xmlns:atom="http://www.w3.org/2005/Atom" xmlns:atom="http://www.w3.org/2005/Atom"

CHAPTER 2U.K.General principles and data protection

F1Article 3U.K.IMSOC components

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Textual Amendments

Article 4U.K.Components, networks and contact points

1.Each component shall have a network of which the [F2appropriate authority] shall be part.

2.Network members shall each designate at least one contact point and communicate that designation and its contact details to the [F2appropriate authority] contact point. They shall inform the [F2appropriate authority] contact point immediately of any changes in this respect.

3.The [F2appropriate authority] contact point shall maintain and keep up to date a list of contact points and make it available to all network members.

4.The [F2appropriate authority] shall establish a governance structure to steer the development of, identify priorities for and monitor the correct implementation of the [F3appropriate computerised information management system]. The governance structure shall be composed of:

(a)an operations management board F4..., to discuss, at least once a year, priorities for and the development of each component;

(b)sub-groups within the operations management board that regularly discuss priorities for and the development of specific functionalities of each component.

Textual Amendments

Article 5U.K.Ownership and responsibilities for data, information and documents

1.Each network member shall own and be responsible for the data, information and documents its contact point or users acting under its responsibility have inserted or produced in the relevant component.

2.Each signatory, competent authority to which a signatory belongs or competent authority creating an electronic seal shall own and be responsible for the part of the documents it signs or seals F5....

3.Where more than one signatory signs a document F5..., each signatory shall own and be responsible for the part of the document that it signs.

Textual Amendments

Article 6U.K.Links between components

1.Links between components shall be aimed at:

(a)complementing data, information or documents in one or more components by data, information or documents already present in another component; and

(b)providing relevant and up-to-date information to each network member for the performance of its tasks in accordance with the rules set for each component in this Regulation; and

(c)supporting and operating the procedures for

(i)

determining and modifying the frequency rates of identity checks and physical checks to be performed on consignments of categories of animals and goods referred to in points (a), (b) and (c) of Article 47(1) of Regulation (EU) 2017/625;

(ii)

applying the frequency of identity checks and physical checks to be performed on consignments of categories of animals or goods referred to in points (d), (e) and (f) of that Article;

(iii)

the coordinated performance by competent authorities of the intensified official controls in case of suspicions of non-compliance referred to in Article 65(6) of that Regulation.

F62.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Textual Amendments

Article 7U.K.Electronic data exchange between components and other electronic systems

1.Data exchanges between the [F7appropriate computerised information management system] and other electronic systemsF8... shall:

(a)be based on international standards that are relevant for the component and use XML, CMS or PDF formats;

(b)use the specific data dictionaries and business rules provided for in the relevant component.

F92.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

3.[F10The appropriate authority] shall draw-up a service-level agreement governing the maintenance of the electronic data exchange between the relevant component and other electronic systems, F11....

Textual Amendments

Article 8U.K.Obligations and rights of the [F12appropriate authority]

1.The [F13appropriate authority] shall ensure the functioning, maintenance, support and any necessary updating or development of the software and the IT infrastructure of the components.

F142.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Textual Amendments

Article 9U.K.Conditions for the granting of partial access to the [F15appropriate computerised information management system] to third countries and international organisations

1.On receipt of a duly justified application, the [F16appropriate authority], may grant the competent authority of a third country or an international organisation partial access to the functionalities of one or more components and to specific data, information and documents inserted or produced therein, provided the applicant demonstrates, in respect of the component(s) in question, that it meets the following requirements:

(a)it has the legal and operational capacity to provide, without undue delay, the assistance necessary to allow the good functioning of the component to which partial access is requested;

(b)it has designated a contact point for that purpose;

2.The partial access referred to in paragraph 1 shall not include access to personal data processed in the component(s) to which the partial access is granted.

3.By way of derogation from paragraph 2, partial access may include access to personal data where the conditions for lawful transfers of personal data established by Regulations (EU) 2016/679 and (EU) 2018/1725 are fulfilled by the applicant third country or international organisation.

Textual Amendments

Article 10U.K.Personal data processing

1.Personal data shall be processed in each component for the purpose of performing official controls and other official activities. In particular, personal data shall belong to one of the following categories:

(a)contact points, operators, importers, exporters, transporters and laboratory technicians when personal data is required by F17... law;

(b)users of each component.

2.In processing personal data pursuant to this Regulation, [F18the appropriate authority and the competent authority] shall comply with Regulation (EU) 2016/679 [F19legislation which, immediately before IP completion day, implemented Directive (EU) 2016/680].

Textual Amendments

Article 11U.K.Data controllers and joint controllership

1.The [F20appropriate authority] and the competent authorities F21... shall be joint controllers of data processing operations in each of the components.

2.The [F22appropriate authority] shall be responsible for:

(a)determining and implementing the technical means to enable data subjects to exercise their rights, F23...;

F24(b). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

(c)determining the categories of its staff and external providers to whom access to the components may be granted;

F25(d). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

F26(e). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

3.The competent authorities F27... shall be responsible for:

(a)ensuring that data subject’s rights are exercised in compliance with Regulation (EU) 2016/679 and this Regulation;

(b)ensuring the security and confidentiality of personal data pursuant to Section 2 of Chapter IV of Regulation (EU) 2016/679;

(c)designating the staff that are to have access to each component;

(d)ensuring that staff accessing each component are adequately trained to perform their tasks in accordance with Regulation (EU) 2016/679 F28....

4.The competent authorities F29... may designate different joint controllers F30... for the purpose of fulfilling one or more of the obligations referred to in paragraph 3.

Textual Amendments