JOINT CONTROLLER AGREEMENT UNDER GDPR
DOI:
https://doi.org/10.25234/eclic/9043Abstract
The GDPR obliges organisations to keep watch for potential instances of joint controllership of personal data. Where those instances arise, organisations must enter into suitable “arrangements” that apportion data protection compliance responsibilities between joint data controllers. The controller means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. But, f.i. in the case of the case of a Biobank, more than one public bodies are the controllers of personal data, and their processing takes place in an intra-group context. The paper will analyse elements established by art. 26 GDPR for Joint Controller Agreement for managing personal data under GDPR, the respective roles and relationships of the joint controllers vis-à-vis the data subjects, as well as responsibility and liability of controllers and processors.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2019 Valentina Colcelli
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Authors retain the copyright on the papers published in the Journal, but grant the right of first publication to the Journal. Papers accepted for publication or already published in ECLIC of the Faculty of Law in Osijek may be published by the author(s) in other publications only with proper notice of its previous publication in ECLIC.
