Áirítear i gcineálacha oibríochtaí próiseála den sórt sin, go háirithe, na hoibríochtaí sin lena mbaintear úsáid as teicneolaíochtaí nua, nó na cinn ar de chineál nua iad agus nach bhfuil measúnútionchairarchosaintsonraí déanta ag an rialaitheoir ina leith go fóill nó na cinn a bhfuil measúnútionchairarchosaintsonraí tagtha chun bheith riachtanach mar gheall ar an tréimhse ama a chuaigh thart ón uair a rinneadh an phróiseáil tosaigh i leith.
Such types of processing operations may be those which in, particular, involve using new technologies, or are of a new kind and where no data protection impact assessment has been carried out before by the controller, or where they become necessary in the light of the time that has elapsed since the initial processing.
#1721592
Ba cheart na nósanna imeachta sin, go háirithe, a bheith i bhfeidhm i gcás inarb é atá i gceist leis na cineálacha oibríochtaí próiseála úsáid a bheith á baint as nuatheicneolaíochtaí, nó na cinn ar de chineál nua iad agus nach bhfuil measúnútionchairarchosaintsonraí déanta ag an rialaitheoir ina leith go fóill nó na cinn a bhaineann le measúnútionchairarchosaintsonraí tagtha chun bheith riachtanach mar gheall ar an tréimhse ama a chuaigh thart ón uair a rinneadh an phróiseáil tosaigh i leith.
Such procedures should, in particular, also be in place where types of processing operations involve using new technologies, or are of a new kind in relation to which no data protection impact assessment has been carried out before by the controller, or where they become necessary in the light of the time that has elapsed since the initial processing.
#1722183
comhairle a thabhairt nuair a iarrtar sin maidir leis an measúnútionchairarchosaintsonraí agus faireachán a dhéanamh ar a fheidhmíocht de bhun Airteagal 39 agus dul i gcomhairle leis an Maoirseoir Eorpach arChosaintSonraí i gcás amhras faoin ngá le measúnútionchairarchosaintsonraí;
to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 39 and to consult the European Data Protection Supervisor in case of doubt as to the need for a data protection impact assessment;
#2110338
I gcás ina ndearna soláthraí measúnútionchairarchosaintsonraí agus ina ndeachaigh sé i gcomhairle leis na húdaráis mhaoirseachta maidir le teicneolaíocht i gcomhréir le Rialachán (AE) 2016/679 roimh theacht i bhfeidhm an Rialacháin seo, níor cheart é a bheith d’oibleagáid ar an soláthraí sin faoin Rialachán seo measúnútionchair breise archosaintsonraí nó comhairliúchán breise a dhéanamh ar choinníoll go mbeidh sé curtha in iúl ag na húdaráis mhaoirseachta nach mbeadh ardriosca do chearta agus saoirsí daoine nádúrtha mar thoradh ar an bpróiseáil a dhéantar arshonraí leis an teicneolaíocht sin nó go mbeadh bearta déanta ag an rialaitheoir chun riosca den sórt sin a mhaolú.
Where a provider has conducted a data protection impact assessment and consulted the supervisory authorities with regard to a technology in accordance with Regulation (EU) 2016/679 prior to the entry into force of this Regulation, that provider should not be obliged under this Regulation to carry out an additional data protection impact assessment or consultation provided that the supervisory authorities have indicated that the processing of data by that technology would not result in a high risk to the rights and freedoms of natural persons or that measures have been taken by the controller to mitigate such a risk.
#1722563
Déanfaidh an rialaitheoir an measúnútionchairarchosaintsonraí arna dhéanamh de bhun Airteagal 89 a sholáthar don Mhaoirseoir Eorpach arChosaintSonraí agus, arna iarraidh sin, soláthróidh sé aon fhaisnéis eile a chuirfidh ar chumas an Mhaoirseora Eorpaigh arChosaintSonraímeasúnú a dhéanamh maidir le comhlíonadh na próiseála agus go háirithe maidir leis na rioscaí do chosaintsonraí pearsanta oibríochtúla an ábhair sonraí agus maidir leis na coimircí gaolmhara.
The controller shall provide the European Data Protection Supervisor with the data protection impact assessment referred to Article 89 and, on request, with any other information to allow the European Data Protection Supervisor to make an assessment of the compliance of the processing and in particular of the risks for the protection of operational personal data of the data subject and of the related safeguards.
#1974671
an oibleagáid measúnú a dhéanamh arthionchar na n-oibríochtaí próiseála atá beartaithe archosaintsonraí pearsanta (‘measúnútionchairarchosaintsonraí’) i gcás inar dócha go mbeadh ardriosca do chearta agus do shaoirsí daoine nádúrtha mar thoradh ar chineál próiseála;
the obligation to carry out an assessment of the impact of the envisaged processing operations on the protection of personal data (a ‘data protection impact assessment’) where a type of processing is likely to result in a high risk to the rights and freedoms of natural persons;
#706731
I gcásanna den sórt sin, níor cheart measúnútionchairarchosaintsonraí a bheith éigeantach.
In such cases, a data protection impact assessment should not be mandatory.
#707407
Measúnútionchairarchosaintsonraí agus réamhchomhairliúchán
Data protection impact assessment and prior consultation
#707409
Measúnútionchairarchosaintsonraí
Data protection impact assessment
#707419
Féadfaidh an t-údarás maoirseachta liosta a leagan amach agus a chur ar fáil go poiblí de na cineálacha oibríochtaí próiseála nach gá measúnútionchairarchosaintsonraí a dhéanamh ina leith.
The supervisory authority may also establish and make public a list of the kind of processing operations for which no data protection impact assessment is required.
#707443
an measúnútionchairarchosaintsonraí dá bhforáiltear in Airteagal 35; agus
the data protection impact assessment provided for in Article 35; and
#707477
comhairle a thabhairt nuair a iarrtar sin air maidir leis an measúnútionchairarchosaintsonraí agus faireachán a dhéanamh ar a fheidhmíocht de bhun Airteagal 33;
to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
#707720
bunóidh sé agus coimeádfaidh sé ar bun liosta i ndáil leis an gceanglas le haghaidh measúnútionchair a dhéanamh archosaintsonraí de bhun Airteagal 35(4);
establish and maintain a list in relation to the requirement for data protection impact assessment pursuant to Article 35(4);
#707840
dírítear ann ar liosta de na hoibríochtaí próiseála a ghlacadh faoi réir an cheanglais le haghaidh measúnútionchairarchosaintsonraí, de bhun Airteagal 35(4);
aims to adopt a list of the processing operations subject to the requirement for a data protection impact assessment pursuant to Article 35(4);
#1721599
Mar chuid den phróiseas comhairliúcháin sin, ba cheart go bhféadfaí toradh armheasúnútionchairarchosaintsonraí a dhéantar maidir leis an bpróiseáil a chur faoi bhráid an Mhaoirseora Eorpaigh arChosaintSonraí, go háirithe na bearta atá beartaithe chun an riosca do chearta agus do shaoirsí na ndaoine nádúrtha a mhaolú.
As part of that consultation process, it should be possible to submit the outcome of a data protection impact assessment carried out with regard to the processing at issue to the European Data Protection Supervisor, in particular the measures envisaged to mitigate the risk to the rights and freedoms of natural persons.
#1722100
Measúnútionchairarchosaintsonraí agus réamhchomhairliúchán
Data protection impact assessment and prior consultation
#1722102
Measúnútionchairarchosaintsonraí
Data protection impact assessment
#1722134
an measúnútionchairarchosaintsonraí dá bhforáiltear in Airteagal 39; agus
the data protection impact assessment provided for in Article 39; and
#1724404
comhairle a thabhairt nuair a iarrtar sin maidir leis an measúnútionchairarchosaintsonraí agus faireachán a dhéanamh ar a fheidhmíocht de bhun Airteagal 89 de Rialachán (AE) 2018/1725;
providing advice where requested as regards the data protection impact assessment and monitoring its performance pursuant to Article 89 of Regulation (EU) 2018/1725;
#1762093
Mar chuid den mheasúnútionchair, scrúdaíodh go háirithe tionchair na mbeart atá beartaithe ar chearta bunúsacha agus ar an gceart maidir le cosaintsonraí go háirithe.
The impact assessment looked in particular into the impacts of the proposed measures on fundamental rights and, in particular, to the right to data protection.
#1764354
Mar chuid den mheasúnútionchair, scrúdaíodh go háirithe tionchair na mbeart atá beartaithe ar chearta bunúsacha agus ar an gceart maidir le cosaintsonraí go háirithe.
The impact assessment looked in particular into the impacts of the proposed measures on fundamental rights and, in particular, to the right to data protection.
#1973421
MeasúnúTionchairarChosaintSonraí
Data Protection Impact Assessment
#2246436
MeasúnúTionchairarChosaintSonraí
Data Protection Impact Assessment
#3226711
Measúnútionchairarchosaintsonraí
DATA PROTECTION IMPACT ASSESSMENT
#706728
Ba cheart measúnútionchairarchosaintsonraí a dhéanamh freisin i gcás ina bpróiseáiltear sonraí pearsanta chun cinntí maidir le daoine sonracha nádúrtha a ghlacadh tar éis aon mheastóireacht chórasach agus chuimsitheach a dhéanamh ar ghnéithe pearsanta a bhaineann le daoine nádúrtha atá bunaithe ar na sonraí sin a phróifíliú nó tar éis catagóirí speisialta sonraí pearsanta, sonraí bithmhéadracha nó sonraí i ndáil le ciontuithe coiriúla agus le cionta nó le bearta slándála a phróiseáil.
A data protection impact assessment should also be made where personal data are processed for taking decisions regarding specific natural persons following any systematic and extensive evaluation of personal aspects relating to natural persons based on profiling those data or following the processing of special categories of personal data, biometric data, or data on criminal convictions and offences or related security measures.
#706729
Éilítear measúnútionchairarchosaintsonraí freisin d'fhonn faireachán a dhéanamh, ar mhórscála, ar réimsí a bhfuil rochtain phoiblí orthu, go háirithe nuair atá feistí optacha leictreonacha á n-úsáid nó i gcomhair oibríochtaí eile ar bith ina meastar don údarás inniúil maoirseachta gur dócha go mbeadh ardriosca do chearta agus do shaoirsí na n-ábhar sonraí ag gabháil leis an bpróiseáil, go háirithe de bhrí go gcoisctear leo na hábhair sonraí ceart a fheidhmiú nó seirbhís nó conradh a úsáid, nó de bhrí go gcuirtear i gcrích iad go córasach nó ar mhórscála.
A data protection impact assessment is equally required for monitoring publicly accessible areas on a large scale, especially when using optic-electronic devices or for any other operations where the competent supervisory authority considers that the processing is likely to result in a high risk to the rights and freedoms of data subjects, in particular because they prevent data subjects from exercising a right or using a service or a contract, or because they are carried out systematically on a large scale.
#752466
sonraí chun measúnú a dhéanamh arthionchar iascaigh an Aontais ar an éiceachóras muirí in uiscí an Aontais agus in uiscí lasmuigh den Aontas, lena n-áirítear sonraí faoi fhoghabhálacha speiceas nach spriocspeicis iad, go háirithe speicis atá cosanta faoi dhlí an Aontais nó faoin dlí idirnáisiúnta, sonraí maidir leis na tionchair atá ag iascaigh ar ghnáthóga muirí lena n-áirítear limistéir mhuirí leochaileacha agus sonraí maidir leis na tionchair atá ag iascaigh ar ghréasáin bhia;
data to assess the impact of Union fisheries on the marine ecosystem in and outside Union waters, including data on by-catch of non-target species, in particular species protected under Union or international law, data on impacts of fisheries on marine habitats, including vulnerable marine areas, and data on impacts of fisheries on food webs;
#1721595
I gcás ina léirítear le measúnútionchairarchosaintsonraí go mbeadh ardriosca do chearta agus do shaoirsí daoine nádúrtha ag gabháil leis an bpróiseáil, in éagmais coimircí, bearta slándála agus sásraí chun an riosca a mhaolú, agus i gcás ina bhfuil an rialaitheoir den tuairim nach bhféadfaí an riosca a mhaolú ar bhealach réasúnach ó thaobh na dteicneolaíochtaí atá ar fáil agus ó thaobh na gcostas chur chun feidhme, ba cheart dul i gcomhairle leis an Maoirseoir Eorpach arChosaintSonraí sula gcuirfí tús le gníomhaíochtaí próiseála.
Where a data protection impact assessment indicates that the processing would, in the absence of safeguards, security measures and mechanisms to mitigate the risk, result in a high risk to the rights and freedoms of natural persons and the controller is of the opinion that the risk cannot be mitigated by reasonable means in terms of available technologies and costs of implementation, the European Data Protection Supervisor should be consulted prior to the start of processing activities.
#1722110
Bunóidh an Maoirseoir Eorpach arChosaintSonraí liosta de na cineálacha oibríochtaí próiseála atá faoi réir an cheanglais maidir le measúnútionchairarchosaintsonraí a dhéanamh de bhun mhír 1 agus cuirfidh sé an liosta sin ar fáil don phobal.
The European Data Protection Supervisor shall establish and make public a list of the kind of processing operations which are subject to the requirement for a data protection impact assessment pursuant to paragraph 1.
#1722111
Féadfaidh an Maoirseoir Eorpach arChosaintSonraí liosta a leagan amach agus a chur ar fáil go poiblí de na cineálacha oibríochtaí próiseála nach gá measúnútionchairarchosaintsonraí a dhéanamh ina leith.
The European Data Protection Supervisor may also establish and make public a list of the kind of processing operations for which no data protection impact assessment is required.
#1722124
I gcás ina léirítear le measúnútionchairarchosaintsonraí faoi Airteagal 39 go mbeadh ardriosca do chearta agus do shaoirsí daoine nádúrtha ag gabháil leis an bpróiseáil in éagmais coimircí, bearta slándála agus sásraí chun an riosca a mhaolú, agus i gcás ina bhfuil an rialaitheoir den tuairim nach bhféadfaí an riosca a mhaolú ar bhealach réasúnach ó thaobh na dteicneolaíochtaí atá ar fáil agus ó thaobh na gcostas cur chun feidhme, rachaidh an rialaitheoir i gcomhairle leis an Maoirseoir Eorpach arChosaintSonraí sula rachfar i mbun na ngníomhaíochtaí próiseála.
The controller shall consult the European Data Protection Supervisor prior to processing where a data protection impact assessment under Article 39 indicates that the processing would, in the absence of safeguards, security measures and mechanisms to mitigate the risk, result in a high risk to the rights and freedoms of natural persons and the controller is of the opinion that the risk cannot be mitigated by reasonable means in view of the available technologies and costs of implementation.
#1883028
Tagraítear don mheasúnúar na rioscaí do chearta agus do shaoirsí na ndaoine is ábhar do shonraí a bhféadfadh a sonraí pearsanta a bheith faoi réir srianta, chomh maith leis an tréimhse choinneála, sa taifead ar na gníomhaíochtaí próiseála ábhartha i gcomhréir le hAirteagal 31 den Rialachán agus, más infheidhme, sna measúnachtaí tionchaircosantasonraí ábhartha atá bunaithe ar Airteagal 39 den Rialachán.
The assessment of the risks to the rights and freedoms of data subjects whose personal data may be subject to restrictions, as well as their retention period, are referenced in the record of the relevant processing activities in accordance with Article 31 of the Regulation and, if applicable, in relevant data protection impact assessments based on Article 39 of the Regulation.
#1883416
Maidir leis an measúnúar na rioscaí do chearta agus saoirsí na ndaoine is ábhar sonraí a bhféadfadh a sonraí pearsanta a bheith faoi réir srianta, mar aon lena dtréimhse choinneála, déantar tagairt dóibh i dtaifead na ngníomhaíochtaí próiseála ábhartha i gcomhréir le hAirteagal 31 de Rialachán (AE) 2018/1725 agus, más infheidhme, i measúnuithetionchair ábhartha archosaintsonraí bunaithe ar Airteagal 39 den Rialachán réamhluaite.
The assessment of the risks to the rights and freedoms of data subjects whose personal data may be subject to restrictions, as well as their retention period, are referenced in the record of the relevant processing activities in accordance with Article 31 of Regulation (EU) 2018/1725 and, if applicable, in relevant data protection impact assessments based on Article 39 of the said Regulation.
#2465405
Ba cheart a áireamh leis an measúnútionchairarchosaintsonraímeasúnúar oiriúnacht, riachtanas agus comhréireacht na sonraí pearsanta atá le próiseáil chun cuspóir sonrach an tionscadail, lena n-áirítear an ceanglas maidir le híoslaghdú sonraí agus measúnúar aon chlaonadh a d’fhéadfadh a bheith sa toradh agus sna sonraí pearsanta atá le próiseáil chun cuspóir sonrach an tionscadail chomh maith leis na bearta atá beartaithe chun aghaidh a thabhairt ar na rioscaí sin.
The data protection impact assessment should include an assessment of the appropriateness, necessity and proportionality of the personal data to be processed for the specific purpose of the project, including the requirement of data minimisation and an assessment of any potential bias in the outcome and in the personal data to be processed for the specific purpose of the project as well as the measures envisaged to address those risks.
#2465829
comhairle a thabhairt nuair a iarrtar sin maidir leis an measúnútionchairarchosaintsonraí de bhun Airteagal 89 de Rialachán (AE) 2018/1725 agus faireachán a dhéanamh ar fheidhmíocht an measúnaithetionchairarchosaintsonraí;
providing advice where requested as regards the data protection impact assessment pursuant to Article 89 of Regulation (EU) 2018/1725 and monitoring the performance of the data protection impact assessment;
#3048446
ag tabhairt dá haire go bhfuil iarracht á déanamh ag an Lárionad feabhas a chur ar chibearshlándáil an Lárionaid agus archosaintsonraí pearsanta, go háirithe trí chórais nua fíordheimhnithe ilfhachtóiriúla agus trí ghníomhaíochtaí oiliúna arna n-eagrú don fhoireann; ag tabhairt dá haire go bhfuil an Lárionad tiomanta do bheartas cibearshlándála a eisiúint chun obair leantach a dhéanamh ar an Rialachán cibearshlándála atá le teacht; ag tabhairt faoi deara, chun bearta maolaitheacha iomchuí a shainiú chun an leibhéal is airde slándála faisnéise ar líne a sholáthar, go ndearna an Lárionad measúnútionchairarchosaintsonraí go luath in 2022;
Notes that the Centre is pursuing the effort to improve the Centre’s cybersecurity and protection of personal data, especially through new multifactor authentication systems and training activities organised for staff; takes note of the fact that the Centre is committed to issuing a cybersecurity policy to follow up on the forthcoming cybersecurity Regulation; observes that, to define appropriate mitigating measures to provide the highest possible level of online information security, the Centre carried out a data protection impact assessment in early 2022;
#3248806
rochtain a sholáthar ar fhaisnéis faoi phróiseáil sonraí pearsanta i gcomhthéacs boscaí gainimh rialála idir-inoibritheachta dá dtagraítear in Airteagail 11 agus 12, i gcás inar sainaithníodh aon ardriosca do chearta agus do shaoirsí na n-ábhar sonraí, dá dtagraítear in Airteagal 35(1) de Rialachán (AE) 2016/679 agus in Airteagal 39 de Rialachán (AE) 2018/1725, chomh maith le rochtain ar fhaisnéis faoi shásraí freagartha chun an riosca sin a mhaolú go pras, lena n-áirítear, i gcás inarb iomchuí, an measúnútionchairarchosaintsonraí a nochtadh;
providing access to information on the processing of personal data in the context of interoperability regulatory sandboxes referred to in Articles 11 and 12, where any high risk to the rights and freedoms of the data subjects, as referred to in Article 35(1) of Regulation (EU) 2016/679 and in Article 39 of Regulation (EU) 2018/1725, has been identified, as well as access to information on response mechanisms to promptly mitigate that risk, including, where appropriate, disclosure of the data protection impact assessment;
#2626795
ag tabhairt dá haire gur díol sásaimh di go ndearna MECS cianiniúchadh ar chláir próiseála sonraí institiúidí an Aontais agus SEGS a bhí go hiomlán comhlíontach; á chur in iúl gur geal léi an nuashonrú leanúnach ar ráitis phríobháideachais COVID-19 a rinne rialaitheoirí sonraí SEGS i ndlúthchomhar leis an OCS, chun aghaidh a thabhairt ar chúiseanna buartha nua maidir le príobháideachas i ndáil le rialú láithreacht oifige agus cianoibriú, d’fhonn comhréireacht a bhaint amach idir na riachtanais maidir leis an tsláinte a chaomhnú agus rioscaí éillithe a mhaolú agus sonraí pearsanta a chosaint; ag tabhairt dá haire, in 2020, gur chuir rialaitheoirí sonraí SEGS dhá mheasúnútionchairarchosaintsonraí (DPIA) i gcrích maidir le faireachán ar shlándáil TF agus maidir le húsáid KITRY, bogearra chun sláinte agus sábháilteacht a bhainistiú san ionad oibre don tSeirbhís Liachta (le cur i gcrích in 2021);
Notes with satisfaction that the EDPS conducted a remote audit of the data processing registers of the Union institutions and the EEAS was deemed to be fully compliant; welcomes the continuous update of the COVID-19 privacy statement that the EEAS data controllers have carried out in close cooperation with the DPO, to address new privacy concerns in relation to the control of office presence and remote working, with a view to achieving proportionality between the needs of preserving health and mitigating contamination risks and the protection of personal data; notes that in 2020 the EEAS data controllers completed two data protection impact assessments (DPIA) on IT security monitoring and on the use of KITRY, an application to manage health and safety in the workplace for the Medical Service (to be completed in 2021);
#1755687
a áirithiú go bhfuil na sonraí atá stóráilte sna comhaid iarratais agus na sonraí atá ar taifead i gCóras Faisnéise ETIAS ceart agus cothrom le dáta, 2) i gcás inar gá, na hiarratais ar údarú taistil a fhíorú chun fáil réidh le débhríocht ar bith i dtaobh chéannacht an iarratasóra i gcás amas a fuarthas le linn an phróisis uathoibrithe, 3) táscairí riosca sonracha de chuid rialacha ETIAS maidir le scagadh a shainiú, a thástáil, a chur chun feidhme, a mheasúnú agus a athbhreithniú tar éis dul i gcomhairle le Bord ETIAS um Scagadh, agus 4) iniúchtaí rialta a dhéanamh ar bhainistiú na niarratas agus ar chur chun feidhme rialacha ETIAS maidir le scagadh, go háirithe i ndáil lena dtioncharar chearta bunúsacha agus i dtaca le príobháideacht agus cosaintsonraí.
ensuring that the data stored in the application files and the data recorded in the ETIAS Information System are correct and up to date, 2) where necessary, verifying the travel authorisation applications to remove any ambiguity about the applicant’s identity in cases of a hit obtained during the automated process, 3) defining, testing, implementing, evaluating and revising specific risk indicators of the ETIAS screening rules after consultation of the ETIAS Screening Board, and 4) carrying out regular audits on the management of applications and on the implementation of the ETIAS screening rules, particularly as regards their impacts on fundamental rights and especially with regards to privacy and data protection.
#706706
D'fhonn feabhas a chur ar chomhlíonadh an Rialacháin seo, i gcás inar dócha, leis na hoibríochtaí próiseála, go mbeadh ardriosca ann i dtaca le cearta agus saoirsí na ndaoine nádúrtha, ba cheart don rialaitheoir a bheith freagrach as measúnútionchairarchosaintsonraí a dhéanamh chun meastóireacht a dhéanamh go háirithe ar thionscnamh, ar chineál, ar leithleachas agus ar dhéine an riosca sin.
In order to enhance compliance with this Regulation where processing operations are likely to result in a high risk to the rights and freedoms of natural persons, the controller should be responsible for the carrying-out of a data protection impact assessment to evaluate, in particular, the origin, nature, particularity and severity of that risk.
#706708
I gcás ina léirítear le measúnútionchairarchosaintsonraí go mbaineann ardriosca le hoibríochtaí próiseála nach féidir leis an rialaitheoir a mhaolú trí bhearta iomchuí ó thaobh na teicneolaíochta atá ar fáil agus na gcostas a bhaineann leis an gcur chun feidhme, ba cheart dul i gcomhairle leis an údarás maoirseachta sula ndéantar an phróiseáil.
Where a data-protection impact assessment indicates that processing operations involve a high risk which the controller cannot mitigate by appropriate measures in terms of available technology and costs of implementation, a consultation of the supervisory authority should take place prior to the processing.
#706732
Tá cásanna áirithe ann ina bhféadfadh sé go mbeadh sé réasúnta agus tíosach go mbeadh an t-ábhar de mheasúnútionchairarchosaintsonraí níos leithne ná tionscadal amháin, i gcás, mar shampla, ina bhfuil sé beartaithe ag údaráis phoiblí nó comhlachtaí poiblí feidhmchlár coiteann nó clár coiteann próiseála a chur ar bun nó ina bhfuil sé beartaithe ag roinnt rialaitheoirí feidhmchlár coiteann nó timpeallacht choiteann próiseála a thabhairt isteach in earnáil tionscail nó i roinn tionscail trí chéile nó le haghaidh gníomhaíocht chothrománach atá in úsáid go forleathan.
There are circumstances under which it may be reasonable and economical for the subject of a data protection impact assessment to be broader than a single project, for example where public authorities or bodies intend to establish a common application or processing platform or where several controllers plan to introduce a common application or processing environment across an industry sector or segment or for a widely used horizontal activity.
#706734
I gcás ina léirítear le measúnútionchairarchosaintsonraí go mbeadh ardriosca do chearta agus do shaoirsí daoine nádúrtha ag gabháil leis an bpróiseáil, in éagmais na gcoimircí, na mbeart slándála agus na sásraí a bheartaítear leis an riosca a mhaolú, agus i gcás ina bhfuil an rialaitheoir den tuairim nach bhféadfaí an riosca a mhaolú ar bhealach réasúnach ó thaobh na dteicneolaíochtaí atá ar fáil agus ó thaobh na gcostas chur chun feidhme, ba cheart dul i gcomhairle leis an údarás maoirseachta sula gcuirfí tús le gníomhaíochtaí próiseála.
Where a data protection impact assessment indicates that the processing would, in the absence of safeguards, security measures and mechanisms to mitigate the risk, result in a high risk to the rights and freedoms of natural persons and the controller is of the opinion that the risk cannot be mitigated by reasonable means in terms of available technologies and costs of implementation, the supervisory authority should be consulted prior to the start of processing activities.
#706738
Mar chuid den phróiseas comhairliúcháin sin, féadfar an toradh armheasúnútionchairarchosaintsonraí a dhéantar maidir leis an bpróiseáil a chur faoi bhráid an údaráis mhaoirseachta, go háirithe na bearta atá beartaithe leis an riosca do chearta agus do shaoirsí na ndaoine nádúrtha a mhaolú.
As part of that consultation process, the outcome of a data protection impact assessment carried out with regard to the processing at issue may be submitted to the supervisory authority, in particular the measures envisaged to mitigate the risk to the rights and freedoms of natural persons.
#707410
I gcás inar dóchúil go dtarlódh ardriosca do chearta agus do shaoirsí daoine nádúrtha de bharr chineál na próiseála, go háirithe próiseáil ina n-úsáidfí nuatheicneolaíochtaí, déanfaidh an rialaitheoir, sula ndéanfar an phróiseáil, measúnúarthionchar na n-oibríochtaí próiseála a bheartaítear a dheanamh archosaint na sonraí pearsanta, agus cineál, raon feidhme, comhthéacs agus críocha na próiseála á gcur san áireamh.
Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data.
#707417
Bunóidh an t-údarás maoirseachta liosta de na cineálacha oibríochtaí próiseála atá faoi réir an cheanglais maidir le measúnútionchairarchosaintsonraí a dhéanamh de bhun mhír 1 agus cuirfidh sé an liosta sin ar fáil don phobal.
The supervisory authority shall establish and make public a list of the kind of processing operations which are subject to the requirement for a data protection impact assessment pursuant to paragraph 1.
#707427
Maidir leis na rialaitheoirí agus na próiseálaithe ábhartha a bheith ag comhlíonadh na gcód iompair formheasta dá dtagraítear in Airteagal 40, cuirfear é sin san áireamh agus measúnú á dhéanamh arthionchar na n-oibríochtaí próiseála a dhéanann na rialaitheoirí nó na próiseálaithe sin, go háirithe chun críocha measúnútionchairarchosaintsonraí.
Compliance with approved codes of conduct referred to in Article 40 by the relevant controllers or processors shall be taken into due account in assessing the impact of the processing operations performed by such controllers or processors, in particular for the purposes of a data protection impact assessment.
#707429
I gcás ina bhfuil bunús dlí ag an bpróiseáil de bhun phointe (c) nó (e) d'Airteagal 6(1) i ndlí an Aontais nó i ndlí Ballstáit ar faoina réir atá an rialaitheoir, agus go rialaíonn an dlí sin an oibríocht próiseála shonrach nó an sraith d'oibríochtaí atá i gceist, agus ina bhfuil measúnútionchairarchosaintsonraí déanta cheana mar chuid de mheasúnú ginearálta tionchair i gcomhthéacs ghlacadh an bhunúis dlí sin, ní bheidh feidhm ag mír 1 go mír 7, mura measann na Ballstáit go bhfuil sé riachtanach measúnú den sórt sin a dhéanamh sula rachfar i mbun na ngníomhaíochtaí próiseála.
Where processing pursuant to point (c) or (e) of Article 6(1) has a legal basis in Union law or in the law of the Member State to which the controller is subject, that law regulates the specific processing operation or set of operations in question, and a data protection impact assessment has already been carried out as part of a general impact assessment in the context of the adoption of that legal basis, paragraphs 1 to 7 shall not apply unless Member States deem it to be necessary to carry out such an assessment prior to processing activities.
#707430
I gcás inar gá, déanfaidh an rialaitheoir athbhreithniú chun a mheas an bhfuil an phróiseáil á déanamh i gcomhréir leis an measúnútionchairarchosaintsonraí, ar a laghad nuair a bhíonn athrú sa riosca a bhaineann le hoibríochtaí próiseála.
Where necessary, the controller shall carry out a review to assess if processing is performed in accordance with the data protection impact assessment at least when there is a change of the risk represented by processing operations.
#1668417
I dtaca leis na socruithe ginearálta maidir le cosaint oibrithe a bunaíodh faoin Treoir sin, is gnéithe tábhachtacha díobh sin na teorainnluachanna ceangailteacha um nochtadh ceirde a bunaíodh ar bhonn na faisnéise infhaighte, lena n-áirítear sonraí eolaíocha agus teicniúla, indéantacht eacnamaíoch, measúnú críochnúil ar an tionchar socheacnamaíoch agus infhaighteacht prótacal agus teicnící maidir le nochtadh a thomhas ag an láthair oibre.
Binding occupational exposure limit values established on the basis of available information, including scientific and technical data, economic feasibility, a thorough assessment of the socioeconomic impact and availability of exposure measurement protocols and techniques at the workplace, are important components of the general arrangements for the protection of workers established by that Directive.