Schedule A - Data Protection Impact Assessment. If a data protection impact assessment (DPIA) has been conducted in respect of the data sharing to which this Data Sharing Agreement relates, a summary of the matters referred to in Article 35(7) of the GDPR is required to be filled in the table below. If a data protection impact assessment has not been conducted as it is not mandatory where processing is not “likely to result in a high risk to the rights and freedoms of natural persons” (Article 35 of the GDPR), outline the reasons for that decision in the table below. DPIA SUMMARY OF DATA PROTECTION IMPACT ASSESSMENT Has been conducted ☐ Has not been conducted ☒ A screening exercise was undertaken by National Monuments Service to determine if a Data Protection Impact Assessment was required under GDPR Article 36. From which it was determined there was unlikely to be any high risk to the rights and freedoms of data subjects. Accordingly, a full Data Protection Impact Assessment has not been conducted Under S.20(4) of Data Sharing and Governance Act, an amended draft agreement must be submitted for review to the Data Governance Board in accordance with Part 9, Chapter 2 of the Data Sharing and Governance Act.
Appears in 4 contracts
Samples: Data Sharing Agreement, Data Sharing Agreement, Data Sharing Agreement
Schedule A - Data Protection Impact Assessment. If a data protection impact assessment (DPIA) has been conducted in respect of the data sharing to which this Data Sharing Agreement relates, a summary of the matters referred to in Article 35(7) of the GDPR is required to be filled in the table below. If a data protection impact assessment has not been conducted as it is not mandatory where processing is not “likely to result in a high risk to the rights and freedoms of natural persons” (Article 35 of the GDPR), outline the reasons for that decision in the table below. DPIA SUMMARY OF DATA PROTECTION IMPACT ASSESSMENT Has been conducted ☐ Has not been conducted ☒ A screening exercise was undertaken by National Monuments Service to determine if a Data Protection Impact Assessment was required under GDPR Article 36. From which it was determined there was unlikely to be any high risk to the rights and freedoms of data subjects. Accordingly, a full Data Protection Impact Assessment has not been conducted Under S.20(4) of Data Sharing and Governance Act, an amended draft agreement must be submitted for review to the Data Governance Board in accordance with Part 9, Chapter 2 of the Data Sharing and Governance Actconducted.
Appears in 2 contracts
Samples: Data Sharing Agreement, Data Sharing Agreement
Schedule A - Data Protection Impact Assessment. If a data protection impact assessment (DPIA) has been conducted in respect of the data sharing to which this Data Sharing Agreement relates, a summary of the matters referred to in Article 35(7) of the GDPR is required to be filled in the table below. If a data protection impact assessment has not been conducted as it is not mandatory where processing is not “likely to result in a high risk to the rights and freedoms of natural persons” (Article 35 of the GDPR), outline the reasons for that decision in the table below. DPIA SUMMARY OF DATA PROTECTION IMPACT ASSESSMENT Has been conducted [select ☐ Has not been conducted ☒ appropriately] [A screening exercise was undertaken by National Monuments Has not been conducted [select appropriately] ☒ Service to determine if a Data Protection Impact Assessment was required under GDPR Article 36. From 36 from which it was determined there was unlikely to be any high risk to the rights and freedoms of data subjects. Accordingly, a full Data Protection Impact Assessment has not been conducted conducted.] Under S.20(4) of Data Sharing and Governance Act, an amended draft agreement must be submitted for review to the Data Governance Board in accordance with Part 9, Chapter 2 of the Data Sharing and Governance Act.
Appears in 2 contracts
Samples: Data Sharing Agreement, Data Sharing Agreement
