Art. 41 GDPR – Monitoring of approved codes of conduct
Art. 41 GDPR Monitoring of approved codes of conduct Without prejudice to the tasks and powers of the competent supervisory authority under Articles 57 and 58, the monitoring of…
Category: Uncategorized
Art. 40 GDPR – Codes of conduct
Art. 40 GDPR Codes of conduct The Member States, the supervisory authorities, the Board and the Commission shall encourage the drawing up of codes of conduct intended to contribute…
Art. 39 GDPR – Tasks of the data protection officer
Art. 39 GDPRTasks of the data protection officer The data protection officer shall have at least the following tasks: to inform and advise the controller or the processor and…
Art. 38 GDPR – Position of the data protection officer
Art. 38 GDPR Position of the data protection officer The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner,…
Art. 37 GDPR – Designation of the data protection officer
Art. 37 GDPR Designation of the data protection officer The controller and the processor shall designate a data protection officer in any case where: the processing is carried out…
Art. 36 GDPR – Prior consultation
Art. 36 GDPR Prior consultation The controller shall consult the supervisory authority prior to processing where a data protection impact assessment under Article 35 indicates that the processing would…
Art. 35 GDPR – Data protection impact assessment
Art. 35 GDPR Data protection impact assessment Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the…
Art. 34 GDPR – Communication of a personal data breach to the data subject
Art. 34 GDPRCommunication of a personal data breach to the data subject When the personal data breach is likely to result in a high risk to the rights and…
Art. 33 GDPR – Notification of a personal data breach to the supervisory authority
Art. 33 GDPR Notification of a personal data breach to the supervisory authority In the case of a personal data breach, the controller shall without undue delay and, where…
Art. 32 GDPR – Security of processing
Art. 32 GDPRSecurity of processing Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as…
Art. 31 GDPR – Cooperation with the supervisory authority
Art. 31 GDPRCooperation with the supervisory authority The controller and the processor and, where applicable, their representatives, shall cooperate, on request, with the supervisory authority in the performance of…
Art. 30 GDPR – Records of processing activities
Art. 30 GDPR Records of processing activities Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility. That record shall contain…
Art. 29 GDPR – Processing under the authority of the controller or processor
Art. 29 GDPRProcessing under the authority of the controller or processor The processor and any person acting under the authority of the controller or of the processor, who has…
Art. 28 GDPR – Processor
Art. 28 GDPR Processor Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical…
Art. 27 GDPR – Representatives of controllers or processors not established in the Union
Art. 27 GDPRRepresentatives of controllers or processors not established in the Union Where Article 3(2) applies, the controller or the processor shall designate in writing a representative in the…
Art. 26 GDPR – Joint controllers
Art. 26 GDPR Joint controllers Where two or more controllers jointly determine the purposes and means of processing, they shall be joint controllers. They shall in a transparent manner…
Art. 25 GDPR – Data protection by design and by default
Art. 25 GDPR Data protection by design and by default Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes…
Art. 24 GDPR – Responsibility of the controller
Art. 24 GDPR Responsibility of the controller Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for…
Recital 162 – Processing for statistical purposes
Recital 162 Processing for statistical purposes Where personal data are processed for statistical purposes, this Regulation should apply to that processing. Union or Member State law should, within the…
Recital 163 – Production of European and national statistics
Recital 163 Production of European and national statistics The confidential information which the Union and national statistical authorities collect for the production of official European and official national statistics…
Recital 167 – Implementing powers of the Commission
Recital 167 Implementing powers of the Commission In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission when provided…
Recital 168 – Implementing acts on standard contractual clauses
Recital 168Implementing acts on standard contractual clauses The examination procedure should be used for the adoption of implementing acts on standard contractual clauses between controllers and processors and between…
