Last review date: January 24, 2025
Yes.
The following are potential legal bases for processing personal data:
☒ appropriate notice has been provided to or made available to the data subject
☒ the data subject has provided consent to the processing for the identified purposes
☒ other
The Privacy Law does not address this matter specifically, however based on its provisions, the only legal basis for processing personal data or for the infringement of the right to privacy of an individual is consent (explicit or implicit) or any other authorization granted under applicable law.
Notwithstanding the above, according to the Privacy Law, a good defense in a criminal, civil or administrative proceeding for infringing the privacy of an individual, shall be if:
- the infringement was committed under circumstances whereby the infringer was subject to a legal, moral, social or professional obligation to commit it; the infringement was committed for the defense of a legitimate personal interest of the infringer; or the infringement involved a public interest justifying it in the circumstances of the case; and
- in case of the circumstances as detailed above, the infringing person acted in good faith.
That being said, the above are merely defenses provided under the Privacy Law, which the Israeli courts may reject or set aside, and not forms of legal bases for processing of personal data.
Last review date: January 24, 2025
Yes
The following are potential legal bases for processing sensitive personal data:
☒ the data subject has given consent to the processing, where consent is measured to the same standard as non-sensitive personal data
☒ other
The Privacy Law does not address this matter specifically, however based on its provisions, the only legal basis for processing personal data (including sensitive data) or for the infringement of the right to privacy of an individual is consent (explicit or implicit) or any other authorization granted under applicable law.
According to the Privacy Law, , a good defense in a criminal, civil or administrative proceeding for infringing the privacy of an individual, is where:
- the infringement was committed under circumstances whereby the infringer was subject to a legal, moral, social or professional obligation to commit it; the infringement was committed for the defense of a legitimate personal interest of the infringer; or the infringement involved a public interest justifying it in the circumstances of the case; and
- in case of the circumstances as detailed above, the infringing person acted in good faith.
That being said, the above are merely defenses provided under the Privacy Law, which the Israeli courts may reject or set aside, and not forms of legal bases for processing of sensitive data.
Last review date: January 24, 2025
No.
Last review date: January 24, 2025
☒ consent must be given or authorized by the holder of parental responsibility over the child
☒ other
In general, the Privacy Law does not include any specific reference to minors and minors' consent and accordingly the consent requirements would apply to them as well, subject to the provisions of the Legal Capacity and Guardianship Law, 1962 ("Capacity Law"), which govern matters relating to minors.
Under the Capacity Law, the legal acts of a minor (i.e., a person under the age of 18) may be cancelled if performed without the consent of a parent/guardian. However, legal acts of a kind that minors of their age are accustomed to perform, or legal acts performed with a person who did not or could not reasonably be expected to know that the minor is a minor, may not be cancelled unless they involve material damage to the minor or their property. This general rule would be applicable to any consent provided by a minor for the purpose of compliance with the provisions of the Privacy Law.