The aim of this guidance is primarily to assist controllers in identifying the correct legal basis for any processing of personal data which they undertake or plan to undertake – and the obligations which go with that legal basis. Additionally, this guidance should assist those individuals whose personal data may be processed (‘data subjects’) in identifying whether the processing of their personal data is lawful, and, as part of that, what the legal basis for that processing may be.
Guidelines on the Interplay between the Digital Markets Act and the General Data Protection Regulation
EDPB and Commission seek feedback on draft guidance aligning DMA gatekeeper obligations with GDPR rules on legal bases, consent, anonymization, […]