8 new rights to guarantee to European residents 3/3
Last December, Matthieu Blanc – Ex – VP Product for Zeenea – asked himself: “How will the GDPR change the Big Data world?” In this series of articles, we focus on the legal aspects explained during his conference at XebiCon’17.
One of the main objectives of the GDPR is to strengthen the rights of individuals.
European residents have 8 new rights:
1) Right to be informed (Art 13 & 14)
2) Right of access (Art 15)
3) Right of rectification (Art 16)
The right of rectification completes the right of access. A person may request that their inaccurate data are rectified, or incomplete to be completed. It prevents an organization from processing or spreading false information about you.
4) Right to data portability (Art 20)
This is a new right. The right to portability gives people the ability to retrieve some of their data in an open, readable format. They can store or transmit them easily from one information system to another, for reuse for their personal purposes. This may be the case with telecom operators for example.
5) Right to object (Art 21)
Anyone has the opportunity to object, for legitimate reasons, to a file. They may also refuse, without having to justify themselves, that their data be used for commercial prospecting purposes.
6) Right to erasure - right to be forgotten (Art 17)
A person has the right to demand, as soon as possible, the deletion of their data, when:
If the person responsible makes their data public, he or she will have to inform the other data regulators who process it that the data must be erased and not reproduced.
7) Right to restriction of processing (Art 18)
A person has the right to obtain the limitation of processing when they have objected to it, when they dispute the accuracy of the data, when their treatment is unlawful, or when they need it for finding, exercising or defending their rights in court.
8) Automated individual decision-making, including profiling (Art 22)
A person has the right not to be the subject of a decision based exclusively on automated processing, including profiling, producing legal effects concerning or affecting them, except where that decision is necessary for the conclusion or performance of a contract, is lawfully authorized, or is based on their consent.
(FRENCH) WATCH THE GDPR & BIG DATA CONFERENCE
A few months into the GDPR’s implementation, companies are still trying to understand the organizational and technical measures to put in place around their Big Data. Come find the answers to your questions and sweep together the actions to be taken to bring the regulation into compliance.