Back

Include data subject's rights in the Binding Corporate Rules.


CONTROL ID
12596
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain Binding Corporate Rules for the international transfers of restricted data., CC ID: 12584

This Control has the following implementation support Control(s):
  • Include the means to exercise the data subject's rights in the Binding Corporate Rules., CC ID: 12597


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • the rights of data subjects in regard to processing and the means to exercise those rights, including the right not to be subject to decisions based solely on automated processing, including profiling in accordance with Article 22, the right to lodge a complaint with the competent supervisory author… (Art. 47.2.(e), Regulation (EU) 2016/679 of The European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation))
  • the application of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design and by default, legal basis for processing, processing of special categories of personal data, measures to ensure data secu… (Art. 47.2.(d), Regulation (EU) 2016/679 of The European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation))
  • provisions to be inserted into administrative arrangements between public authorities or bodies which include enforceable and effective data subject rights. (Art. 46.3.(b), Regulation (EU) 2016/679 of The European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation))