Privacy Compliance Resources

GDPR Regulations

Where MinerEye Enables Your Organization to Comply with GDPR Regulations

This section presents describes how MinerEye’s solutions enable your organization to achieve compliance with GDPR requirements. This section is general and introductory in nature and is not intended to provide, and should not be relied on as, a source of legal advice.

About the GDPR

On 25 May 2018, the General Data Protection Regulation (Regulation (EU 2016/679) (‘GDPR’)) went into effect. The GDPR is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Territorial Scope of the GDPR

The GDPR applies to organizations that have a presence in the EU, notably entities that have an “establishment” in the EU.

Therefore, the GDPR applies to the processing of personal data by organizations established in the EU, regardless of whether the processing takes place in the EU or not. In relation to the extraterritorial scope, the GDPR applies to the processing activities of organizations that are not established in the EU, where processing activities are related to the offering of goods, or services to individuals in the EU.

Art. 7 GDPR – Conditions for consent

Article 7 presents general conditions for the consent of the data subject. Such consent must be capable of proof. The data subject is also authorized by article 7 to withdraw their consent for the processing of their data at any time…

Read More
Art. 8 GDPR – Conditions applicable to child’s consent in relation to information society services

Article 8 sets out general conditions for processing data for children. When the child is 16 years of age or older, processing will be legal (lawfulness). When the child is under the age of 16, processing will only be legal if there is consent by a parent or legal guardian…

Read More
Art. 9 GDPR – Processing of special categories of personal data

The GDPR was concerned with certain categories of data which it classified as sensitive. Such categories deserve high security treatment and are highlighted in the regulation. During the development of MinerEye DataTracker, we were concerned with creating a strategic logic to maximize compliance with the GDPR in relation to sensitive data. In short, sensitive data is…

Read More
Art. 10 GDPR – Processing of personal data relating to criminal convictions and offences

Article 10 states that any information relating to a person that contains criminal data (convictions, etc.) must only be processed by a body of State or institutions that have a license to do so…

Read More
Art. 11 GDPR – Processing which does not require identification

When the purposes for which a controller processes personal data do not or do no longer require the identification of the data subject by the controller, the controller shall not be obliged to maintain, acquire or process additional information in order to identify the data subject for the sole purpose of complying with the GDPR…

Read More
Art. 12 GDPR – Transparent information, communication and modalities for the exercise of the rights of the data subject

Article 12 is a complex action article that provides different categories of information and general conditions of adequacy on data processing, including the importance of clear language when information is conveyed to children…

Read More