Introduction
This page provides guidance and information how your DSpace based repository service can comply to GDPR regulation.
Appropriate lawful basis for processing personal data
Legitimate interest
In order to use legitimate interest as the lawful basis of processing personal data, your repository service must be clear about what the legitimate interests are.
TEMPLATE: Informing registered DSpace users (Legitimate basis - NOT asking consent)
Detecting and reporting breaches
GDPR requires detection and reporting of breaches.
DSpace breach: definition
...
DSpace breach: affected parties - who to contact
...
DSpace breach: what to communicate - how to address breach
...
Addressing consumer requests enforcing GDPR rights
You might be getting these type of requests/emails to enforce GDPR rights of consumers: https://github.com/bram-atmire/GDPR-Claim-Templates
Right of access and data portability
...
Right of rectification
...
Right to be forgotten
...
Right to be informed
...
Right to restrict processing
...
Overview
Content Tools
1 Comment
Bram Luyten (Atmire)
Would be great if similar to creative commons, we can use a lingua franca in the form of official icons, to communicate what's being done with data:
https://wiki.mozilla.org/Privacy_Icons