Author: Ben Wolford

Art. 28 GDPR – Processor

Art. 28 GDPR Processor Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical…

Read more 0 comments

Art. 27 GDPR – Representatives of controllers or processors not established in the Union

Art. 27 GDPRRepresentatives of controllers or processors not established in the Union Where Article 3(2) applies, the controller or the processor shall designate in writing a representative in the…

Read more 0 comments

Art. 26 GDPR – Joint controllers

Art. 26 GDPR Joint controllers Where two or more controllers jointly determine the purposes and means of processing, they shall be joint controllers. They shall in a transparent manner…

Read more 0 comments

Art. 25 GDPR – Data protection by design and by default

Art. 25 GDPR Data protection by design and by default Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes…

Read more 0 comments

Art. 24 GDPR – Responsibility of the controller

Art. 24 GDPR Responsibility of the controller Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for…

Read more 0 comments

Recital 169 – Immediately applicable implementing acts

Recital 169Immediately applicable implementing acts The Commission should adopt immediately applicable implementing acts where available evidence reveals that a third country, a territory or a specified sector within that…

Read more 0 comments

Recital 166 – Delegated acts of the Commission

166

Read more 0 comments

Recital 165 – No prejudice of the status of churches and religious associations

165

Read more 0 comments

Recital 173 – Relationship to Directive 2002/58/EC

173

Read more 0 comments

Recital 172 – Consultation of the European Data Protection Supervisor

Recital 172 Consultation of the European Data Protection Supervisor The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 and delivered an…

Read more 0 comments

Recital 164 – Professional or other equivalent secrecy obligations

164

Read more 0 comments

Recital 168 – Implementing acts on standard contractual clauses

Recital 168Implementing acts on standard contractual clauses The examination procedure should be used for the adoption of implementing acts on standard contractual clauses between controllers and processors and between…

Read more 0 comments

Recital 167 – Implementing powers of the Commission

Recital 167 Implementing powers of the Commission In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission when provided…

Read more 0 comments

Recital 163 – Production of European and national statistics

Recital 163 Production of European and national statistics The confidential information which the Union and national statistical authorities collect for the production of official European and official national statistics…

Read more 0 comments

Recital 171 – Repeal of Directive 95/46/EC and transitional provisions

Recital 171 Repeal of Directive 95/46/EC and transitional provisions Directive 95/46/EC should be repealed by this Regulation. Processing already under way on the date of application of this Regulation…

Read more 0 comments

Recital 170 – Principle of subsidiarity and principle of proportionality

Recital 170 Principle of subsidiarity and principle of proportionality Since the objective of this Regulation, namely to ensure an equivalent level of protection of natural persons and the free…

Read more 0 comments

Recital 162 – Processing for statistical purposes

Recital 162 Processing for statistical purposes Where personal data are processed for statistical purposes, this Regulation should apply to that processing. Union or Member State law should, within the…

Read more 0 comments

Recital 150 – Administrative fines

Recital 150 Administrative fines In order to strengthen and harmonise administrative penalties for infringements of this Regulation, each supervisory authority should have the power to impose administrative fines. This…

Read more 0 comments

Recital 151 – Administrative fines in Denmark and Estonia

Recital 151 Administrative fines in Denmark and Estonia The legal systems of Denmark and Estonia do not allow for administrative fines as set out in this Regulation. The rules…

Read more 0 comments

Recital 152 – Power of sanction of the Member States

Recital 152 Power of sanction of the Member States Where this Regulation does not harmonise administrative penalties or where necessary in other cases, for example in cases of serious…

Read more 0 comments

Recital 156 – Processing for archiving, scientific or historical research or statistical purposes

Recital 156 Processing for archiving, scientific or historical research or statistical purposes The processing of personal data for archiving purposes in the public interest, scientific or historical research purposes…

Read more 0 comments

Recital 157 – Information from registries and scientific research

Recital 157 Information from registries and scientific research By coupling information from registries, researchers can obtain new knowledge of great value with regard to widespread medical conditions such as…

Read more 0 comments

Recital 158 – Processing for archiving purposes

Recital 158 Processing for archiving purposes Where personal data are processed for archiving purposes, this Regulation should also apply to that processing, bearing in mind that this Regulation should…

Read more 0 comments

Recital 159 – Processing for scientific research purposes

Recital 159 Processing for scientific research purposes Where personal data are processed for scientific research purposes, this Regulation should also apply to that processing. For the purposes of this…

Read more 0 comments

Recital 160 – Processing for historical research purposes

Recital 160 Processing for historical research purposes Where personal data are processed for historical research purposes, this Regulation should also apply to that processing. This should also include historical…

Read more 0 comments