Privacy Compliance Resources

GDPR Regulations

Where MinerEye Enables Your Organization to Comply with GDPR Regulations

This section presents describes how MinerEye’s solutions enable your organization to achieve compliance with GDPR requirements. This section is general and introductory in nature and is not intended to provide, and should not be relied on as, a source of legal advice.

About the GDPR

On 25 May 2018, the General Data Protection Regulation (Regulation (EU 2016/679) (‘GDPR’)) went into effect. The GDPR is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Territorial Scope of the GDPR

The GDPR applies to organizations that have a presence in the EU, notably entities that have an “establishment” in the EU.

Therefore, the GDPR applies to the processing of personal data by organizations established in the EU, regardless of whether the processing takes place in the EU or not. In relation to the extraterritorial scope, the GDPR applies to the processing activities of organizations that are not established in the EU, where processing activities are related to the offering of goods, or services to individuals in the EU.

Art. 43 GDPR – Certification bodies

Certification bodies which have an appropriate level of expertise in relation to data protection shall, after informing the supervisory authority, issue and renew certification. The certification bodies shall be responsible for the proper assessment leading…

Read More
Art. 44 GDPR – General principle for transfers

Article 44 allows you to transfer personal data which are undergoing processing or are intended for processing to a third country or to an international organization. It shall take place only if, subject to the other provisions of this regulation, the conditions laid down in this chapter are complied with by the controller and processor…

Read More
Art. 45 GDPR – Transfers on the basis of an adequacy decision

A controller or processor may transfer personal data to a third country or an international organization only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available…

Read More
Art. 46 GDPR – Transfers subject to appropriate safeguards

The competent supervisory authority shall approve binding corporate rules in accordance with the consistency mechanism in this regulation and article 46 establish certain conditions for transfer…

Read More
Art. 47 GDPR – Binding corporate rules

The competent supervisory authority shall approve binding corporate rules in accordance with the consistency mechanism in this regulation, provided that they: are legally binding and apply to and are enforced by every member concerned of the group of undertakings, or group of enterprises engaged in a joint economic activity, including their employees, among others rules…

Read More
Art. 48 GDPR – Transfers or disclosures not authorized by Union law

Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognized or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State…

Read More