LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

EU GDPR and scrapping data

  Quote
Guest
Guest user Created:   Jan 22, 2019 Last commented:   Feb 07, 2019

EU GDPR and scrapping data

1. Hello, I am just trying to launch my startup. It is based on the development of an application. Among other things, this application aims at scraping people's data from public sources. Thus I have a few questions. What should I do to scrap aligned to GDPR?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Jan 22, 2019

Answer: When scrapping data, one of the most important things you need to do is to determine your role as either a data controller or a data processor. This mostly depends on who your clients are. Secondly, you need to ensure that the scrapped data is not subject to exemptions under the GDPR, such as data processed for the public interest.

2. If in the future I wish to upgrade it with machine learning techniques, could I use the data stored?

Answer: This depends on what data you are storing. If it's personal data, then you will most likely be acting as a data controller and you should have a valid lawful ground for processing and you should provide an adequate Privacy Notice to the data subjects.

3. Summarizing, what "privacy by design" strategies should I take into a ccount for both aspects?

Answer: As for the privacy by design question, it is impossible to answer it without an in-depth analysis of the product and its features. If you want to find out more about the EU GDPR, check out our free EU GDPR Foundation Course (https://training.advisera.com/se/eu-gdpr-foundations-course//).
Quote
0 0
Expert
Andrei Hanganu Feb 07, 2019
We've received further questions:

> 1. Thanks, Andrei, very useful! Could you go into more depth about "scraping people's data from public sources"? Are these sources somehow infomediaries, communication media,..?

Answer: Public sources refer, for example, to news websites or websites where details of the individual can be found under certain circumstances, for example, a writer's biography or public officials' CVs.

> 2. A valid lawful ground would be based on just publishing an adequate Privacy Notice at the web to let data subjects know details, or should we also need also to directly contact them and get their consent? Thanks in advance

Answer: Depends on how you provide the scrapping service. I guess that someone would come to you and ask you to scrap his data, thus you would need to have the permission of that person.
Quote
0 0
Expert
Andrei Hanganu Feb 25, 2019
We've received an additional question:

> If a crawler like Google is allowed to crawl data from webs, may I crawl Google data with an app? In other words, am I allowed to crawl a crawler?

Answer:

Google, like many others, has Privacy Notices, Privacy Policies as well as other documents and tools to enable users to understand what is happening with their data and to allow them to exercise some of their rights. I am not saying they are perfect, not by a long shot but they at least have something. And an army of well-prepared lawyers. Still, they failed numerous times and have just paid 50 mil euros fine in France.
So, long story short - you can try to act like Google but you need to be ready to face the consequences if you don't comply with the privacy laws especially the EU GDPR.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 22, 2019

Feb 25, 2019

Suggested Topics

Guest user Created:   Dec 14, 2021 EU GDPR
Replies: 1
0 0

EU GDPR questions

Guest user Created:   Dec 10, 2021 EU GDPR
Replies: 1
0 0

Data protection