CHAPTER 1: SCOPE, CONTROLLERS AND PROCESSORS

The GDPR applies widely, but it is not universal. Equally, not all personal data processing falls under its purview. Many organisations will exist in ‘grey’ areas where certain processing may not be governed by the GDPR while others are, or could believe themselves exempt when they are not.

Scope of the GDPR

The GDPR applies a material scope and a territorial scope. These are the uses of personal data and the geographic regions that are governed by the Regulation.

In its broadest sense, the GDPR applies to:

the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which forms part of a filing system or are intended to form ...

Get EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.