Art. 9 GDPRProcessing of special categories of personal data Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and…
Art. 8 GDPR Conditions applicable to child’s consent in relation to information society services Where point (a) of Article 6(1) applies, in relation to the offer of information society…
Art. 7 GDPR Conditions for consent Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his…
Art. 6 GDPR Lawfulness of processing Processing shall be lawful only if and to the extent that at least one of the following applies: the data subject has given…
Art. 5 GDPRPrinciples relating to processing of personal data Personal data shall be: processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness…
Art. 4 GDPRDefinitions For the purposes of this Regulation: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is…
Art. 3 GDPRTerritorial scope This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in…
Art. 2 GDPRMaterial scope This Regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of…
Art. 1 GDPRSubject-matter and objectives This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to…
Download a PDF version of this template here. You are entitled to request us to erase any personal data we hold about you under EU General Data Protection…
This data processing agreement is adapted from the Proton Mail DPA, which can be found on this page. Organizations may use the following document as part of their GDPR…
What is the GDPR? Europe’s new data privacy and security law includes hundreds of pages’ worth of new requirements for organizations around the world. This GDPR overview will help…
Also known as the right to erasure, the GDPR gives individuals the right to ask organizations to delete their personal data. But organizations don’t always have to do it….
Privacy Impact Assessment
How to conduct a Data Protection Impact Assessment (template included) A Data Protection Impact Assessment (DPIA) is required under the GDPR any time you begin a new project that…
Download a PDF version of this template here. Transparency and informing the public about how their data are being used are two basic goals of the GDPR. This article…
The GDPR requires organizations to protect personal data in all its forms. It also changes the rules of consent and strengthens people’s privacy rights. In this article, we’ll explain…
Under certain conditions, the GDPR requires organizations to appoint a Data Protection Officer. In this article, we go over the profile and duties of this type of GDPR officer….
GDPR fines are designed to make non-compliance a costly mistake for both large and small businesses. In this article we’ll talk about how much is the GDPR fine and…
