France EPP

Michèle Striffler

Country: France
Group: European People's Party (EPP)
Party: Union pour un Mouvement Populaire - Parti Radical (UMP/PR)

Vice-Chair of Development
Substitute of Civil Liberties, Justice and Home Affairs
Substitute of Women's Rights and Gender Equality

Overview Michèle Striffler

Amendments: 7
...stronger: 3
...weaker: 3
...neutral: 1

Amendments by Michèle Striffler

(23) The principles of protection should apply to any information concerning an identified or identifiable person. To determine whether a natural person is identifiable, even after his or her death, account should be taken of all the means likely reasonably to be used either by the controller or by any other person to identify the individual. The principles of data protection should not apply to data rendered anonymous in such a way that the data subject is no longer identifiable.
 
(a) the identity and the contact details of the controller and, if any, of the controller's representative and the contact details of the data protection officer;
 
2. The data subject shall have the right to obtain from the controller communication of the personal data undergoing processing. Where the data subject makes the request in electronic form, the information shall be provided in electronic form, unless otherwise requested by the data subject.with the exception of data prejudicial to business confidentiality, which shall be provided in the form of a hard copy.
 
1a. The heirs of a deceased person shall have the right to obtain from the controller acknowledgement of the death of the data subject and an undertaking to cease disseminating his or her data.
  Comment: Two sided.
2. Where the data subject has provided the personal data and the processing is based on consent or on a contract, the data subject shall have the right to transmit those personal data and any other information provided by the data subject and retained by an automated processing system, into another one, in an electronic format which is commonly used, with the exception of data prejudicial to business confidentiality which are provided in the form of hard copies, without hindrance from the controller from whom the personal data are withdrawn.
 
1. In the case of a major personal data breach, the controller shall without undue delay and, where feasible, not later than 24 hours after having become aware of it, notify the personal data breach to the supervisory authority. The notification to the supervisory authority shall be accompanied by a reasoned justification in cases where it is not made within 24 hours.
 
1a. The controller shall keep a list of minor breaches and make that list available to the supervisory authority.