The article highlights the first two paragraphs of Article 20 of the GDPR:
“1) The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
· the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and
· the processing is carried out by automated means.
2) In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.”
Article 20 allows consumers to obtain their personal data and transmit it to another controller. However, it also allows them to “have the(ir) personal data transmitted directly from one controller to another, where technically feasible”. The new regulations are clearly a positive modification for the consumers, as they provide them with control of their personal data – hereby allowing them more freedom of choice in deciding on a service. Previously, the legislation gave consumers the right to data access, however they “were constrained by the format chosen by the data controller when providing the requested information.” The GDPR changes this and is set to “enrich customer experiences”.
If you want to read more about this, the full article is available here.
The article describes some points that need to be met in order to make data portability possible. IDLink meets them all and solves any potentially technical hindering with regards to Data Portability, securing formatting and tagging of personal data. If this is something your company needs help with, you can contact us at: idlink.eu/contact