Expert Advice Community

Guest

GDPR Data Controller or Data Processor

  Quote
Guest
Guest user Created:   Jun 21, 2019 Last commented:   Jun 21, 2019

GDPR Data Controller or Data Processor

Can my controller ask me to conduct DPIA for the processing activities that involve me as a data processor?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Jun 21, 2019

Answer:

Article 35 of the GDPR clearly states that "Where a type of processing, in particular, using new technologies, and taking into account the nature, scope, context, and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data."

So here it says where the responsibility lies.

Moreover, as processors we have no visibility on the processing activities carried out by the data controller, we cannot decide how to deal with data subject's rights, retention periods, etc. so we don't have enough information to perform a DPIA event if we wanted to.

Processors obligation under article 28(f) requires you to assist the controllers "in ensuring compliance with the obligations pursuant to Articles 32 to 36 taking into account the nature of processing and the information available to the processor" so once again is clearly stated that the responsible ones for the DPIA are the controllers.

So it should be the controller that need to perform the DPIA and we will be providing based on their specific requests.

If you want to learn more about DPIAs check out his this free webinar Seven steps of Data Protection Impact Assessment (DPIA) according to EU GDPR (https://advisera.com/eugdpracademy/webinar/seven-steps-of-data-protection-impact-assessment-dpia-according-to-eu-gdpr-free-webinar-on-demand/)
Quote
0 0
Guest
jayko7 Jun 21, 2019
Thanks a lot Andrei
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 21, 2019

Jun 21, 2019

Suggested Topics