Without prejudice to the tasks and powers of the competent supervisory authority under Articles 57 and 58, the monitoring of compliance with a code of conduct pursuant to Article 40 may be carried out by a body which has an appropriate level of expertise in relation to the subject-matter of the code and is accredited … Continue reading Art. 41 GDPR – Monitoring of approved codes of conduct| General Data Protection Regulation (GDPR)
In the absence of a decision pursuant to Article 45(3), a controller or processor may transfer personal data to a third country or an international organisation only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. The appropriate … Continue reading Art. 46 GDPR – Transfers subject to appropriate safeguards| General Data Protection Regulation (GDPR)
1The Commission shall be assisted by a committee. 2That committee shall be a committee within the meaning of Regulation (EU) No 182/2011. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply. Where reference is made to this paragraph, Article 8 of Regulation ((EU) No 182/2011, in conjunction with … Continue reading Art. 93 GDPR – Committee procedure| General Data Protection Regulation (GDPR)
In order to contribute to the consistent application of this Regulation throughout the Union, the supervisory authorities shall cooperate with each other and, where relevant, with the Commission, through the consistency mechanism as set out in this Section.| General Data Protection Regulation (GDPR)
Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, the controller shall, both at the time of the determination of the means … Continue reading Art. 25 GDPR – Data protection by design and by default| General Data Protection Regulation (GDPR)
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level … Continue reading Art. 32 GDPR – Security of processing| General Data Protection Regulation (GDPR)