The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU.
A person who lives in the EU whose personal data is processed by a controller or processor
Any information related to a Data Subject, that can be used to directly or indirectly identify the person
A company or organisation that collects and/or determines the purposes, conditions and means of the processing of personal data. In the context of your relationship with FULL FABRIC, you’re collecting personal data and are determining how it will be processed and are therefore the controller of that data, and must comply with applicable data privacy legislation accordingly.
The company or organisation that processes data on behalf of the Data Controller. In the context of your relationship with FULL FABRIC, we are the Data Processor.
Any operation performed on personal data or sets of personal data, by automated means or otherwise, including collection, use, structuring, storage, adaptation or alteration, retrieval, consultation, dissemination, restriction, erasure or destruction.
Any automated processing of personal data intended to evaluate, analyse, or predict data subject behaviour,
Personal data that is protected through technological measures to ensure that the data is only accessible/readable by those with specified access.
Data Privacy Impact Assessment
A documented assessment used to identify and reduce the privacy risks of entities by analysing the personal data that are processed and the policies in place to protect the data,
The requirement for controllers to provide the data subject with a copy of his or her data in a format that allows for easy use with another controller.
Right to Access
Also known as Subject Access Right, it entitles the data subject to have access to and information about the personal data that a controller has concerning them
Right to be Forgotten
Also known as Data Erasure, it entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties cease processing of the data.
A public authority which is established by a member state in accordance with article 46.
Countries outside the EU
Standard Contractual Clauses
The Standard Contractual Clauses, sometimes referred to as “model clauses”, are standardised contract language (approved by the European Commission) that is one method of permission for controllers/processors to send personal data to third countries.