SlideShare ist ein Scribd-Unternehmen logo
1 von 14
IOANNIS IGLEZAKIS, PROFESSOR
FACULTY OF LAW, ARISTOTLE UNIVERSITY
 Mobile apps or mobile applications since they were first launched in
2008 have found widespread application and are now used not only
for general productivity, information retrieval, email, and other
auxiliary services, but also for purposes normally handled by
desktop application software packages
 The existence of app stores has contributed greatly to the
development of the mobile app market
 There are different types of mobile applications, depending on the
platform on which they run, for example, Android, iOS, etc
 Apps offered on different platforms are either free or sold at a price
lower than ordinary software.
 App developers which offer free mobile apps gain revenue from in-app
advertising or from in-app purchases.
 The mobile app ecosystem is considered today one of the biggest
industries.
 Smart devices may be equipped with a multitude of sensors - App
developers make use of this connectivity through the APIs to collect
data from the device and data from the different sensors
 The fact that there exist many players in the app development and
distribution life-cycle, such as app developers, app owners, app
stores, operating systems and device manufacturers, and third
parties, increases the risks for data protection.
 This plethora of players can also be the cause of lack of transparency
for end users who as a result, are not properly informed of their
rights as consumers.
 The Consumer Rights Directive (hereinafter referred to as the CRD)
provides for a quite long list of informational requirements for the
traders to comply with.
 As far as apps are concerned, there are additional informational
obligations imposed on the traders.
 General information requirements set out in art. 5 and art. 6 of the CRD
 Additionally, when a consumer purchases an app has the right to know about
the functionality and the interoperability of the particular app.
The above requirements have to be met even in the case that an app
is provided for free.
 Most of the time, app users are informed about the cost of the app
but not for the additional costs within the app.
 However, app users have to be aware of, apart from the ones mentioned above,
is the pricing details.
 The app user has to be informed, as a consumer, in a clear and
comprehensible manner, about, among others, the total price of the
goods or services offered including any applicable taxes.
 In the app environment, these additional payments may be build-in
purchases such as add-ons, game levels, or pay-per-view content
(e.g., movies, TV series), which are not included at the subscription
to the audio-visual content service.
 Under the CRD, the trader bears the obligation not only to inform the consumer
about his right of withdrawal properly and in a timely manner but also to provide
him guidance on how to exercise it.
 the consumer is provided with a period of 14 calendar days to withdraw from his
contract with the trader without giving any reason for his withdrawal and without
incurring any costs.
 In the case of digital content contracts, the 14-day period starts from the day of
the conclusion of the contract.
 Data protection risks are multiplied in the apps’ environment, as
apps gain access to big quantities of data which are stored in the
device (location data, photos, videos, text messages, emails, calls and
calendar logs, contacts, passwords, financial data, etc.) or data
collected by the various sensors of the device.
 It is also notable that smartphones and other smart devices lack
data security software and are thus vulnerable to cyber-attacks and
other security threats such as malicious applications and spyware.
 The absence of comprehensive information on the processing of
personal data leads to a lack of transparency which is detrimental
for the app user.
 The field of application of GDPR extends to the processing of
personal data of individuals taking place through the use of apps on
smart devices. This includes data stored on a smart device or data
generated by the device.
 Such data are considered personal data if they related to an
identified or identifiable natural person, regardless if this is the
owner of the device or any other individual.
 The processing of personal data by apps can rely on the consent of
the user in accordance with Article 6 (1) lit. a GDPR, since none of
the other requirements is fulfilled.
 In addition, if an app needs to access personal data stored on the
device such as contacts in the address book, videos or pictures, or
place information on it, it is required to obtain consent from the
user, pursuant to Article 5(3) of the ePrivacy Directive
 The general principles of data protection mentioned in article 5 GDPR must be
complied with by data controllers, particularly the principles of purpose limitation
and data minimization.
 the purpose of processing with regard to the functioning of apps should be defined
before the data processing takes place.
 the principle of data minimization which provides that data must be adequate,
relevant, and limited to what is necessary in relation to the purposes for which
they are processed, must be respected. Thus, app developers must design their
software products in such a way that unnecessary data processing is prevented.
 The purpose limitation and the data minimization principle must be applied
stricter in the case of children’s data processing by an app.
 To ensure that the data subject is informed about the processing and is able to provide
an informed consent, it is crucial to make available the information in Article 13
GDPR. This includes information on the following points:
 The identity and the contact details of the controller;
 The contact details of the DPO, if one is appointed;
 The purposes of processing;
 Where processing is necessary for the legitimate interests pursued by the controller
or by a third party, these interests;
 The recipients or categories of recipients of the personal data, if any; -
 Τransfer of personal data to a third country or international organization
 Additionally, the storage period, the right to request access, the right to withdraw
consent, the right to lodge a complaint with a supervisor, etc.
 An impediment to providing information exists because of the fact
that mobile devices have small screens and this means that there
are space limitations, while the attention spans of consumers are
limited.
 To address this issue, it is proposed to develop shorthand, consistent
disclosures, which will include the use of icons, short form privacy
notices, and layered notices.
THANK YOU FOR YOUR
ATTENTION

Weitere ähnliche Inhalte

Ähnlich wie Protection of users mobile apps

1 3Financial Service Security EngagementLearning Team .docx
1     3Financial Service Security EngagementLearning Team .docx1     3Financial Service Security EngagementLearning Team .docx
1 3Financial Service Security EngagementLearning Team .docx
oswald1horne84988
 
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
Patton Boggs LLP
 
Avoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in MarketingAvoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in Marketing
Tokusoudeka
 
UXPSystems_whitepaper_Privacy_Nov182016
UXPSystems_whitepaper_Privacy_Nov182016UXPSystems_whitepaper_Privacy_Nov182016
UXPSystems_whitepaper_Privacy_Nov182016
Andrey Plotnikov
 

Ähnlich wie Protection of users mobile apps (20)

OPENi Privacy by design @Athens hackathon, September 2014
OPENi Privacy by design @Athens hackathon, September 2014OPENi Privacy by design @Athens hackathon, September 2014
OPENi Privacy by design @Athens hackathon, September 2014
 
Mobileprivacyazahir
MobileprivacyazahirMobileprivacyazahir
Mobileprivacyazahir
 
GDPR's Impact on Social Media - Everything You Need to Know
GDPR's Impact on Social Media - Everything You Need to KnowGDPR's Impact on Social Media - Everything You Need to Know
GDPR's Impact on Social Media - Everything You Need to Know
 
final_writeup
final_writeupfinal_writeup
final_writeup
 
Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps....
Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps....Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps....
Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps....
 
1 3Financial Service Security EngagementLearning Team .docx
1     3Financial Service Security EngagementLearning Team .docx1     3Financial Service Security EngagementLearning Team .docx
1 3Financial Service Security EngagementLearning Team .docx
 
Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps.pdf
Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps.pdfUnlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps.pdf
Unlocking Insights- A Comprehensive Guide to Data Scraping from Android Apps.pdf
 
Complete Guide on How to Build a healthcare app in 2023
Complete Guide on How to Build a healthcare app in 2023Complete Guide on How to Build a healthcare app in 2023
Complete Guide on How to Build a healthcare app in 2023
 
Complete Guide on How to Build a healthcare app in 2023
Complete Guide on How to Build a healthcare app in 2023Complete Guide on How to Build a healthcare app in 2023
Complete Guide on How to Build a healthcare app in 2023
 
Healthcare App Development: Strategies & Features
Healthcare App Development: Strategies & Features			Healthcare App Development: Strategies & Features
Healthcare App Development: Strategies & Features
 
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
 
IRJET- Privacy & Security Settings: A Review
IRJET- 	  Privacy & Security Settings: A ReviewIRJET- 	  Privacy & Security Settings: A Review
IRJET- Privacy & Security Settings: A Review
 
Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)
 
Avoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in MarketingAvoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in Marketing
 
br_mobileProgrammatic
br_mobileProgrammaticbr_mobileProgrammatic
br_mobileProgrammatic
 
UXPSystems_whitepaper_Privacy_Nov182016
UXPSystems_whitepaper_Privacy_Nov182016UXPSystems_whitepaper_Privacy_Nov182016
UXPSystems_whitepaper_Privacy_Nov182016
 
App Tracking Transparancy.docx
App Tracking Transparancy.docxApp Tracking Transparancy.docx
App Tracking Transparancy.docx
 
Rc mobile profile_sep2011
Rc mobile profile_sep2011Rc mobile profile_sep2011
Rc mobile profile_sep2011
 
App Development and Its Privacy Segment.pdf
App Development and Its Privacy Segment.pdfApp Development and Its Privacy Segment.pdf
App Development and Its Privacy Segment.pdf
 
App Development and Its Privacy Segment.pdf
App Development and Its Privacy Segment.pdfApp Development and Its Privacy Segment.pdf
App Development and Its Privacy Segment.pdf
 

Mehr von ioannis iglezakis

το νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδα
το νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδατο νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδα
το νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδα
ioannis iglezakis
 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
ioannis iglezakis
 
Papers 201 iglezakis-presentation-en-v001
Papers 201 iglezakis-presentation-en-v001Papers 201 iglezakis-presentation-en-v001
Papers 201 iglezakis-presentation-en-v001
ioannis iglezakis
 
Elektronischer Geschäftsverkehr
Elektronischer GeschäftsverkehrElektronischer Geschäftsverkehr
Elektronischer Geschäftsverkehr
ioannis iglezakis
 

Mehr von ioannis iglezakis (15)

τεχνολογιες & ασφαλεια πληροφοριων
τεχνολογιες & ασφαλεια πληροφοριωντεχνολογιες & ασφαλεια πληροφοριων
τεχνολογιες & ασφαλεια πληροφοριων
 
Κανονισμος Προστασιας Δεδομενων
Κανονισμος Προστασιας ΔεδομενωνΚανονισμος Προστασιας Δεδομενων
Κανονισμος Προστασιας Δεδομενων
 
εξελίξεις στη διαδικτυακή πώληση φαρμάκων
εξελίξεις στη διαδικτυακή πώληση φαρμάκωνεξελίξεις στη διαδικτυακή πώληση φαρμάκων
εξελίξεις στη διαδικτυακή πώληση φαρμάκων
 
Όροι χρησης ηλεκτρονικου καταστηματος
Όροι χρησης ηλεκτρονικου καταστηματος Όροι χρησης ηλεκτρονικου καταστηματος
Όροι χρησης ηλεκτρονικου καταστηματος
 
Δυσφήμηση ιατρών μέσω του διαδικτύου
Δυσφήμηση ιατρών μέσω του διαδικτύουΔυσφήμηση ιατρών μέσω του διαδικτύου
Δυσφήμηση ιατρών μέσω του διαδικτύου
 
το νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδα
το νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδατο νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδα
το νομικό πλαίσιο του ηλεκτρονικού χρήματος στην ελλάδα
 
Hate speech on the internet
Hate speech on the internetHate speech on the internet
Hate speech on the internet
 
Identitymanagment
IdentitymanagmentIdentitymanagment
Identitymanagment
 
Intellectual property issues for start ups
Intellectual property issues for start upsIntellectual property issues for start ups
Intellectual property issues for start ups
 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
 
Προστασία προσωπικών δεδομένων στις υπηρεσίες κοινωνικής δικτύωσης με βάση τη...
Προστασία προσωπικών δεδομένων στις υπηρεσίες κοινωνικής δικτύωσης με βάση τη...Προστασία προσωπικών δεδομένων στις υπηρεσίες κοινωνικής δικτύωσης με βάση τη...
Προστασία προσωπικών δεδομένων στις υπηρεσίες κοινωνικής δικτύωσης με βάση τη...
 
Digital Libraries
Digital LibrariesDigital Libraries
Digital Libraries
 
E book competition
E book competitionE book competition
E book competition
 
Papers 201 iglezakis-presentation-en-v001
Papers 201 iglezakis-presentation-en-v001Papers 201 iglezakis-presentation-en-v001
Papers 201 iglezakis-presentation-en-v001
 
Elektronischer Geschäftsverkehr
Elektronischer GeschäftsverkehrElektronischer Geschäftsverkehr
Elektronischer Geschäftsverkehr
 

Kürzlich hochgeladen

一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
e9733fc35af6
 
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理
Airst S
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
RRR Chambers
 
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
A AA
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
Airst S
 
一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理
Airst S
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
Airst S
 

Kürzlich hochgeladen (20)

一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
 
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理
 
Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
 
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
 
一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxKEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo for
 
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
 
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
 
Hely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd         .pdfHely-Hutchinson v. Brayhead Ltd         .pdf
Hely-Hutchinson v. Brayhead Ltd .pdf
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statute
 

Protection of users mobile apps

  • 1. IOANNIS IGLEZAKIS, PROFESSOR FACULTY OF LAW, ARISTOTLE UNIVERSITY
  • 2.  Mobile apps or mobile applications since they were first launched in 2008 have found widespread application and are now used not only for general productivity, information retrieval, email, and other auxiliary services, but also for purposes normally handled by desktop application software packages  The existence of app stores has contributed greatly to the development of the mobile app market  There are different types of mobile applications, depending on the platform on which they run, for example, Android, iOS, etc
  • 3.  Apps offered on different platforms are either free or sold at a price lower than ordinary software.  App developers which offer free mobile apps gain revenue from in-app advertising or from in-app purchases.  The mobile app ecosystem is considered today one of the biggest industries.  Smart devices may be equipped with a multitude of sensors - App developers make use of this connectivity through the APIs to collect data from the device and data from the different sensors
  • 4.  The fact that there exist many players in the app development and distribution life-cycle, such as app developers, app owners, app stores, operating systems and device manufacturers, and third parties, increases the risks for data protection.  This plethora of players can also be the cause of lack of transparency for end users who as a result, are not properly informed of their rights as consumers.
  • 5.  The Consumer Rights Directive (hereinafter referred to as the CRD) provides for a quite long list of informational requirements for the traders to comply with.  As far as apps are concerned, there are additional informational obligations imposed on the traders.  General information requirements set out in art. 5 and art. 6 of the CRD  Additionally, when a consumer purchases an app has the right to know about the functionality and the interoperability of the particular app. The above requirements have to be met even in the case that an app is provided for free.
  • 6.  Most of the time, app users are informed about the cost of the app but not for the additional costs within the app.  However, app users have to be aware of, apart from the ones mentioned above, is the pricing details.  The app user has to be informed, as a consumer, in a clear and comprehensible manner, about, among others, the total price of the goods or services offered including any applicable taxes.  In the app environment, these additional payments may be build-in purchases such as add-ons, game levels, or pay-per-view content (e.g., movies, TV series), which are not included at the subscription to the audio-visual content service.
  • 7.  Under the CRD, the trader bears the obligation not only to inform the consumer about his right of withdrawal properly and in a timely manner but also to provide him guidance on how to exercise it.  the consumer is provided with a period of 14 calendar days to withdraw from his contract with the trader without giving any reason for his withdrawal and without incurring any costs.  In the case of digital content contracts, the 14-day period starts from the day of the conclusion of the contract.
  • 8.  Data protection risks are multiplied in the apps’ environment, as apps gain access to big quantities of data which are stored in the device (location data, photos, videos, text messages, emails, calls and calendar logs, contacts, passwords, financial data, etc.) or data collected by the various sensors of the device.  It is also notable that smartphones and other smart devices lack data security software and are thus vulnerable to cyber-attacks and other security threats such as malicious applications and spyware.  The absence of comprehensive information on the processing of personal data leads to a lack of transparency which is detrimental for the app user.
  • 9.  The field of application of GDPR extends to the processing of personal data of individuals taking place through the use of apps on smart devices. This includes data stored on a smart device or data generated by the device.  Such data are considered personal data if they related to an identified or identifiable natural person, regardless if this is the owner of the device or any other individual.
  • 10.  The processing of personal data by apps can rely on the consent of the user in accordance with Article 6 (1) lit. a GDPR, since none of the other requirements is fulfilled.  In addition, if an app needs to access personal data stored on the device such as contacts in the address book, videos or pictures, or place information on it, it is required to obtain consent from the user, pursuant to Article 5(3) of the ePrivacy Directive
  • 11.  The general principles of data protection mentioned in article 5 GDPR must be complied with by data controllers, particularly the principles of purpose limitation and data minimization.  the purpose of processing with regard to the functioning of apps should be defined before the data processing takes place.  the principle of data minimization which provides that data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed, must be respected. Thus, app developers must design their software products in such a way that unnecessary data processing is prevented.  The purpose limitation and the data minimization principle must be applied stricter in the case of children’s data processing by an app.
  • 12.  To ensure that the data subject is informed about the processing and is able to provide an informed consent, it is crucial to make available the information in Article 13 GDPR. This includes information on the following points:  The identity and the contact details of the controller;  The contact details of the DPO, if one is appointed;  The purposes of processing;  Where processing is necessary for the legitimate interests pursued by the controller or by a third party, these interests;  The recipients or categories of recipients of the personal data, if any; -  Τransfer of personal data to a third country or international organization  Additionally, the storage period, the right to request access, the right to withdraw consent, the right to lodge a complaint with a supervisor, etc.
  • 13.  An impediment to providing information exists because of the fact that mobile devices have small screens and this means that there are space limitations, while the attention spans of consumers are limited.  To address this issue, it is proposed to develop shorthand, consistent disclosures, which will include the use of icons, short form privacy notices, and layered notices.
  • 14. THANK YOU FOR YOUR ATTENTION