This article applies for platforms accepting the exchange of Personal Data. To find out if this approach is available to you you can contact the team responsible for your account. If not, go to the first step of the offer submission, section "The data" to see the types of data available.
Personal data refers to data that includes an information related to an identified or identifiable natural person, such as:
- last name
- first name
- postal or e-mail address
- telephone number
- photo
- IP address
- license plate number
- etc.
Legal obligations
When collecting, processing, or transferring data containing personal information, people and entities responsible for the data are required to comply with applicable laws and regulations.
In order for a transaction concerning a file containing personal data to be lawful, both the acquirer and provider must comply with these laws and regulations.
At every step in the process, the platform informs the acquirer and provider regarding their rights and obligations related to processing data that contains personal information. The platform declines all responsibility in the event that either the acquirer or provider does not respect legal obligations.
What is individual personal data?
Individual personal data is data that is defined, by European Data Protection Directive No. 95/46 of 1995, as being sensitive, that is, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, data concerning health or sex life;
- biometric data, that is, data derived from computer processing that enables individuals to be identified by their physical, biological, or behavioral characteristics;
- genetic data;
- data concerning criminal offenses and convictions, or security measures.
Processing and transferring individual personal data
Transferring data of this type is not allowed on the platform.
In fact, it is forbidden to process this type of data within the European Union and in a number of other countries. There are exceptions, but processing individual personal data is generally subject to authorization from the data protection authorities in the country in which the person or entity responsible for processing the data resides (for example: the CNIL in France).
In addition, transferring individual personal data from a country in the European Union to another country that does not offer an adequate level of protection is also subject to authorization by the appropriate data protection authorities, as well as the notification or even prior consent of the people concerned.