71
edits
(→Q1.1a Check if the GDPR is applicable (jurisdiction): Adding roles and responsibilities) |
|||
Line 32: | Line 32: | ||
==== Q1.1a Check if the GDPR is applicable (jurisdiction) ==== | ==== Q1.1a Check if the GDPR is applicable (jurisdiction) ==== | ||
The GDPR is applicable to anyone offering services from EU, or to EU citizens, paid or non-paid and to anyone explicitly targeting EU inhabitants. | The GDPR is applicable to anyone offering services from EU, or to EU citizens, paid or non-paid and to anyone explicitly targeting EU inhabitants. | ||
===== Roles and responsibilities ===== | |||
The GDPR knows different roles: | |||
# Data Subject - the person where the data is about | |||
# Data Controller - a person or organisation who collects, stores or processes data about a natural person and who determines the goals and the means of the processing of the data. | |||
# Data Processor - a person (not employee of the controller) or organisation who processes data on behalves of a Data Controller. | |||
# Third Party - a Data Controller that receives data from an other Controller. This transfer of Data is a processing on its own within the GDPR. | |||
Within the XMPP network the following roles can be found: | |||
Sending a message: | |||
* Data Subject: the sender of the message | |||
* Data Controller: the operator of the XMPP server of the sender of the message | |||
* Data Processor: can be several, e.g. the internet hoster of the XMPP server operator | |||
* Third Party: the XMPP server of the receiving person. | |||
Message storage (MAM, offline storage): | |||
Note: the data here is a personal conversation, this conversation contains messages from one or more other users but these are stored under the responsibility of and as personal from the user using the storage. | |||
* Data Subject: the person initiating the storage | |||
* Data Controller: the XMPP server performing the storage | |||
* Data Processor: can be several, e.g. the internet hoster of the XMPP server operator | |||
==== Q1.1b List what data is processed ==== | ==== Q1.1b List what data is processed ==== |
edits