In this video, Mandy Huth explores the right to object. Learn when objection applies, when a controller must cease processing, and exceptions to the rule.
- [Instructor] Article 21 covers the situations when a data subject can object to data processing of their personal data. Objection applies based on legitimate or public interest. One situation included in objection is for direct marketing purposes. A data subject can object to this at any time. Other situations are for society services and for scientific or research purposes. Once a request for objection is received, the controller must stop their processing activities.
Normal guidelines would apply unless the controller can prove a convincing alternate scenario whereby processing should continue. There are two principle scenarios for this situation. The first is based on requirement. If the controller needs to process data based on their legal rights, then objection is overridden. The other is grounds. Sometimes there are situations where processing data can be for a greater good, that overrides an individual data subject's rights.
An example of this may be health information that maps to a larger issue like a pandemic. Data subjects have the right to object to processing their data in most situations.
DISCLAIMER: Neither LinkedIn nor the instructor represents you, and they are not giving legal advice. The information conveyed through this course is not intended to give legal advice, but instead to communicate information to help viewers understand the basics of the topic presented. Certain concepts may not apply in all countries. The views (and legal interpretations) presented in this course do not necessarily represent the views of LinkedIn or Lynda.com.
- Define the objectives of GDPR relating to the personal privacy of citizens.
- Determine the responsibilities of data protection officers under GDPR.
- Identify the rights of citizens in the event of a data breach.
- Review the steps that must be taken in the event of a data breach.
- Describe the notification process in the event of a data breach.