NEWSLETTER-2017
321 PERSONAL DATA PROTECTION • Data Protection Officers (DPOs) . As per Art. 37 of the GDPR, the data controller and processor shall designate a data protection officer in any case where: a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; b) the core activities of the controller or the processor con- sist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or c) the core activities of the controller or the processor con- sist of processing on a large scale of special categories of data and personal data relating to criminal convicti- ons and offences. • Transfer of Data Outside of the EU . Art. 45(3) of the GDPR allows the Commission to decide that a third country, a terri- tory or one or more specified sectors within a third country, or an international organization ensures an adequate level of protection. In the absence of such a decision, as per Art. 46 GDPR, a controller or processor may transfer personal data to a third country or an international organization only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. • The One-Stop-Shop Mechanism. The one-stop-shop mec- hanism means that even though data controller or processor is located in various Member States, or if the activities of a single establishment of a controller or processor in the EU substantially affect data subjects in more than one Member State, the supervisory authority of the Member State where the entity has its “main establishment” will act as the lead authority for all data processing activities that have an im- pact throughout the EU 7 . The rules on the lead supervisory 7 Gilbert, Francoise. EU General Data Protection Regulation: What Impact on Businesses Established Outside the European Union, Journal of Internet Law,
Made with FlippingBook
RkJQdWJsaXNoZXIy MjUzNjE=