Laws ›

GDPR - Article 03

Definition

Defines the territorial scope of GDPR

Excerpt

  1. This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
  2. This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
    1. the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
    2. the monitoring of their behaviour as far as their behaviour takes place within the Union.
  3. This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.
View full legislation ›

Related cases

Brigitte A. v. N & Co Material GmbH

The Austrian DPA found the respondent at fault for not providing information and notifications in languages that are relevant to the countries where the services are being offered, based on the nationality or place of residence of the data subject.

Related deceptive patterns

Trick wording
The user is misled into taking an action, due to the presentation of confusing or misleading language.
Legal enforcement database by Leiser, Santos and Doshi

The information about laws and cases on this website is brought to you by the Leiser, Santos and Doshi enforcement database.

About us