Today I learned something new about GDPR

General Data Protection Regulation GDPR

Here you can find the Regulation (EU) 2016/679 (General Data Protection Regulation) as a neatly arranged overview. The European Data Protection Regulation is applicable as of May 25th, 2018 in all member states to harmonize data privacy laws across Europe.

Quick Overview

Chapter 1             –                1 2 3 4

Chapter 2             –                5 6 7 8 9 10 11

Chapter 3             –                12 13 14 15 16 17 18 19 20 21 22 23

Chapter 4             –                24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

Chapter 5             –                44 45 46 47 48 49 50

Chapter 6             –                51 52 53 54 55 56 57 58 59

Chapter 7             –                60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76

Chapter 8             –                77 78 79 80 81 82 83 84

Chapter 9             –                85 86 87 88 89 90 91

Chapter 10          –                92 93

Chapter 11          –                94 95 96 97 98 99

 

 

Chapter 1 – General provisions

Article 1 – Subject matter and objectives

Article 2 – Material scope

Article 3 – Territorial scope

Article 4 – Definitions

 

Chapter 2 – Principles

Article 5 – Principles relating to processing of personal data

Article 6 – Lawfulness of processing

Article 7 – Conditions for consent

Article 8 – Conditions applicable to child’s consent in relation to information society services

Article 9 – Processing of special categories of personal data

Article 10 – Processing of personal data relating to criminal convictions and offences

Article 11 – Processing which does not require identification

 

Chapter 3 – Rights of the data subject

Section 1 – Transparency and modalities

Article 12 Transparent information, communication and modalities for the exercise of the rights of the data subject

Section 2 – Information and access to personal data

Article 13 – Information to be provided where personal data are collected from the data subject

Article 14 – Information to be provided where personal data have not been obtained from the data subject

Article 15 – Right of access by the data subject

Section 3 – Rectification and erasure

Article 16 – Right to rectification

Article 17 – Right to erasure (‘right to be forgotten’)

Article 18 – Right to restriction of processing

Article 19 – Notification obligation regarding rectification or erasure of personal data or restriction of processing

Article 20 – Right to data portability

Section 4 – Right to object and automated individual decision-making

Article 21 – Right to object

Article 22 – Automated individual decision-making, including profiling

Section 5 – Restrictions

Article 23 – Restrictions

 

Chapter 4 – Controller and processor

Section 1 – General obligations

Article 24 – Responsibility of the controller

Article 25 – Data protection by design and by default

Article 26 – Joint controllers

Article 27 – Representatives of controllers or processors not established in the Union

Article 28 – Processor

Article 29 – Processing under the authority of the controller or processor

Article 30 – Records of processing activities

Article 31 – Cooperation with the supervisory authority

Section 2 – Security of personal data

Article 32 – Security of processing

Article 33 – Notification of a personal data breach to the supervisory authority

Article 34 – Communication of a personal data breach to the data subject

Section 3 – Data protection impact assessment and prior consultation

Article 35 – Data protection impact assessment

Article 36 – Prior consultation

Section 4 – Data protection officer

Article 37 – Designation of the data protection officer

Article 38 – Position of the data protection officer

Article 39 – Tasks of the data protection officer

Section 5 – Codes of conduct and certification

Article 40 – Codes of conduct

Article 41 – Monitoring of approved codes of conduct

Article 42 – Certification

Article 43 – Certification bodies

 

Chapter 5 – Transfers of personal data to third countries or international organizations

Article 44 – General principle for transfers

Article 45 – Transfers on the basis of an adequacy decision

Article 46 – Transfers subject to appropriate safeguards

Article 47 – Binding corporate rules

Article 48 – Transfers or disclosures not authorized by Union law

Article 49 – Derogations for specific situations

Article 50 – International cooperation for the protection of personal data

 

Chapter 6 – Independent supervisory authorities

Section 1 – Independent status

Article 51 – Supervisory authority

Article 52 – Independence

Article 53 – General conditions for the members of the supervisory authority

Article 54 – Rules on the establishment of the supervisory authority

Section 2 – Competence, tasks and powers

Article 55 – Competence

Article 56 – Competence of the lead supervisory authority

Article 57 – Tasks

Article 58 – Powers

Article 59 – Activity reports

 

Chapter 7 – Cooperation and consistency

Section 1 – Cooperation

Article 60 – Cooperation between the lead supervisory authority and the other supervisory authorities concerned

Article 61 – Mutual assistance

Article 62 – Joint operations of supervisory authorities

Section 2 – Consistency

Article 63 – Consistency mechanism

Article 64 – Opinion of the Board

Article 65 – Dispute resolution by the Board

Article 66 – Urgency procedure

Article 67 – Exchange of information

Section 3 – European data protection board

Article 68 – European Data Protection Board

Article 69 – Independence

Article 70 – Tasks of the Board

Article 71 – Reports

Article 72 – Procedure

Article 73 – Chair

Article 74 – Tasks of the Chair

Article 75 – Secretariat

Article 76 – Confidentiality

 

Chapter 8 – Remedies, liability and penalties

Article 77 – Right to lodge a complaint with a supervisory authority

Article 78 – Right to an effective judicial remedy against a supervisory authority

Article 79 – Right to an effective judicial remedy against a controller or processor

Article 80 – Representation of data subjects

Article 81 – Suspension of proceedings

Article 82 – Right to compensation and liability

Article 83 – General conditions for imposing administrative fines

Article 84 – Penalties

 

Chapter 9 – Provisions relating to specific processing situations

Article 85 – Processing and freedom of expression and information

Article 86 – Processing and public access to official documents

Article 87 – Processing of the national identification number

Article 88 – Processing in the context of employment

Article 89 – Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes

Article 90 – Obligations of secrecy

Article 91 – Existing data protection rules of churches and religious associations

 

Chapter 10 – Delegated acts and implementing acts

Article 92 – Exercise of the delegation

Article 93 – Committee procedure

  

Chapter 11 – Final provisions

Article 94 – Repeal of Directive 95/46/EC

Article 95 – Relationship with Directive 2002/58/EC

Article 96 – Relationship with previously concluded Agreements

Article 97 – Commission reports

Article 98 – Review of other Union legal acts on data protection

Article 99 – Entry into force and application

Leave a Comment

Verified by MonsterInsights