Across both the UK and EU GDPR text, Article 1 doesn’t contain any direct correlation to a specific ISO standard, and instead focuses on setting out the general objectives of the legislation as a whole.
Organisations should therefore consider GDPR Article 1 as a series of guiding principles, rather than a distinct set of operational or technical instructions.
GDPR has two objectives, one of which is immediately obvious – the protection of personal data – but the other is less so, being the notion that GDPR also protects an individual’s other fundamental rights and freedoms.
GDPR, therefore, is not legally limited to the protection of data in some circumstances, but may also apply to concepts (previously contained in the EU’s CFR legislation) such as the right to privacy, the right to communication, the right to a private family life, the right of assembly, freedom of religion and ‘other anti-discrimination rights’.
Article 1 contains numerous links to the EU’s Charter for Rights, more specifically Article 7 (the right to privacy) and Article 8 (the right to data protection).
Article 1 (3) explicitly deals with the free movement of data between EU countries in the EEA, in accordance with data localisation laws.
We provide an environment that’s been pre-built for you to describe and demonstrate your approach to protecting your European and UK customer data that fits seamlessly into your management system.
ISMS.online makes it easy for you to jump straight into your journey to GDPR compliance and to easily demonstrate level of protection that goes beyond ‘reasonable’, all in one secure, always-on location.
Find out more by booking a hands on demo.
Book a tailored hands-on session
based on your needs and goals
Book your demo