GDPR | Compliance | Fluid Attacks Help

GDPR

logo

Summary

This regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. The version used in this section is GDPR - OJ L 119, 4.5.2016.

Definitions

Definition Requirements
5_1e. Principles relating to processing of personal data 183. Delete sensitive data securely
360. Remove unnecessary sensitive information
5_1f. Principles relating to processing of personal data 119. Hide recipients
177. Avoid caching and temporary files
184. Obfuscate application data
261. Avoid exposing sensitive information
329. Keep client-side storage without sensitive data
375. Remove sensitive data from client-side applications
7_1. Conditions for consent (1) 310. Request user consent
311. Demonstrate user consent
7_3. Conditions for consent (3) 312. Allow user consent revocation
11_2. Processing which does not require identification 313. Inform inability to identify users
314. Provide processing confirmation
315. Provide processed data information
316. Allow rectification requests
317. Allow erasure requests
13_1-3. Information to be provided where personal data are collected from the data subject 189. Specify the purpose of data collection
14_1-4. Information to be provided where personal data have not been obtained from the data subject 189. Specify the purpose of data collection
15_1ag. Right of access by the data subject 315. Provide processed data information
15_1. Right of access by the data subject 314. Provide processing confirmation
16_1. Right to rectification 316. Allow rectification requests
17_1. Right to erasure (‘right to be forgotten') 317. Allow erasure requests
18_1. Right to restriction of processing 312. Allow user consent revocation
19. Notification obligation regarding rectification or erasure of personal data or restriction of processing 318. Notify third parties of changes
20_1. Right to data portability 315. Provide processed data information
21_1. Right to object 312. Allow user consent revocation
25_1. Data protection by design and by default 045. Remove metadata when sharing files
156. Source code without sensitive information
30. Records of processing activities 189. Specify the purpose of data collection
32_1a. Security of processing 185. Encrypt sensitive information
32_1b. Security of processing 062. Define standard configurations
32_1c. Security of processing 072. Set maximum response time
32_4. Security of processing 176. Restrict system objects
180. Use mock data
33_5. Notification of a personal data breach to the supervisory authority 075. Record exceptional events in logs
89_2. Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes 314. Provide processing confirmation
315. Provide processed data information
316. Allow rectification requests
89_3. Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes 314. Provide processing confirmation
315. Provide processed data information
316. Allow rectification requests
318. Notify third parties of changes
R6. Ensuring a high level of data protection despite the increased exchange of data 176. Restrict system objects
180. Use mock data
R7. The framework is based on control and certainty 084. Allow transaction history queries
085. Allow session history queries
R39. Principles of data processing 189. Specify the purpose of data collection
343. Respect the Do Not Track header
R40. Lawfulness of data processing 189. Specify the purpose of data collection
343. Respect the Do Not Track header
R45. Fulfillment of legal obligations 185. Encrypt sensitive information
189. Specify the purpose of data collection
331. Guarantee legal compliance
R51. Protecting sensitive personal data 045. Remove metadata when sharing files
156. Source code without sensitive information
180. Use mock data
300. Mask sensitive data
329. Keep client-side storage without sensitive data
R64. Identity verification 231. Implement a biometric verification component
Free trial message
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.