EU data protection (EUDataP) Article 23

Restrictions

1. Union or Member State law to which the data controller or processor is subject may restrict by way of a legislative measure the scope of the obligations and rights provided for in Articles 12 to 22 and Article 34, as well as Article 5 in so far as its provisions correspond to the rights and obligations provided for in Articles 12 to 22, when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society to safeguard:
(a) national security;
(b) defence;
(c) public security;
(d) the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security;
(e) other important objectives of general public interest of the Union or of a Member State, in particular an important economic or financial interest of the Union or of a Member State, including monetary, budgetary and taxation a matters, public health and social security;
(f) the protection of judicial independence and judicial proceedings;
(g) the prevention, investigation, detection and prosecution of breaches of ethics for regulated professions;
(h) a monitoring, inspection or regulatory function connected, even occasionally, to the exercise of official authority in the cases referred to in points (a), (b), (c), (d), (e) and (g);
(i) the protection of the data subject or the rights and freedoms of others;
(j) the enforcement of civil law claims.

2. In particular, any legislative measure referred to in paragraph 1 shall contain specific provisions at least, where relevant, as to:
(a) the purposes of the processing or categories of processing;
(b) the categories of personal data;
(c) the scope of the restrictions introduced;
(d) the safeguards to prevent abuse or unlawful access or transfer;
(e) the specification of the controller or categories of controllers;
(f) the storage periods and the applicable safeguards taking into account the nature, scope and purposes of the processing or categories of processing;
(g) the risks to the rights and freedoms of data subjects; and
(h) the right of data subjects to be informed about the restriction, unless that may be prejudicial to the purpose of the restriction.

„Zeigen Sie Ihren Kunden und Mitarbeitern, dass Sie Datenschutz betreiben.
Nutzen Sie den Datenschutz als Ihre positive Botschaft.“

IITR - qualifizierter Datenschutz

Kontakt

Sie erreichen uns unter folgender Adresse:

IITR GmbH - Institut für IT-Recht

Marienplatz 2
80331 München

Tel.: +49 (0)89 1891 7360

E-Mail: email@iitr.de

 

Kontakt zum Datenschutz:

Dr. Sebastian Kraska Rechtsanwalt, Diplom-Kaufmann Spezialisiert auf DatenschutzrechtDr. Sebastian Kraska
Rechtsanwalt, Diplom-Kaufmann
Spezialisiert auf das Datenschutzrecht

Tel.: +49 (0)89 1891 7360

E-Mail: email@iitr.de

IITR GmbH ist zertifiziert
DIN EN ISO 9001

Wir sind zertifiziert nach DIN EN ISO 9001-2015Mitglied DIN