Data processing
The use of your personal data by somebody else, such as a public authority or a private individual or entity, is called data processing.
Data processing includes all actions and activities concerning information about a person. Personal data processing is allowed only in specific situations and is listed exhaustively in the General Data Protection Regulation.
Data processing activities can include:
- data collection
- recording
- organisation
- storage
- updating
- rectification
- disclosure and otherwise making your data available to other persons
- deletion
An example of a data record and storage is the inclusion of your name, identity code and address in the Registry of Population of Estonia, so that public authorities can contact you where needed.
An example of data disclosure is where your employer disseminates a list which includes the date of birth and mobile phone numbers of other employees between employees.
Resources
Law
2
Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
In force as of 27 April 2016
Applicable as of 25 May 2018
Articles 4 (2), 5-6, 9-10
Applicable as of 25 May 2018
Articles 4 (2), 5-6, 9-10
Case Law
1
Other
1
Handbook on European data protection law
2018 edition
Joint publication by the EU Agency for Fundamental Rights and the Council of Europe
Joint publication by the EU Agency for Fundamental Rights and the Council of Europe
Human Rights Guide
A European platform for human rights education