According to the Law on Obligation Relations, entrusting the collection […]
Yes. Consent is the only possible legal basis for processing […]
No. The controller does not need to request and obtain […]
The retention period for personal data is often set out […]
The controller must scan the situation in the organization, which […]
Do debt collection agencies need to obtain consent for the processing of personal data they carry out?
According to the Law on Obligation Relations, entrusting the collection of claims (debts) does not require obtaining consent from the debtor, but the creditor is obliged to inform the debtor about entrusting the collection to another legal entity, which means that it is a contractual relationship. In addition, [...]
Who gives consent for a child?
In the case of a minor child, consent should be obtained from a parent or guardian, except in the case of processing of personal data relating to information society services offered directly to the child. In such a case, the child can give consent, but only if he [...]
Does the controller have to request and obtain consent in case of processing personal data through cookies?
Yes. Consent is the only possible legal basis for processing personal data in the context of using cookies. It is provided for in the Law on Electronic Communications (Article 168). However, there is also an exception for cookies that are technically necessary. Apart from consent, the controller must [...]
Does the controller have to ask for and obtain consent for every processing of personal data? When should and should not seek consent?
No. The controller does not need to request and obtain consent for each processing of personal data. Any activity for the processing of personal data must be based on one of the legal bases given in Article 10, paragraph (1) of ZZLP. Consent is only one of the [...]
How long must the controller keep personal data?
The retention period for personal data is often set out in specific laws (eg, labor regulations determine the retention period for employee payslips). However, when the regulations do not establish a storage period, the principle of limiting the storage period given in Article 9 of the ZZLP is [...]
What is personal data?
Personal data is any information relating to an identified natural person or an identifiable natural person (personal data subject), while an identifiable natural person is a person whose identity can be determined, directly or indirectly. Personal data is a broad concept. Below are some examples: name and surname; [...]
What are the controller’s obligations arising from the ZZLP?
The controller must scan the situation in the organization, which includes mapping the movement of personal data (determines the categories of personal data that are processed, whether special categories of personal data are processed, as well as the legality, transparency and purposes of the processing of personal data [...]