GDPR certification demonstrates your organization's commitment to protecting personal data, according to the EU’s strict standards.| Thoropass
Each supervisory authority shall have all of the following investigative powers: to order the controller and the processor, and, where applicable, the controller’s or the processor’s representative to provide any information it requires for the performance of its tasks; to carry out investigations in the form of data protection audits; to carry out a review … Continue reading Art. 58 GDPR – Powers| General Data Protection Regulation (GDPR)
In the absence of a decision pursuant to Article 45(3), a controller or processor may transfer personal data to a third country or an international organisation only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. The appropriate … Continue reading Art. 46 GDPR – Transfers subject to appropriate safeguards| General Data Protection Regulation (GDPR)
Each supervisory authority shall ensure that the imposition of administrative fines pursuant to this Article in respect of infringements of this Regulation referred to in paragraphs 4, 5 and 6 shall in each individual case be effective, proportionate and dissuasive. 1Administrative fines shall, depending on the circumstances of each individual case, be imposed in addition … Continue reading Art. 83 GDPR – General conditions for imposing administrative fines| General Data Protection Regulation (GDPR)
1Without prejudice to the tasks and powers of the competent supervisory authority under Articles 57 and 58, certification bodies which have an appropriate level of expertise in relation to data protection shall, after informing the supervisory authority in order to allow it to exercise its powers pursuant to point (h) of Article 58(2) where necessary, … Continue reading Art. 43 GDPR – Certification bodies| General Data Protection Regulation (GDPR)
Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject. 1The processor shall … Continue reading Art. 28 GDPR – Processor| General Data Protection Regulation (GDPR)