On 12 March 2021 the ITI Western Regional Group (WRG) ran an online training event about GDPR. It featured a high-quality, information-packed presentation by Viviana Mucharraz, commercial legal advisor at Carbon Law Partners, which specialises in GDPR for businesses. It had been organised with superb efficiency and was facilitated by WRG member and former WRG Events Officer Sandra Mouton.
Viviana’s presentation provided a clear insight into GDPR obligations and the use of associated terminology: a “data controller” (for example an end client) is the person who decides how and why data is collected and processed, whereas a “data processor” (for example a freelance translator or interpreter) is a separate person or organisation processing such data on the controller’s behalf and in accordance with the controller’s instructions. Controllers have the highest level of compliance responsibility, whereas processors do not have the same level of obligations.
 |
| For GDPR purposes it is necessary to always consider the purpose for which data is processed |
The distinction between these roles depends on the particulars of each situation: an end client, an agency or a freelance translator or interpreter may act as a controller or a processor or as both! Viviana set out useful criteria and discussed how to ensure compliance in general. She explained that data is personal data if it relates to an identifiable living individual. Data processing covers almost any use of data: collecting, recording, storing, analysing, combining, disclosing and even deleting it!
She stressed that it is necessary to always consider the purpose for which data is processed or for which it is kept once an assignment has been completed. Keeping data may be acceptable, for example to comply with the provisions of an insurance policy (for a new purpose), even if an instruction (for a previous purpose) has been given not to keep such data. In this scenario it would be necessary to take steps to be able to demonstrate that such data was kept for a new purpose.
Viviana’s illuminating presentation was followed by
a question and answer session, in which she provided comprehensive
answers to the many burning questions on translation- and
interpreting-related GDPR issues from attendees. None of her information
should be taken as legal advice, but she advised us to generally err on
the side of caution (which may involve deleting personal data on our
systems after it has been used) and to demand written documentation of
any work instructions.
The afternoon moved along at a brisk pace and was rounded off with an insightful talk by John O’Shea from FIT Europe
about a recent survey conducted among translators and interpreters
about GDPR. Findings from the survey include that there is widespread
confusion about and low awareness of GDPR and that the availability of
privacy policy templates would be desirable.
The Western Regional
Group would like to thank both speakers and Sandra Mouton for a
thoroughly useful event. GDPR issues inevitably are a part of all our
businesses. The event has equipped us with the knowledge necessary to
better deal with many of these issues in future.
More exciting news! The latest issue of @ITIBulletin features an article written by our Joint Social Media Officer Lisa Hippe-Heisler (@detransferendo) about the GDPR event held by the WRG earlier this year. Head over to page 45 to check it out! @carbonlawptnrs @enFRdansletexte pic.twitter.com/qykkrjKlvd
— ITI WRG (@itiwesternregio) May 19, 2021
