Art. 53 GDPR General conditions for the members of the supervisory authority Member States shall provide for each member of their supervisory authorities to be appointed by means of…
Art. 52 GDPRIndependence Each supervisory authority shall act with complete independence in performing its tasks and exercising its powers in accordance with this Regulation. The member or members of…
Art. 51 GDPR Supervisory authority Each Member State shall provide for one or more independent public authorities to be responsible for monitoring the application of this Regulation, in order…
Art. 50 GDPRInternational cooperation for the protection of personal data In relation to third countries and international organisations, the Commission and supervisory authorities shall take appropriate steps to: develop…
Art. 49 GDPR Derogations for specific situations In the absence of an adequacy decision pursuant to Article 45(3), or of appropriate safeguards pursuant to Article 46, including binding corporate…
Art. 48 GDPRTransfers or disclosures not authorised by Union law Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring…
Art. 47 GDPR Binding corporate rules The competent supervisory authority shall approve binding corporate rules in accordance with the consistency mechanism set out in Article 63, provided that they:…
Art. 46 GDPR Transfers subject to appropriate safeguards In the absence of a decision pursuant to Article 45(3), a controller or processor may transfer personal data to a third…
Art. 45 GDPR Transfers on the basis of an adequacy decision A transfer of personal data to a third country or an international organisation may take place where the…
Art. 44 GDPR General principle for transfers Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to…
Art. 43 GDPR Certification bodies Without prejudice to the tasks and powers of the competent supervisory authority under Articles 57 and 58, certification bodies which have an appropriate level…
Art. 42 GDPR Certification The Member States, the supervisory authorities, the Board and the Commission shall encourage, in particular at Union level, the establishment of data protection certification mechanisms…
Art. 41 GDPR Monitoring of approved codes of conduct Without prejudice to the tasks and powers of the competent supervisory authority under Articles 57 and 58, the monitoring of…
Art. 40 GDPR Codes of conduct The Member States, the supervisory authorities, the Board and the Commission shall encourage the drawing up of codes of conduct intended to contribute…
Art. 39 GDPRTasks of the data protection officer The data protection officer shall have at least the following tasks: to inform and advise the controller or the processor and…
Art. 38 GDPR Position of the data protection officer The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner,…
Art. 37 GDPR Designation of the data protection officer The controller and the processor shall designate a data protection officer in any case where: the processing is carried out…
Art. 36 GDPR Prior consultation The controller shall consult the supervisory authority prior to processing where a data protection impact assessment under Article 35 indicates that the processing would…
Art. 35 GDPR Data protection impact assessment Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the…
Art. 34 GDPRCommunication of a personal data breach to the data subject When the personal data breach is likely to result in a high risk to the rights and…
Art. 33 GDPR Notification of a personal data breach to the supervisory authority In the case of a personal data breach, the controller shall without undue delay and, where…
Art. 32 GDPRSecurity of processing Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as…
Art. 31 GDPRCooperation with the supervisory authority The controller and the processor and, where applicable, their representatives, shall cooperate, on request, with the supervisory authority in the performance of…
Art. 30 GDPR Records of processing activities Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility. That record shall contain…
Art. 29 GDPRProcessing under the authority of the controller or processor The processor and any person acting under the authority of the controller or of the processor, who has…