Category: Uncategorized

Art. 41 GDPR – Monitoring of approved codes of conduct

Art. 41 GDPRMonitoring of approved codes of conduct Without prejudice to the tasks and powers of the competent supervisory authority under Articles 57 and 58, the monitoring of compliance…

Read more 0 comments

Art. 40 GDPR – Codes of conduct

Art. 40 GDPRCodes of conduct The Member States, the supervisory authorities, the Board and the Commission shall encourage the drawing up of codes of conduct intended to contribute to…

Read more 0 comments

Art. 39 GDPR – Tasks of the data protection officer

Art. 39 GDPRTasks of the data protection officer The data protection officer shall have at least the following tasks: to inform and advise the controller or the processor and…

Read more 0 comments

Art. 38 GDPR – Position of the data protection officer

Art. 38 GDPRPosition of the data protection officer The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner, in…

Read more 0 comments

Art. 37 GDPR – Designation of the data protection officer

Art. 37 GDPRDesignation of the data protection officer The controller and the processor shall designate a data protection officer in any case where: the processing is carried out by…

Read more 0 comments

Art. 36 GDPR – Prior consultation

Art. 36 GDPRPrior consultation The controller shall consult the supervisory authority prior to processing where a data protection impact assessment under Article 35 indicates that the processing would result…

Read more 0 comments

Art. 35 GDPR – Data protection impact assessment

Art. 35 GDPRData protection impact assessment 1Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing,…

Read more 0 comments

Art. 34 GDPR – Communication of a personal data breach to the data subject

Art. 34 GDPRCommunication of a personal data breach to the data subject When the personal data breach is likely to result in a high risk to the rights and…

Read more 0 comments

Art. 33 GDPR – Notification of a personal data breach to the supervisory authority

Art. 33 GDPRNotification of a personal data breach to the supervisory authority 1In the case of a personal data breach, the controller shall without undue delay and, where feasible,…

Read more 0 comments

Art. 32 GDPR – Security of processing

Art. 32 GDPRSecurity of processing Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as…

Read more 0 comments

Art. 31 GDPR – Cooperation with the supervisory authority

Art. 31 GDPRCooperation with the supervisory authority The controller and the processor and, where applicable, their representatives, shall cooperate, on request, with the supervisory authority in the performance of…

Read more 0 comments

Art. 30 GDPR – Records of processing activities

Art. 30 GDPRRecords of processing activities 1Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility. 2That record shall contain all…

Read more 0 comments

Art. 29 GDPR – Processing under the authority of the controller or processor

Art. 29 GDPRProcessing under the authority of the controller or processor The processor and any person acting under the authority of the controller or of the processor, who has…

Read more 0 comments

Art. 28 GDPR – Processor

Art. 28 GDPRProcessor Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and…

Read more 0 comments

Art. 27 GDPR – Representatives of controllers or processors not established in the Union

Art. 27 GDPRRepresentatives of controllers or processors not established in the Union Where Article 3(2) applies, the controller or the processor shall designate in writing a representative in the…

Read more 0 comments

Art. 26 GDPR – Joint controllers

Art. 26 GDPRJoint controllers 1Where two or more controllers jointly determine the purposes and means of processing, they shall be joint controllers. 2They shall in a transparent manner determine…

Read more 0 comments

Art. 25 GDPR – Data protection by design and by default

Art. 25 GDPRData protection by design and by default Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of…

Read more 0 comments

Art. 24 GDPR – Responsibility of the controller

Art. 24 GDPRResponsibility of the controller 1Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the…

Read more 0 comments

Recital 164 – Professional or other equivalent secrecy obligations

164

Read more 0 comments

Recital 165 – No prejudice of the status of churches and religious associations

165

Read more 0 comments

Recital 166 – Delegated acts of the Commission

166

Read more 0 comments

Recital 173 – Relationship to Directive 2002/58/EC

173

Read more 0 comments

Art. 23 GDPR – Restrictions

Art. 23 GDPRRestrictions Union or Member State law to which the data controller or processor is subject may restrict by way of a legislative measure the scope of the…

Read more 0 comments

Art. 22 GDPR – Automated individual decision-making, including profiling

Art. 22 GDPRAutomated individual decision-making, including profiling The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which…

Read more 0 comments

Art. 21 GDPR – Right to object

Art. 21 GDPRRight to object 1The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of…

Read more 0 comments