Posted 4 years ago by aequitaslegal
RIGHT OF INFORMATION AND ACCESS
Data subjects have the right to know if their data is being processed as well as its location. They should have access to their personal data and the following information:
(a) The purposes of processing;
(b) The categories of personal data concerned;
(c) The recipients, or categories of recipients, to whom the personal data have been, or will be disclosed, including recipients in third countries or international organisations;
(d) Where possible the length of time that the personal data will be stored, or the criteria used to determine that period;
(e) The existence of the right of the Data Subject to request rectification or erasure of personal data as
well as the right to restrict or object to processing of data;
(f) The right to lodge a complaint with the supervisory authority;
(g) Information about the source of any data which has not been supplied by the Data Subject;
(h) The existence of automated decision-making, including profiling the logic involved and any consequences for the data subject; and
(i) Where personal data is transferred to a third country or international organisation, are there details ofany safeguards in place.
The data controller must provide a copy of the personal data being processed free of charge reasonable charges can be made for any further copies requested.
RIGHT TO RECTIFICATION
Data subjects have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning him or her from the Data Controller. Subject to the purposes for processing, the data subject has the right to have incomplete data completed, including by means of providing a supplementary statement.
RIGHT TO ERASURE (‘RIGHT TO BE
Data Subjects have the right to request that the data controller erases personal data concerning him
or her without undue delay and the controller is obliged to erase that data where one of the following grounds applies:
(a) The personal data is no longer necessary in relation to the purposes for which it was collected or processed;
(b) The data subject withdraws the consent upon which the processing is based and there is no other
legal ground for processing;
(c) The data subject objects to the processing and there are no overriding legitimate grounds for processing;
(d) The personal data has been unlawfully processed;
(e) The personal data has to be erased for compliance with a legal obligation; or
(f) The personal data has been collected in relation to the offering of information society services, Article
8.1.Where the Data Controller has made the personal data public, and is obliged to erase it, the data controller taking account of available technology and the cost of implementation; must take reasonable steps to inform data controllers processing the personal data that the data subject has requested
erasure. Personal data does not have to be erased where processing is necessary:
(a) For exercising the right of freedom of expression and information;
(b) For compliance with a legal obligation;
(c) For reasons of public interest in the area of public health Article 9.2 (h) and (i) and Article 9.3;
(d) For archiving purposes in the public interest, scientific or historical research purposes or statistical
purposes, in accordance with Article 89.1; or
(e) For the establishment, exercise or defence of legal claims.
RIGHT TO RESTRICTION OF PROCESSING
Data subjects have the right to restrict a Data Controller’s processing of their personal data where:
(a) The accuracy of the personal data is contested by the data subject. Processing can be restricted until the Data Controller has verified the accuracy of the personal data;
(b) The processing is unlawful but the data subject opposes erasure and requests restriction instead;
(c) The Data Controller no longer needs to process the personal data but the data is required by the data subject for the establishment, exercise or defence of legal claims; or
(d) The data subject has objected to processing pursuant to Article 21.1, pending verification whether the legitimate grounds of the controller override those of the data subject.
RIGHT TO PORTABILITY
Data subjects have the right to receive their personal data (where they have provided it to the Data
Controller), in a structured, commonly used and machine-readable format and to have the data transmitted to another data controller without hindrance, where:
(a) Processing is based on consent; and
(b) Processing is carried out by automated means.
This right is dependent on the transfer between the Data Controllers being technically feasible. The right will not apply to processing necessary for the performance of a task carried out in the public interest, or in the exercise of official authority vested in the controller. This right cannot be exercised if it will adversely affect the rights and freedoms of others.
RIGHT TO OBJECT
Data subjects have the right to object (on grounds relating to his/her situation) at any time to processing of their personal data which is based on:
• Necessity for the performance of a task carried out in the public interest, or in exercise of official
authority vested in the Data Controller Article 6.1.e; or
• Necessity for the purposes of legitimate interests pursued by the data controller or other third party,
except where this overrides the interests and fundamental freedoms of the data subject Article 6.1.f.
The Data Controller will have to stop processing the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. If personal data is processed for direct marketing purposes, data subjects can object at any time to the processing which includes profiling that is related to the direct marketing. Where the data subject does object, the personal data can no longer be processed for these purposes. The right to object must be brought to the data subject’s attention at the first time of communication with the data subject and should be presented clearly and separately from any other information. For online services there should be an automated method to register objection.
AUTOMATED PROCESSING AND PROFILING
1. Data subjects have the right to not be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or significantly affects him other.
2. This right will not apply if the decision:
(a) Is necessary for entering into, or performance of, a contract between the data subject and the Data Controller;
(b) Is authorised by Union or Member State law; or
(c) Is based on the data subject’s explicit consent.
3. The Data Controller must implement suitable measures to safeguard the data subject’s rights,
freedoms and legitimate interests, or at least the right to obtain human intervention and contest the decision.
4. Decisions referred to in paragraph 2, must not be based on special categories of data (unless the exceptions in Article 9.2 apply).
Matthew qualified as a Solicitor in 2009 and has worked in the personal injury field ever since, working in most areas of personal injury work. He has substantial experience in dealing with accidents in the workplace and accidents in public. He also heads up the Travel Claims Department which deals with accidents abroad in many areas such as road traffic accidents, package holiday accidents, cruise ship holidays and accidents on an aircraft.
Matthew has worked on and continues to work on claims of significant value. His most memorable settlements have been:
• Accident at work settling for £240,000.00 in which an individual employed as an engineer for Go-Ahead London Buses had his tibia and fibula broken as a result of a bus driver reversing over his leg whilst he was repairing the bus. The individual was left with permanent mobility problems and was unable to return to employment with the company.
• Recovered £50,000.00 for a lady who slipped on ice in the car park of a Co-operative store in Carlisle in which she fractured her right ankle. The Claimant was unemployed at the time of her accident and therefore the vast majority of her damages comprised of damages for personal injury compensation in addition to carer’s and treatment/rehabilitation costs.
• Occupiers claim in which two individuals slipped on foil confetti at an event at Blackpool Tower Ballroom in which one of the individuals suffered a fractured jaw and the other a fractured elbow. The case was disputed close to Trial before a settlement of £29,000 was agreed. Neither of the individuals required time off work, however, they did receive compensation for care they required post-accident in addition to injury.
Matthew is passionate about building a relationship with each of his clients in order to meet their expectations and understand them. having worked at the firm since it was established, his dedication to his work and customer service is unquestionable.
Rachel has over 20 years’ experience in law and prior to moving to Aequitas Legal had been with Pannone Solicitors for fourteen years spending the final five years in the role of a Quality and Supplier Manager.
Bio to be added
At the heart of most business transactions is a contract. A necessary document to ensure the balance of protection against facilitating business. Whilst we all hope for a positive trading…Read more