GDPR and the principle of purpose limitation in connecting Data Spaces demonstrators

The presentation focuses on legal challenges arising from the GDPR when connecting Data Spaces using the Demonstrators. Special attention is given to the principle of purpose limitation of the GDPR. The Demonstrators serve a crucial role in connecting the data spaces of the NFDI and GAIA-X. The data in the two data spaces is gathered and used for usually completely different purposes. Thus, when connecting the spaces,  the data may be processed for completely different purposes. The GDPR – when applicable – limits legitimate purposes of such further processing. Even if a purpose is legitimate, the GDPR imposes different obligations on controllers and processors. The presentation will dive into the applicability of the GDPR to the demonstrators, the roles of controller and processor regarding the demonstrators and will discuss the principle of purpose limitation and the obligations connected to it.