What are the requirements of the GDPR/ Data Protection Act? - Knowledgebase / Legal - Support Portal | Registry Services

What are the requirements of the GDPR/ Data Protection Act?

Updated 26 Apr, 2020

Among other things, the following requirements apply when processing personal data:

  • A legal basis (for example, consent, contractual relationship or balance of interests) is required for processing personal data,
  • Anyone who processes personal data is obliged to provide information to the data subject (the physical person) about the processing of personal data,
  • Anyone who processes personal data is obliged to correct personal data that is incorrect,
  • Anyone who processes personal data must protect personal data through appropriate technical and organizational measures.
  • If personal data processors handle personal data on behalf of the person who processes personal data (personal data controller), the processing of personal data shall be regulated by an agreement (so-called personal data processing agreement).

    ( See also General information for The Swedish Internet Foundation’s registrars regarding disclosure of personal data )