EDPB: 23rd plenary session. Session, April 21, in which two guidelines were approved.

Table of contents


Application of the GDPR


3.1 “Data concerning health”

3.2 “Processing for the purpose of scientific research”

3.3 “Further processing”

Legal basis for the processing

4.1 Consent

4.2 National legislations

Data protection principles

5.1 Transparency and information to data subjects

5.1.1 When must the data subject be informed?

5.1.2 Exemptions

5.2 Purpose limitation and presumption of compatibility

5.3 Data minimisation and storage limitation

5.4 Integrity and confidentiality

Exercise of the rights of data subjects

International data transfers for scientific research purposes


Table of contents

1 Introduction & context

2 Use of location data

2.1 Sources of location data

2.2 Focus on the use of anonymised location data

3 contact tracing applications

3.1 General legal analysis

3.2 Recommendations and functional requirements

4 Conclusion

Annex — Contact Tracing Applications Analysis Guide.

In addition, the EDPB adopted a guide for contact tracing apps as an annex to the guidelines.

Leave an answer

Your email address will not be published.

The company processes your data to facilitate the publication and management of comments. You can exercise your rights of access, rectification, deletion and opposition, among others, according to our Privacy policy.