Recital 114Safeguarding of enforceability of rights and obligations in the absence of an adequacy decision In any case, where the Commission has taken no decision on the adequate level…
Recital 115 Rules in third countries contrary to the Regulation Some third countries adopt laws, regulations and other legal acts which purport to directly regulate the processing activities of…
Recital 116 Cooperation among supervisory authorities When personal data moves across borders outside the Union it may put at increased risk the ability of natural persons to exercise data…
Recital 117 Establishment of supervisory authorities The establishment of supervisory authorities in Member States, empowered to perform their tasks and exercise their powers with complete independence, is an essential…
Recital 102 International agreements for an appropriate level of data protection This Regulation is without prejudice to international agreements concluded between the Union and third countries regulating the transfer…
Recital 118Monitoring of the supervisory authorities The independence of supervisory authorities should not mean that the supervisory authorities cannot be subject to control or monitoring mechanisms regarding their financial…
Recital 103 Appropriate level of data protection based on an adequacy decision The Commission may decide with effect for the entire Union that a third country, a territory or…
Recital 119 Organisation of several supervisory authorities of a Member State Where a Member State establishes several supervisory authorities, it should establish by law mechanisms for ensuring the effective…
Recital 104 Criteria for an adequacy decision In line with the fundamental values on which the Union is founded, in particular the protection of human rights, the Commission should,…
Recital 120 Features of supervisory authorities Each supervisory authority should be provided with the financial and human resources, premises and infrastructure necessary for the effective performance of their tasks,…
Recital 105 Consideration of international agreements for an adequacy decision Apart from the international commitments the third country or international organisation has entered into, the Commission should take account…
Recital 121 Independence of the supervisory authorities The general conditions for the member or members of the supervisory authority should be laid down by law in each Member State…
Recital 106 Monitoring and periodic review of the level of data protection The Commission should monitor the functioning of decisions on the level of protection in a third country,…
Recital 107 Amendment, revocation and suspension of adequacy decisions The Commission may recognise that a third country, a territory or a specified sector within a third country, or an…
Recital 108 Appropriate safeguards In the absence of an adequacy decision, the controller or processor should take measures to compensate for the lack of data protection in a third…
Recital 93Data protection impact assessment at authorities In the context of the adoption of the Member State law on which the performance of the tasks of the public authority…
Recital 94 Consultation of the supervisory authority Where a data protection impact assessment indicates that the processing would, in the absence of safeguards, security measures and mechanisms to mitigate…
Recital 95Support by the processor The processor should assist the controller, where necessary and upon request, in ensuring compliance with the obligations deriving from the carrying out of data…
Recital 96Consultation of the supervisory authority in the course of a legislative process A consultation of the supervisory authority should also take place in the course of the preparation…
Recital 97 Data protection officer Where the processing is carried out by a public authority, except for courts or independent judicial authorities when acting in their judicial capacity, where,…
Recital 82 Record of processing activities In order to demonstrate compliance with this Regulation, the controller or processor should maintain records of processing activities under its responsibility. Each controller…
Recital 98 Preparation of codes of conduct by organisations and associations Associations or other bodies representing categories of controllers or processors should be encouraged to draw up codes of…
Recital 83 Security of processing In order to maintain security and to prevent processing in infringement of this Regulation, the controller or processor should evaluate the risks inherent in…
Recital 99Consultation of stakeholders and data subjects in the development of codes of conduct When drawing up a code of conduct, or when amending or extending such a code,…
Recital 84 Risk evaluation and impact assessment In order to enhance compliance with this Regulation where processing operations are likely to result in a high risk to the rights…