Evaluation for a Data Protection Impact Sample Clauses

The 'Evaluation for a Data Protection Impact' clause requires an assessment of how a project or processing activity may affect the privacy and protection of personal data. In practice, this involves identifying potential risks to individuals' data rights before starting new data processing operations, such as launching a new app that collects user information or changing how customer data is stored. The core function of this clause is to ensure that organizations proactively address privacy risks, comply with data protection laws, and implement safeguards to prevent data breaches or misuse.
Evaluation for a Data Protection Impact. Assessment (DPIA) 1.1 Identifying if a DPIA is required The below checklist can assist organisations to understand if they require a DPIA pursuant to Article 35 GDPR to support their data sharing agreement. The questions should be answered in relation to the entire project that the data share corresponds to. This ensures that Public Service Bodies (PSBs) have the opportunity to be transparent in the evaluation of risks in relation to the data required for this process. The completion of a DPIA is relevant to this data sharing agreement as you will be asked to provide a summary of any DPIA carried out in Section 16 of this document.
View SourceView Similar (8)
Evaluation for a Data Protection Impact. Assessment (DPIA) 1.1 Identifying if a DPIA is required The below checklist can assist organisations to understand if they require a DPIA pursuant to Article 35 GDPR to support their data sharing agreement. The questions should be answered in relation to the entire project that the data share corresponds to. This ensures that Public Service Bodies (PSBs) have the opportunity to be transparent in the evaluation of risks in relation to the data required for this process. The completion of a DPIA is relevant to this data sharing agreement as you will be asked to provide a summary of any DPIA carried out in Section 16 of this document. The questions below should be completed by the Lead Agency together with the Other Parties involved in this data sharing agreement. Please contact your DPO in relation to the requirement to carry out a DPIA. DOES THE PROCESS INVOLVE: YES/NO 1.1.1 Processing being carried out prior to 25th May 2018? NO Table 1.1 If ‘Yes’ proceed to 1.2 If ‘No’ proceed to 1.1.2 DOES THE PROCESS INVOLVE: YES/NO 1.1.2 A new purpose for which personal data is processed? NO 1.1.3 The introduction of new types of technology? NO
View SourceView Similar (4)
Evaluation for a Data Protection Impact. Assessment (DPIA)‌ The completion of a DPIA can help data controllers to meet their obligations in relation to data protection law. Article 35 of the GDPR sets out when a DPIA is required. Data controllers should periodically re-evaluate the risk associated with existing processing activities to understand if a DPIA is now required. 1.1 Identifying if a DPIA is required The below checklist can assist organisations to understand if they require a DPIA pursuant to Article 35 GDPR to support their data sharing agreement. The questions should be answered in relation to the entire project that the data share corresponds to. This ensures that Public Service Bodies (PSBs) have the opportunity to be transparent in the evaluation of risks in relation to the data required for this process. The completion of a DPIA is relevant to this data sharing agreement as you will be asked to provide a summary of any DPIA carried out in Section 16 of this document.
View Source

Related to Evaluation for a Data Protection Impact

  • Data Protection Impact Assessment If, pursuant to Data Protection Law, Customer (or its Controllers) are required to perform a data protection impact assessment or prior consultation with a regulator, at Customer’s request, SAP will provide such documents as are generally available for the Cloud Service (for example, this DPA, the Agreement, audit reports or certifications). Any additional assistance shall be mutually agreed between the Parties.

  • Data Protection Impact Assessments Workday will, at Customer’s request and subject to the confidentiality terms set forth in the UMSA, make its most recent Audit Reports and Certifications available to Customer. To the extent Customer requires additional assistance to meet its obligations under applicable Data Protection Laws to carry out a data protection impact assessment and prior consultation with the competent supervisory authority related to Customer’s use of the Covered Service, Workday will, taking into account the nature of Processing and the information available to Workday, provide reasonable assistance to Customer.

  • Data Protection Impact Assessment and Prior Consultation Processor shall provide reasonable assistance to the Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.

  • Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (▇▇▇▇)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.

  • Information for Regulatory Compliance Each of the Company and the Depositary shall provide to the other, as promptly as practicable, information from its records or otherwise available to it that is reasonably requested by the other to permit the other to comply with applicable law or requirements of governmental or regulatory authorities.