Is there a scope in the EC
EU General Data Protection Regulation (GDPR): Material and spatial scope
Applicability of the GDPR
Material scope of the GDPR and the Austrian Data Protection Act
The GDPR regulates the protection of natural persons when processing personal data.
It applies to
the fully or partially automated processing of personal data and
the non-automated processing of personal data that is or is to be stored in a file system.
The technology used is not essential. However, manual files that are not subject to any order are not recorded.
Paper files that are not classified according to certain criteria are not subject to the regulation.
If natural persons process personal data exclusively for the exercise of personal and family activities, the GDPR does not apply (example: private individuals use social networks).
In contrast, the GDPR applies to providers of instruments for processing data for personal or family activities (e.g. operators of social networks).
The DSG makes it clear that both the provisions of the DSGVO and the provisions of the newly regulated area of legal consequences in the DSG only apply to the processing of data natural persons apply (this applies in particular to the criminal regime).
Spatial scope of the GDPR
- Offices in the EU
The GDPR applies to the processing of personal data for activities of a branch in the Union. It does not matter whether it is the branch of a controller or a processor. It is also applicable if the processing of the data for the branch does not take place in the EU.
The customer data of an Austrian trading company is stored by the parent company in the USA.
- Branches outside the EU ("market location principle")
The processing of personal data of persons who are located in the EU also falls under the GDPR
- offer them goods or services, regardless of whether the person has to make a payment (example: a US company offers books in Austria via the Internet).
- Observe the behavior of people in the EU (example: a Canadian company uses an analysis tool to monitor the purchasing behavior of people in Austria).
The company that carries out this data processing does not have to have a branch in the EU. Nevertheless, the GDPR must be observed!
Relevant articles of the GDPR: Art 2, Art 3
Relevant recitals: 14 ff
Relevant provisions of the DSG: §§ 3, 4
- Are feeding tubes dangerous
- What is the capital of Jammu
- Does LinkedIn have a venture fund
- Why is the use of headphones harmful to your health?
- Does wool attract or repel dust mites?
- How do British women see Indian men
- Why do people finance everything
- What is the Judeo-Christian tradition
- How is it that Meghan Markle is not a princess
- Are there tabs for harmonica players
- Why does my Facebook app look different
- Onboarding at Infosys
- State Bank of India SBI reviews
- How do grocery stores wash fresh vegetables
- Intelligent work means creative work
- How was your CSE interview in 2017
- Why does math usually scare people
- What are composites in basic chemistry
- Are you bullied a lot?
- Know more about astrologers
- How much is Pemex worth
- What are the transmission losses
- Help me create a desktop
- How French are the fries