Project:Vocabulary/GDPR

From Wikibase Personal data
Jump to navigation Jump to search

Use cases

The Ontology need to be suitable for data entries and the usages of those data. We need to identify use case and test the ontology against those.


Examples


Core snaks

Issues/Clashes

  • Use of comment (Q1048) qualifier
    • Currently the Le Temps GDPR generator (// License: GPL

// console.log("Loading Access.js")

var controller_item_id = 96;

var wbEStruct = { instanceOfRelations: 'claims.P3', // location of P3 relations in wbEntity IDPropLoc: 'mainsnak.datavalue.value', // location of ID properties in related entity IDName: 'numeric-id' // ID property name which checked };

mw.hook( 'wikibase.entityPage.entityLoaded' ).add( function ( entity ) {

     'use strict';
     // Your code goes here
     // console.log( entity );

// check if we are on a page of a loaded Entity if ( typeof entity != "undefined" ) { // get wbEntity as json var obj = entity ; // console.log( "parsed object", obj ) // check if we have P3 relations and iterate through if ( typeof check( obj, wbEStruct["instanceOfRelations"] ) != "undefined" ) { // console.log( "object has 'instance of' relations" ); for( var i = 0; i < dive( obj, wbEStruct["instanceOfRelations"] ).length; i++ ) { // console.log("dived in"); // check if we have controller id constructed from wbEntity if( dive( dive( obj, wbEStruct["instanceOfRelations"])[i] , wbEStruct["IDPropLoc"])[wbEStruct["IDName"]] === controller_item_id ) { // console.log( "it's a controller" ) var $title2 = $( '.wikibase-title' ), qId = $title2.find( '.wikibase-title-id' ).text().replace( /[()]/g, ); var api = new mw.Api();

                               api.get( {

action: 'expandtemplates', text: '<a href="?subject=Subject%20Access%20Request%20to&body=Dear%20%2C%0A%0AThis%20is%20a%20transparency%20request%20under%20the%20General%20Data%20Protection%20Regulation%2C%20including%20a%20subject%20access%20request%2C%20a%20portability%20request%2C%20and%20other%20specific%20provisions.%20%2A%2APlease%20note%20that%20it%20is%20not%20legal%20to%20require%20data%20subjects%20to%20use%20an%20%20in-house%20form%2A%2A.%20%28see%20for%20instance%20UK%20Information%20Commissioner%E2%80%99s%20Office%2C%20%E2%80%98Subject%20Access%20Code%20of%20Practice%E2%80%99%20%289%20June%202017%29%20p%2013%3B%20Information%20Commissioner%E2%80%99s%20Office%2C%20%E2%80%98Guide%20to%20the%20GDPR%3A%20Right%20to%20access%E2%80%99%20%2822%20May%202019%29%2C%20stating%20that%20%27even%20if%20you%20have%20a%20form%2C%20you%20should%20note%20that%20a%20subject%20access%20request%20is%20valid%20if%20it%20is%20submitted%20by%20any%20means%2C%20so%20you%20will%20still%20need%20to%20comply%20with%20any%20requests%20you%20receive%20in%20a%20letter%2C%20a%20standard%20email%20or%20verbally%20%5B..%5D%20although%20you%20may%20invite%20individuals%20to%20use%20a%20form%2C%20you%20must%20make%20it%20clear%20that%20it%20is%20not%20compulsory%27%29%0A%0AI%20would%20like%20to%20request%20a%20copy%20of%20all%20my%20personal%20data%20held%20and%2For%20undergoing%20processing.%20This%20is%20both%20a%20subject%20access%20request%20and%20a%20portability%20request.%0A%0ACopies%20of%20my%20personal%20data%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20covers%20all%20my%20personal%20data%20%0A%0AArticle%2020%0A----------%0AFor%20data%20falling%20within%20the%20right%20to%20data%20portability%20%28GDPR%2C%20art%2020%29%2C%20which%20includes%20all%20data%20I%20have%20provided%20%2Aand%2A%20which%20have%20been%20indirectly%20observed%20about%20me%20%28Article%2029%20Working%20Party%2C%20%2AGuidelines%20on%20the%20Right%20to%20Data%20Portability%20%28WP%20242%29%2A%2C%2013%20December%202016%2C%208%29%20and%20where%20lawful%20bases%20for%20processing%20include%20consent%20or%20contract%2C%20I%20wish%20to%20have%20that%20data%3A%0A%0A-%20%20%20%2A%2Asent%20to%20me%20in%20commonly%20used%2C%20structured%2C%20machine-readable%20format%2A%2A%2C%20such%20as%20a%20CSV%20file.%20A%20PDF%20is%20not%20a%20machine-readable%20format%20%28Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%E2%80%99%20WP260%20rev.01%2C%2011%20April%202018%29.%0A%0A-%20%20%20accompanied%20with%20an%20%2A%2Aintelligible%20description%20of%20all%20variables.%2A%2A%0A%0AArticle%2015%0A----------%0AFor%20all%20personal%20data%20not%20falling%20within%20portability%2C%20I%20would%20like%20to%20request%2C%20under%20the%20right%20to%20access%20%28GDPR%2C%20art%2015%29%3A%0A%0A-%20%20%20%2A%2Aa%20copy%20sent%20to%20me%20in%20electronic%20format%2A%2A.%20This%20includes%20any%20data%20derived%20about%20me%2C%20such%20as%20opinions%2C%20inferences%2C%20settings%20and%20preferences.%20%28Note%20that%20opinions%2C%20inferences%20and%20the%20like%20are%20considered%20personal%20data.%20See%20Case%20C%E2%80%91434%2F16%20%2APeter%20Nowak%20v%20Data%20Protection%20Commissioner%2A%20%5B2017%5D%20ECLI%3AEU%3AC%3A2017%3A994%2C%2034.%29%20%20For%20data%20that%20is%20available%20to%20the%20controller%20in%20machine%20readable%20format%2C%20it%20must%20be%20provided%20to%20me%20in%20that%20form%20in%20accordance%20with%20the%20principle%20of%20fairness%20and%20provision%20of%20data%20protection%20by%20design.%0A%0AIf%20your%20organisation%20considers%20me%20a%20controller%20for%20whom%20you%20process%0A-------------------------------------------------------------------%0AFurthermore%2C%20if%20your%20business%20considers%20me%20the%20controller%20of%20any%20personal%20data%20for%20which%20your%20business%20acts%20as%20processor%2C%20please%20provide%20me%20%2A%2Awith%20all%20the%20data%20you%20process%20on%20my%20behalf%20in%20machine%20readable%20format%2A%2A%20in%20accordance%20with%20your%20obligation%20to%20respect%20my%20to%20determination%20of%20the%20means%20and%20purposes%20of%20processing.%0A%0A%0AMetadata%20on%20processing%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20also%20includes%20the%20metadata%20I%20am%20entitled%20to%20under%20the%20GDPR.%0A%0AInformation%20on%20controllers%2C%20processors%2C%20source%20and%20transfers%0A------------------------------------------------------------%0A%0A-%20The%20%2A%2Aidentity%20of%20all%20joint%20controllers%2A%2A%20of%20my%20personal%20data%2C%20as%20well%20as%20the%20essence%20of%20you%20contracts%20with%20them%20%28Article%2026%29.%0A%0A%0A-%20Any%20%2A%2Athird%20parties%20to%20whom%20data%20has%20been%20disclosed%2A%2A%2C%20named%20with%20contact%20details%20in%20accordance%20with%20Article%2015%281%29%28c%29.%20Please%20note%20that%20the%20European%20data%20protection%20regulators%20have%20stated%20that%20by%20default%2C%20controllers%20should%20name%20precise%20recipients%20and%20not%20%22categories%22%20of%20recipients.%20If%20they%20do%20choose%20to%20name%20categories%2C%20they%20must%20justify%20why%20this%20is%20fair%2C%20and%20be%20specific%2C%20naming%20%22the%20type%20of%20recipient%20%28i.e.%20by%20reference%20to%20the%20activities%20it%20carries%20out%29%2C%20the%20industry%2C%20sector%20and%20sub-sector%20and%20the%20location%20of%20the%20recipients.%20%28%20Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%E2%80%99%20WP260%20rev.01%2C%2011%20April%202018%20%29%20Please%20note%20that%20in%20the%20case%20of%20any%20transferred%20data%20processed%20on%20the%20basis%20of%20consent%2C%20there%20is%20no%20option%20to%20just%20name%20categories%20of%20recipients%20without%20invalidating%20that%20legal%20basis%20%28Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Consent%20under%20Regulation%202016%2F679%E2%80%99%20%28WP259%20rev.01%2C%2010%20April%202018%29%2013%29.%0A%0A-%20If%20any%20data%20was%20not%20collected%2C%20observed%20or%20inferred%20from%20me%20directly%2C%20please%20provide%20precise%20information%20about%20%2A%2Athe%20source%20of%20that%20data%2A%2A%2C%20including%20the%20name%20and%20contact%20email%20of%20the%20data%20controller%28s%29%20in%20question%20%28%22from%20which%20source%20the%20personal%20data%20originate%22%2C%20Article%2014%282%29%28f%29%2F15%281%29%28g%29%29.%0A%0A-%20Please%20confirm%20where%20my%20personal%20data%20is%20physically%20stored%20%28including%20backups%29%20and%20at%20the%20very%20least%20%2A%2Awhether%20it%20has%20exited%20the%20EU%20at%20any%20stage%20%28if%20so%2C%20please%20also%20detail%20the%20legal%20grounds%20and%20safeguards%20for%20such%20data%20transfers%29%2A%2A.%0A%0AInformation%20on%20purposes%20and%20legal%20basis%0A---------------------------------------%0A%0A-%20All%20%2A%2Aprocessing%20purposes%20and%20the%20lawful%20basis%20for%20those%20purposes%20by%20category%20of%20personal%20data%2A%2A.%20This%20list%20must%20be%20broken%20down%20by%20purpose%2C%20lawful%20basis%20aligned%20to%20purposes%2C%20and%20categories%20of%20data%20concerned%20aligned%20to%20purposes%20and%20lawful%20bases.%20Separate%20lists%20where%20these%20three%20factors%20do%20not%20correspond%20are%20not%20acceptable%20%28Article%2029%20Working%20Party%2C%20%E2%80%98Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%E2%80%99%20%28WP260%20rev.01%2C%2011%20April%202018%29%2C%20page%2035.%0A%29.%20A%20table%20may%20be%20the%20best%20way%20to%20display%20this%20information.%0A%0A-%20The%20%2A%2Aspecified%20legitimate%20interest%2A%2A%20where%20legitimate%20interest%20is%20relied%20upon%20%28Article%2014%282%29%28b%29%29.%0A%0AInformation%20on%20automated%20decision-making%20%0A----------------------------------------%0A-%20Please%20confirm%20whether%20or%20not%20you%20make%20any%20automated%20decisions%20%28within%20the%20meaning%20of%20Article%2022%2C%20GDPR%29.%20If%20the%20answer%20is%20yes%2C%20please%20provide%20meaningful%20information%20about%20the%20logic%20involved%2C%20as%20well%20as%20the%20significance%20and%20the%20envisaged%20consequences%20of%20such%20processing%20for%20me.%20%28Article%2015%281%29%28h%29%29%0A%0AInformation%20on%20storage%0A----------------------%0A-%20Please%20confirm%20for%20how%20long%20each%20category%20of%20personal%20data%20is%20stored%2C%20or%20the%20criteria%20used%20to%20make%20this%20decision%2C%20in%20accordance%20with%20the%20storage%20limitation%20principle%20and%20Article%2015%281%29%28d%29.%0A%0A%0A%0A%0AIf%20you%20do%20not%20normally%20deal%20with%20these%20requests%2C%20please%20pass%20this%20email%20to%20your%20Data%20Protection%20Officer.%20If%20you%20need%20advice%20on%20dealing%20with%20this%20request%2C%20any%20European%20Data%20Protection%20Authority%20should%20be%20able%20to%20provide%20you%20with%20assistance.%20%0A%0AIn%20accordance%20with%20the%20law%2C%20I%20look%20forward%20to%20hearing%20from%20you%20within%20one%20month%20of%20receipt.%0A%0ARegards%2C%0A%0A%3C%3C%20FIRST_NAME%20LAST_NAME%20%3E%3E "> Do a GDPR SAR to this controller!</a>' } ).done( function ( data ) {

                                   var expanded = $(data.expandtemplates["*"])
                                   // console.log(expanded)

mw.notify( expanded , { autoHide: false } ); } ); } } } // Else let's do nothing; }

 } );
 

// helper function for diving into a part of array function indexinterpolate(obj,i) { return (obj[i] != undefined) ? obj[i] : obj};

// helper function for checking a part of an array exists function indexcheck(obj,i) { return (obj[i] != undefined) ? obj[i] : undefined };

// dive selects matrix.a.b.c.d from the array called matrix and 'a.b.c.d' as string // if a.b.c.d does not exists, it returns the substructure until the substructure exists, if d does not exist, it returns matrix.a.b.c e.g.

function dive(array, read){ return read.split('.').reduce(indexinterpolate, array); }

function check(array, read){

       return read.split('.').reduce(indexcheck, array);

}) uses the comment (Q1048) qualifier when attached to a collects (P10) snak and prints that text in brackets after each data point in the generated GDPR letter. Originally Alex Bowyer's GDPR Generator const DATA_CONTROLLER_ITEM_ID = 96; // because Q96 is data controller" const INSTANCE_OF_PROPERTY = 'claims.P3'; // because P3 is the property "instance of"

function generateGDPRLink(dataControllerItemID) { // make an API call to expand the letter template, using this item. let api = new mw.Api();

   api.get( {

action: 'expandtemplates', text: '<a href=" ?subject=Subject%20Access%20Request%20to&body=Dear%20%2C%0A%0AThis%20message%20is%20a%20transparency%20request%20under%20the%20General%20Data%20Protection%20Regulation%2C%20including%20a%20subject%20access%20request%2C%20a%20portability%20request%2C%20and%20other%20specific%20provisions.%20Please%20note%20that%20it%20is%20not%20legal%20to%20%2Arequire%2A%20data%20subjects%20to%20use%20an%20in-house%20form%5B1%5D.%20%0A%0AI%20would%20like%20to%20request%20a%20copy%20of%20all%20my%20personal%20data%20held%20and%2For%20undergoing%20processing.%20This%20is%20both%20a%20subject%20access%20request%20and%20a%20portability%20request.%20This%20message%20is%20not%20in%20any%20way%20to%20be%20considered%20as%20a%20complaint.%0A%0ACopies%20of%20my%20personal%20data%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20covers%20all%20my%20personal%20data%20%0A%0AFor%20any%20and%20all%20items%20where%20you%20do%20not%20hold%20any%20data%20about%20me%2C%20please%20explicitly%20confirm%20that%20you%20do%20not%20hold%20any%20data%20of%20that%20type%20about%20me.%0A%0AArticle%2020%0A----------%0AFor%20data%20falling%20within%20the%20right%20to%20data%20portability%20%28GDPR%20article%2020%29%2C%20which%20includes%20all%20data%20I%20have%20provided%20%2Aand%2A%20which%20have%20been%20indirectly%20observed%20about%20me%20%5B2%5D%20and%20where%20lawful%20bases%20for%20processing%20include%20consent%20or%20contract%2C%20I%20wish%20to%20have%20that%20data%3A%0A%0A-%20%20%20sent%20to%20me%20in%20commonly%20used%2C%20structured%2C%20machine-readable%20format%2C%20such%20as%20a%20CSV%20file.%20A%20PDF%20is%20not%20a%20machine-readable%20format%20%5B3%5D.%0A-%20%20%20accompanied%20with%20an%20intelligible%20description%20of%20all%20variables.%0A%0AArticle%2015%0A----------%0AFor%20all%20personal%20data%20not%20falling%20within%20portability%2C%20I%20would%20like%20to%20request%2C%20under%20the%20right%20to%20access%20%28GDPR%2C%20article%2015%29%3A%0A%0A-%20%20%20a%20copy%20sent%20to%20me%20in%20electronic%20format.%20This%20includes%20any%20data%20derived%20about%20me%2C%20such%20as%20opinions%2C%20inferences%2C%20settings%20and%20preferences.%20Note%20that%20opinions%2C%20inferences%20and%20the%20like%20are%20considered%20personal%20data%20%5B4%5D.%20For%20data%20that%20is%20available%20to%20the%20controller%20in%20machine%20readable%20format%2C%20it%20must%20be%20provided%20to%20me%20in%20that%20form%20in%20accordance%20with%20the%20principle%20of%20fairness%20and%20provision%20of%20data%20protection%20by%20design.%0A%0AIf%20your%20organisation%20considers%20me%20a%20controller%20for%20whom%20you%20process%0A-------------------------------------------------------------------%0AFurthermore%2C%20if%20your%20business%20considers%20me%20the%20controller%20of%20any%20personal%20data%20for%20which%20your%20business%20acts%20as%20processor%2C%20please%20provide%20me%20with%20all%20the%20data%20you%20process%20on%20my%20behalf%20in%20machine%20readable%20format%20in%20accordance%20with%20your%20obligation%20to%20respect%20my%20to%20determination%20of%20the%20means%20and%20purposes%20of%20processing.%0A%0AMetadata%20on%20processing%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20also%20includes%20the%20metadata%20I%20am%20entitled%20to%20under%20the%20GDPR.%0A%0AInformation%20on%20controllers%2C%20processors%2C%20source%20and%20transfers%0A------------------------------------------------------------%0A%0A-%20The%20identity%20of%20all%20joint%20controllers%20of%20my%20personal%20data%2C%20as%20well%20as%20the%20essence%20of%20you%20contracts%20with%20them%20%28GDPR%20Article%2026%29.%0A%0A-%20Any%20third%20parties%20to%20whom%20data%20has%20been%20disclosed%2C%20named%20with%20contact%20details%20in%20accordance%20with%20Article%2015%281%29%28c%29.%20Please%20note%20that%20the%20European%20data%20protection%20regulators%20have%20stated%20that%20by%20default%2C%20controllers%20should%20name%20precise%20recipients%20and%20not%20%22categories%22%20of%20recipients.%20If%20they%20do%20choose%20to%20name%20categories%2C%20they%20must%20justify%20why%20this%20is%20fair%2C%20and%20be%20specific%2C%20naming%20%22the%20type%20of%20recipient%20%28i.e.%20by%20reference%20to%20the%20activities%20it%20carries%20out%29%2C%20the%20industry%2C%20sector%20and%20sub-sector%20and%20the%20location%20of%20the%20recipients%20%5B3%5D.%20Please%20note%20that%20in%20the%20case%20of%20any%20transferred%20data%20processed%20on%20the%20basis%20of%20consent%2C%20there%20is%20no%20option%20to%20just%20name%20categories%20of%20recipients%20without%20invalidating%20that%20legal%20basis%20%5B5%5D.%0A%0A-%20If%20any%20data%20was%20not%20collected%2C%20observed%20or%20inferred%20from%20me%20directly%2C%20please%20provide%20precise%20information%20about%20the%20source%20of%20that%20data%2C%20including%20the%20name%20and%20contact%20email%20of%20the%20data%20controller%28s%29%20in%20question%20%28%22from%20which%20source%20the%20personal%20data%20originate%22%2C%20Article%2014%282%29%28f%29%2F15%281%29%28g%29%29.%0A%0A-%20Please%20confirm%20where%20my%20personal%20data%20is%20physically%20stored%20%28including%20backups%29%20and%20at%20the%20very%20least%20whether%20it%20has%20exited%20the%20EU%20at%20any%20stage%20%28if%20so%2C%20please%20also%20detail%20the%20legal%20grounds%20and%20safeguards%20for%20such%20data%20transfers%29.%0A%0AInformation%20on%20purposes%20and%20legal%20basis%0A---------------------------------------%0A%0A-%20All%20processing%20purposes%20and%20the%20lawful%20basis%20for%20those%20purposes%20by%20category%20of%20personal%20data.%20This%20list%20must%20be%20broken%20down%20by%20purpose%2C%20lawful%20basis%20aligned%20to%20purposes%2C%20and%20categories%20of%20data%20concerned%20aligned%20to%20purposes%20and%20lawful%20bases.%20Separate%20lists%20where%20these%20three%20factors%20do%20not%20correspond%20are%20not%20acceptable%20%28Article%2029%20Working%20Party%20%5B6%5D%29.%20A%20table%20may%20be%20the%20best%20way%20to%20display%20this%20information.%0A%0A-%20The%20specified%20legitimate%20interest%20where%20legitimate%20interest%20is%20relied%20upon%20%28Article%2014%282%29%28b%29%29.%0A%0AInformation%20on%20automated%20decision-making%20%0A----------------------------------------%0A-%20Please%20confirm%20whether%20or%20not%20you%20make%20any%20automated%20decisions%20%28within%20the%20meaning%20of%20Article%2022%2C%20GDPR%29.%20If%20the%20answer%20is%20yes%2C%20please%20provide%20meaningful%20information%20about%20the%20logic%20involved%2C%20as%20well%20as%20the%20significance%20and%20the%20envisaged%20consequences%20of%20such%20processing%20for%20me.%20%28Article%2015%281%29%28h%29%29%0A%0AInformation%20on%20storage%0A----------------------%0A-%20Please%20confirm%20for%20how%20long%20each%20category%20of%20personal%20data%20is%20stored%2C%20or%20the%20criteria%20used%20to%20make%20this%20decision%2C%20in%20accordance%20with%20the%20storage%20limitation%20principle%20and%20Article%2015%281%29%28d%29.%0A%0A%0A%0AIf%20you%20do%20not%20normally%20deal%20with%20these%20requests%2C%20please%20pass%20this%20email%20to%20your%20Data%20Protection%20Officer.%20If%20you%20need%20advice%20on%20dealing%20with%20this%20request%2C%20any%20European%20Data%20Protection%20Authority%20should%20be%20able%20to%20provide%20you%20with%20assistance.%20%0A%0AIn%20accordance%20with%20the%20law%2C%20I%20look%20forward%20to%20hearing%20from%20you%20within%20one%20month%20of%20receipt.%0A%0ARegards%2C%0A%0A%3C%3C%20FIRST_NAME%20LAST_NAME%20%3E%3E%0A%0AReferences%3A%0A-----------%0A%5B1%5D%20UK%20Information%20Commissioner%E2%80%99s%20Office%2C%20Subject%20Access%20Code%20of%20Practice%20%289%20June%202017%29%20p13%3B%20Information%20Commissioner%E2%80%99s%20Office%2C%20%E2%80%98Guide%20to%20the%20GDPR%3A%20Right%20to%20access%E2%80%99%20%2822%20May%202019%29%3A%20%27Even%20if%20you%20have%20a%20form%2C%20you%20should%20note%20that%20a%20subject%20access%20request%20is%20valid%20if%20it%20is%20submitted%20by%20any%20means%2C%20so%20you%20will%20still%20need%20to%20comply%20with%20any%20requests%20you%20receive%20in%20a%20letter%2C%20a%20standard%20email%20or%20verbally%20%5B..%5D%20although%20you%20may%20invite%20individuals%20to%20use%20a%20form%2C%20you%20must%20make%20it%20clear%20that%20it%20is%20not%20compulsory%27.%0A%5B2%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20the%20Right%20to%20Data%20Portability%20%28WP%20242%29%2C%2013%20December%202016%2C%208.%0A%5B3%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%20WP260%20rev.01%2C%2011%20April%202018.%0A%5B4%5D%20See%20Case%20C%E2%80%91434%2F16%20Peter%20Nowak%20v%20Data%20Protection%20Commissioner%20%5B2017%5D%20ECLI%3AEU%3AC%3A2017%3A994%2C%2034.%0A%5B5%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20Consent%20under%20Regulation%202016%2F679%20WP259%20rev.01%2C%2010%20April%202018%2C%2013.%0A%5B6%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%20WP260%20rev.01%2C%2011%20April%202018%2C%20page%2035.


"> Request your data from </a> ' } ).done( function ( data ) {

       var expanded = $(data.expandtemplates["*"])
   	mw.notify( expanded , { autoHide: false } ); // pop up the notification with the link

} ); }

function claimUsesDataControllerAsItsObject(claim) { return dive( claim , 'mainsnak.datavalue.value')['numeric-id'] === DATA_CONTROLLER_ITEM_ID; }

mw.hook( 'wikibase.entityPage.entityLoaded' ).add( function ( entity ) {

    'use strict';
     
    // get the ID of the current page

var pageID = document.querySelector('.wikibase-title .wikibase-title-id').innerText.replace( /[()]/g, );

    //console.log(pageID);
    if (isDataController(entity)) {

generateGDPRLink(pageID);

    }

});

function isDataController(entity) { let foundThatThisIsAnInstanceOfDataController = false;

if ( typeof entity != "undefined" ) // if we are on the page of a loaded entity { if ( typeof check( entity, INSTANCE_OF_PROPERTY ) != "undefined" ) // if the entity has any "instance of" claim { let claims = dive( entity, INSTANCE_OF_PROPERTY ); // get the claims which use the "instance of" property if (claims.some(claimUsesDataControllerAsItsObject)) { foundThatThisIsAnInstanceOfDataController = true; } } } return foundThatThisIsAnInstanceOfDataController; }

function dive(array, read){ return read.split('.').reduce(indexinterpolate, array); }

function check(array, read){

       return read.split('.').reduce(indexcheck, array);

} used comment (Q1048) qualifier to contain a policy excerpt but these are being migrated to policy excerpt (P287) as we do not want these printed in the letter (also many of them are too long and break the generator. Alex's generator has switched to never print the comment (Q1048) and he would recommend Le Temps do the same. comment (Q1048) should be free for use by wiki users to add detail about a snak. For example see the Template:P10 list usage in Spotify (Q281).


FAQ

Q: how do we refer to privacy policy? there are a few different ways to do it.

  • A: The correct one is privacy policy (Q29) though we have previously used Q3405 and some usages of this still need to be migrated. Q3667 and Q173 are erroneous and should be deleted.

Data rights snaks

Multiple choice between different options

References

PREFIX pdio: <https://wiki.personaldata.io/entity/>
PREFIX pdiot: <https://wiki.personaldata.io/prop/direct/>
PREFIX pdiop: <https://wiki.personaldata.io/prop/>
PREFIX pdiops: <https://wiki.personaldata.io/prop/statement/>
PREFIX pdiopq: <https://wiki.personaldata.io/prop/qualifier/>
SELECT ?item ?itemLabel ?link WHERE {
  ?item pdiot:P110 pdio:Q3006. #P110 <-concerns Q3006 <-ontology model	
  OPTIONAL {?item pdiot:P15 ?link.}
  SERVICE wikibase:label {
    bd:serviceParam wikibase:language "en" . 
  }
}
LIMIT 100

sources on (GDPR) ontology modeling (embedded)