European Data Protection Law and Regulation Flashcards Preview

CIPP/E > European Data Protection Law and Regulation > Flashcards

Flashcards in European Data Protection Law and Regulation Deck (2)
Loading flashcards...
1

Material Scope of GDPR

applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system.
DOES NOT Apply to processing of personal data if (a) activity outside scope of EU law, (b) by Member State when activities ch.2,titleV of TEU (foreign and security policy), (c)natural person for purely personal or household activities (d) criminal or public security investigation

2

Territorial Scope

Article 3:
1. to controller of processor in the EU whether processing in EU or not
2. to the processing of personal data of data subjects who are in the EU by controller or processor not in EU when the processing relates to: (a) offering of goods and services (whether paid or not) to data subjects in EU) (b) the monitoring of their behavior if in EU
3. to processing of personal data by CONTROLLER not in Eu but where Member State law applies by virtue of public international law.