One of the subjects that are specifically protected by the General Data Protection Regulation is the child. The GDPR requires specific protection for children, their data and specific risks to their rights and freedoms. However, one of the most important actions to limit their privacy, carried out in a systemic and global manner with the emergence of technology, is their electronic monitoring and surveillance by parents or those exercising gu...

The application of the GDPR by personal data controllers encounters difficulties in understanding some terms. Among these terms is the term “security incident”, often confused with the term homologous to either the ISO 27001 standard or the NIS Directive. The material highlights that the notion of security incident in the GDPR must be interpreted in a legal sense. It implies the existence of a breach of the right to protection of personal data....

Mapping of personal data processing is one of the important technical activities that must be carried out in the case of certain personal data operators. However, the implementation of the General Data Protection Regulation has led to a number of problems, some of which are presented in the present paper.

The effective protection of personal data throughout the European Union required the strengthening and setting out in detail the obligations of those who process and determine the processing of personal data. In order to ensure a processing which meets the requirements of the General Data Protection Regulation and protects the rights of data subjects, the controller and the processor have the obligation to apply appropriate technical and orga...

Prior to the General Data Protection Regulation (GDPR), the procedure for notifying the supervisory authority was designed to ensure disclosure of the purposes and main features of any processing operation for the purpose of verification that the operation is in accordance with the national measures taken under Directive 95/46/EC. With the application of Regulation (EU) 2016/679, controllers are no longer required to notify data processing, ho...

The article considers elements of consent, as they are regulated by art. 6 of Regulation (EU) 2016/679 on the person who has given his/her consent in regards to the processing of his/her personal data for one or more specific purposes. Issues regarding the transition from the old to the new legislation such as the processing of private data that has been obtained before the Regulation was enforced have also been taken into consideration. ...