Pregledni rad
https://doi.org/10.3935/zpfz.74.4.6
Concept of Joint Controllers and Data Processing for Secondary Purposes According to the General Data Protection Regulation (EU) 2016/679
Hrvoje Lisičar
Marko Jurić
Sažetak
Although the possibility of participation of two or more subjects in the processing of personal data as joint controllers was already provided for in Directive 95/46/EC, and despite the interpretations of the Court of Justice of the European Union, which in its judgments clearly points to the necessity of a wider application of the above-mentioned concept, until the adoption of the General Data Protection Regulation (EU) 2016/679, in practice, this concept did not fully take root. Only after the entry into force of the General Data Protection Regulation, which aims to achieve a higher level of protection of data subjects' rights and imposes greater responsibility on the responsible entities for handling personal data, will a wider discussion on the application of the concept of joint controllers open. The aim of this paper is to consider the essential elements in the delimitation of the role of joint managers and processors, to determine, based on existing case law, which criteria need to be taken into account when assessing joint controllership, and finally, based on the available literature and judicial practice of supervisory bodies and the Court of Justice of the European Union, to consider the possibilities of secondary use of personal data by one of the controllers that participated in the primary data processing in the capacity of a joint controller.
Ključne riječi
General Data Protection Regulation; GDPR; data protection; personal data; joint controllers; secondary purpose
Hrčak ID:
323784
URI
Datum izdavanja:
1.12.2024.
Posjeta: 0 *