M. Azraoui, M. Önen, R. Molva, “Framework for Searchable Encryption with SQL Databases”, Conference CLOSER 2018, 19-21 March 2018, Medeira, Portugal. [Conference website http://closer.scitevents.org/]
Means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"Special categories of data" or "sensitive data" is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Data quality principles
Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject. The data protection regime provides an exhaustive list of six legal grounds based on which personal data may be processed. The most common one is consent. Consent must be unambiguous (leaving no doubt to data subject as to the content of his or her consent), freely given (the data subject is able to exercise a real choice without risk of deception, intimidation, coercion or significant negative consequences if he or she does not consent), specific (intelligible and referring precisely to a well-defined, concrete situation of data processing) and informed (consent made by the data subject based upon an appreciation and understanding of the facts and implications of an action). For the processing of special categories of data, the conditions are stricter.
Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing is exceptionally allowed for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes.
The processing of personal data should be limited to data that are adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed - data collection is strictly limited to the information that is directly relevant for the specific purposes of the processing.
Personal data must be accurate and kept up to date: personal data that are inaccurate, having regard to the purposes for which they are processed, must be erased or rectified without delay.
Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
Personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Data subject’s rights
Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with information on the controller and information on the processing of the personal data itself.
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and information on the processing.
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her and the controller shall have the obligation to erase the personal data without undue delay. The right to erasure is subject to specific conditions, such as where the data are no longer necessary for the purpose, consent is withdrawn or there is a legal obligation and it does not apply where the processing if necessary for specific situations such as for exercising the right of freedom of expression and information.
The data subject shall have the right to obtain from the controller the restriction of processing under specific conditions, such as when the accuracy of the personal data is contested by the data subject. In other words, the controller shall refrain from processing the personal data until the ground of restriction is resolved.
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, he or she shall have the right to transmit those data to another controller without hindrance from the initial controller to which the personal data have been provided where the processing is based on consent or contract.