webofneeds icon indicating copy to clipboard operation
webofneeds copied to clipboard

Published 20 hours ago verified publisher icon researchstudio-sat

"Verfahrensverzeichnis"

Open quasarchimaere opened this issue 6 years ago • 4 comments

What actually needs to be implemented here is based upon the research of GDPR Compliance that will be made by @sigpie child of #1772 depends on #2521

quasarchimaere avatar May 24 '18 07:05 quasarchimaere

what's the question to be discussed here? :)

pheara avatar May 29 '18 12:05 pheara

@m0ru nothing for now, it had the discuss/clarify tag so we actually take a look in what needs to be done to be gdpr compliant

quasarchimaere avatar Nov 14 '18 11:11 quasarchimaere

The GDPR states that some information, e.g. what data is processed and who's the controller needs to be stored, see https://gdpr-info.eu/art-30-gdpr/

It's also stated that organisations with less than 250 employees don't need to have records of data processing, unless "the processing is not occasional". However, occasional isn't defined, so it's unclear whether we are extempted or not.

According to https://www.dataprotect.at/leistungen/vv/ only processes that involve handling personal data by us need to be recorded, not processes that happen automatically. E.g. analysing user posts to get information about WoN usage would need to be recorded, but not matching that's done automatically.

sigpie avatar Nov 23 '18 13:11 sigpie

@fkleedorfer in regard to the comment by @sigpie i suggest we could add a "verfahrensverzeichnis" just to be on the safe side, because imho data-processing isnt really an occasional thing for us, due to our constant matching of the stored data

quasarchimaere avatar Mar 14 '19 11:03 quasarchimaere