|
Post by juthi52943 on Jan 4, 2024 10:16:30 GMT
In other words according to the Guidelines the supervisory authority must answer the question to what extent the controller has done everything that could be expected taking into account the nature purposes or scope of data processing. Any relevant prior violations Guided by the discussed criterion the authority must assess what the activity of the entity it is dealing with has been like so far. Whether the same infringement has been committed Job Function Email List before or whether it was committed in the same way. All these circumstances may significantly influence the final decision of the authority. The degree of cooperation with the supervisory authority in order to remove the violation and mitigate its possible negative effects Once again the authoritys assessmen. Will include the activity of the controller or processor after the breach has occurred. This time he will look for an answer to the question whether the entity reacted in a specific way to the requests of the supervisory authority during the investigation phase in this particular case. Categories of personal data affected by the breach This is an extremely important and comprehensive criterion.
|
|