1A transfer of personal data to a third country or an international organisation may take place where the Commission has decided that the third country, a territory or one or more specified sectors within that third country, or the international organisation in question ensures an adequate level of protection. 2Such a transfer shall not require … Continue reading Art. 45 GDPR – Transfers on the basis of an adequacy decision| General Data Protection Regulation (GDPR)
The competent supervisory authority shall approve binding corporate rules in accordance with the consistency mechanism set out in Article 63, provided that they: are legally binding and apply to and are enforced by every member concerned of the group of undertakings, or group of enterprises engaged in a joint economic activity, including their employees; expressly … Continue reading Art. 47 GDPR – Binding corporate rules| General Data Protection Regulation (GDPR)
1The Commission shall be assisted by a committee. 2That committee shall be a committee within the meaning of Regulation (EU) No 182/2011. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply. Where reference is made to this paragraph, Article 8 of Regulation ((EU) No 182/2011, in conjunction with … Continue reading Art. 93 GDPR – Committee procedure| General Data Protection Regulation (GDPR)
In order to contribute to the consistent application of this Regulation throughout the Union, the supervisory authorities shall cooperate with each other and, where relevant, with the Commission, through the consistency mechanism as set out in this Section.| General Data Protection Regulation (GDPR)
1The Member States, the supervisory authorities, the Board and the Commission shall encourage, in particular at Union level, the establishment of data protection certification mechanisms and of data protection seals and marks, for the purpose of demonstrating compliance with this Regulation of processing operations by controllers and processors. 2The specific needs of micro, small and … Continue reading Art. 42 GDPR – Certification| General Data Protection Regulation (GDPR)
The Member States, the supervisory authorities, the Board and the Commission shall encourage the drawing up of codes of conduct intended to contribute to the proper application of this Regulation, taking account of the specific features of the various processing sectors and the specific needs of micro, small and medium-sized enterprises. Associations and other bodies … Continue reading Art. 40 GDPR – Codes of conduct| General Data Protection Regulation (GDPR)