Abstrakt

The protection of personal data derives from the right to privacy. Since then, the scope of the processing of personal data, the nature of the data collected and the way in which they are processed have changed radically as a result of technological progress and globalisation. New technologies make it possible to process personal data on an unprecedented scale. The new regulations, i. e. the GDPR and the ePrivacy Regulation, aim to ensure that individuals have control over their personal data. The GDPR takes a more restrictive approach to consent. In the light of new legal regulations, the consent to the processing of personal data as a criterion for the legalization of data processing was redefined. Consent to the processing of personal data must be freely given, specific, informed and unambiguous, must be given in the form of a statement or a clear action which authorises the processing of personal data. Data controllers must obtain and keep records of consent in an appropriate manner so that, in case of a data subject's complaint, they can demonstrate that the data subject has actually consented to the processing of his or her personal data.