins his role by interviewing top management

    He will first evaluate how LUL meets its obligations for the seven DP principles

    The processing activities should show that all the directly collected data was collected and
    stored.

    The seven DP principles can be applied to against each of the processing operations to
    understand how compliant the controller is.
    THE MAGIC „7“
    P1: Was the processing lawful, fair, and transparent?
    P2: Was the collection for a specified, explicit, and legitimate purpose?
    P3: Is data minimized through processing only what is adequate, relevant, and necessary
    for the purposes?
    P4: Is personal data accurate and up to date?
    P5: Is personal data kept no longer than necessary?
    P6: Is security appropriate to prevent unauthorized loss or disclosure of personal data?
    P7: Can the controller demonstrate compliance with P1–P6?

    You might also like