GDPR includes several derogations, or exemptions, from the regulation. One of the derogations is when information (personal data) on individuals is not in an organized state. For example, when the data is not in a filing system.
This specific derogation is referenced in GDPR Citation (15)'
"In order to prevent creating a serious risk of circumvention, the protection of natural persons should be technologically neutral and should not depend on the techniques used. The protection of natural persons should apply to the processing of personal data by automated means, as well as to manual processing, if the personal data are contained or are intended to be contained in a filing system. Files or sets of files, as well as their cover pages, which are not structured according to specific criteria should not fall within the scope of this Regulation."
No comments:
Post a Comment