Privacy Compliance Resources

GDPR Regulations

Where MinerEye Enables Your Organization to Comply with GDPR Regulations

This section presents describes how MinerEye’s solutions enable your organization to achieve compliance with GDPR requirements. This section is general and introductory in nature and is not intended to provide, and should not be relied on as, a source of legal advice.

About the GDPR

On 25 May 2018, the General Data Protection Regulation (Regulation (EU 2016/679) (‘GDPR’)) went into effect. The GDPR is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Territorial Scope of the GDPR

The GDPR applies to organizations that have a presence in the EU, notably entities that have an “establishment” in the EU.

Therefore, the GDPR applies to the processing of personal data by organizations established in the EU, regardless of whether the processing takes place in the EU or not. In relation to the extraterritorial scope, the GDPR applies to the processing activities of organizations that are not established in the EU, where processing activities are related to the offering of goods, or services to individuals in the EU.

Art. 25 GDPR – Data Protection by Design and by Default

Article 25 establishes the concepts of data protection by design and data protection by default.  Data protection by design is about considering data protection and privacy issues as priority in everything you do. It can help you ensure that you comply with the GDPR’s fundamental principles and requirements, and forms part of the focus on accountability…

Read More
Art. 26 GDPR – Joint controllers

Article 26 establishes the figure of joint controllers, when two or more controllers are responsible for processing the same data…

Read More
Art. 27 GDPR – Representatives of controllers or processors not established in the Union

When the controller is not based in the territory of the Union, a representative must be established in the territory of the data processing or at the place where the collection is carried out…

Read More
Art. 28 GDPR – Processor

Article 28 establishes the general conditions of responsibility of the processor…

Read More
Art. 29 GDPR – Processing under the authority of the controller or processor

The processor and any person acting under the authority of the controller or of the processor, who has access to personal data, shall not process those data except on instructions from the controller…

Read More
Art. 30 GDPR – Records of processing activities

Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under their responsibility. That record shall contain some information such as the name of the controller, purposes of processing, among others…

Read More