Skip to main content

GDPR

logo

Summary

This regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. The version used in this section is GDPR - OJ L 119, 4.5.2016.

Definitions

DefinitionRequirements
5_1e. Principles relating to processing of personal data
183. Delete sensitive data securely
360. Remove unnecessary sensitive information
5_1f. Principles relating to processing of personal data
119. Hide recipients
177. Avoid caching and temporary files
184. Obfuscate application data
261. Avoid exposing sensitive information
329. Keep client-side storage without sensitive data
375. Remove sensitive data from client-side applications
7_1. Conditions for consent (1)
310. Request user consent
311. Demonstrate user consent
7_3. Conditions for consent (3)
312. Allow user consent revocation
11_2. Processing which does not require identification
313. Inform inability to identify users
314. Provide processing confirmation
315. Provide processed data information
316. Allow rectification requests
317. Allow erasure requests
13_1-3. Information to be provided where personal data are collected from the data subject
189. Specify the purpose of data collection
14_1-4. Information to be provided where personal data have not been obtained from the data subject
189. Specify the purpose of data collection
15_1ag. Right of access by the data subject
315. Provide processed data information
15_1. Right of access by the data subject
314. Provide processing confirmation
16_1. Right to rectification
316. Allow rectification requests
17_1. Right to erasure (‘right to be forgotten')
317. Allow erasure requests
18_1. Right to restriction of processing
312. Allow user consent revocation
19. Notification obligation regarding rectification or erasure of personal data or restriction of processing
318. Notify third parties of changes
20_1. Right to data portability
315. Provide processed data information
21_1. Right to object
312. Allow user consent revocation
25_1. Data protection by design and by default
045. Remove metadata when sharing files
156. Source code without sensitive information
30. Records of processing activities
189. Specify the purpose of data collection
32_1a. Security of processing
185. Encrypt sensitive information
32_1b. Security of processing
062. Define standard configurations
32_1c. Security of processing
072. Set maximum response time
32_4. Security of processing
176. Restrict system objects
180. Use mock data
33_5. Notification of a personal data breach to the supervisory authority
075. Record exceptional events in logs
89_2. Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
314. Provide processing confirmation
315. Provide processed data information
316. Allow rectification requests
89_3. Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
314. Provide processing confirmation
315. Provide processed data information
316. Allow rectification requests
318. Notify third parties of changes
R6. Ensuring a high level of data protection despite the increased exchange of data
176. Restrict system objects
180. Use mock data
R7. The framework is based on control and certainty
084. Allow transaction history queries
085. Allow session history queries
R39. Principles of data processing
189. Specify the purpose of data collection
343. Respect the Do Not Track header
R40. Lawfulness of data processing
189. Specify the purpose of data collection
343. Respect the Do Not Track header
R45. Fulfillment of legal obligations
185. Encrypt sensitive information
189. Specify the purpose of data collection
331. Guarantee legal compliance
R51. Protecting sensitive personal data
045. Remove metadata when sharing files
156. Source code without sensitive information
180. Use mock data
300. Mask sensitive data
329. Keep client-side storage without sensitive data
R64. Identity verification
231. Implement a biometric verification component
free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.