With99 articlesand173 recitals, the GDPR is a pretty substantial document. It is currently thestrictest and most protective privacy legislationin the world, earning it the moniker "gold standard of privacy laws." Today, the GDPR serves as a blueprint from which non-EU countries draw inspiration...
Processor: A natural or legal person, public authority, agency, or other body, which processes personal data on behalf of the controller. Customer Data: Data produced and stored in the day-to-day operations of running your business.What is the GDPR?The...
pursuant to GDPR Article 27(1), then the supervisory authority of one of the EU Member States in which the data subjects whose Customer Personal Data is transferred under the EU SCCs in relation to the offering of goods or services to them are located will act as competent supervisory ...
Personal data can only be processed on specific grounds, each of which the GDPR refers to as a ‘lawful basis’. Consent is one possible lawful basis, but the GDPR sets a high bar for valid consent. The request must be clear and in plain language. The data subject has the right to wi...
“Supervisory Authority” means an independent public authority which is established by an EU Member State pursuant to the GDPR. “SCCs” means: (i) where the EU GDPR applies, the contractual clauses annexed to the European Commission’s Implementing Decision 2021/914 of 4 June 2021 on standard...
the sar must be submitted via the user interface in the ortto inc. services. the controller must identify the sar that is being requested. sar requirements: the date by which the sar is submitted, identification is verified, and the specification of the sar request type must be recorded; ...
that are binding on us. Any condition, warranty, representation or other term concerning the supply of the Services and our Platform which might otherwise be implied into, or incorporated in, these Terms whether by statute, common law or otherwise, is excluded to the fullest extent permitted by...
We act on the instructions of the controller (you). Similar to controllers, processors are expected to enumerate how they handle personal data, which we have outlined in this document and the legal documents listed below. As a processor, we rely on our customers to ensure that there is a ...
Business, for the purpose of the CCPA (California Consumer Privacy Act), refers to the Company as the legal entity that collects Consumers' personal information and determines the purposes and means of the processing of Consumers' personal information, or on behalf of which such information is col...
We will not transfer personal data relating to you to a country which is outside the EEA unless: The country or recipient is considered to provide adequate protections for personal data, or appropriate safeguards have been put in place which meet the requirements of GDPR, such as using the Eu...