The GDPR requires controllers to supply data subjects with detailed information about the processing of their dat
a. Where a controller obtains data directly from data subjects, which of the following items of information does NOT legally have to be supplied?
As a result of the European Court of Justice's ruling in the case of Google v. Spain, search engines outside the EEA are also likely to be subject to the Regulation's right to be forgotten. This holds true if the activities of an EU subsidiary and its U.S. parent are what?