EDPB - Endorsement 1/2018

EDPB - Endorsement 1/2018
Authority:	EDPB
Jurisdiction:	European Union
Relevant Law:
Type:
Outcome:	n/a
Started:
Decided:	25.05.2018
Published:
Fine:	n/a
Parties:	n/a
National Case Number/Name:	Endorsement 1/2018
European Case Law Identifier:	n/a
Appeal:	n/a
Original Language(s):	English
Original Source:	Endorsement 1/2018 (in EN)
Initial Contributor:	n/a

THE EUROPEAN DATA PROTECTION BOARD

Whereas:

(1) The European Data Protection Board (EDPB) is an independent body with legal personality, responsible for ensuring the consistent application of the General Data Protection Regulation (GDPR).

(2) The EDPB succeeds the Article 29 Working party set up under Article 29 of Directive 95/46/EC. It is composed of the Member States data protection authorities and the EDPS.

(3) The GDPR enters into application today, 25 May 2018, while the Directive 95/46/EC is repealed with effect from today.

(4) The Article 29 Working Party has committed itself and adopted in the last two years guidelines and other documents on various aspects of the GDPR, contributing thus to the consistent application of the GDPR. The Article 29 Working Party has consulted interested parties, where appropriate.

Acknowledges the continuity of the work provided by the predecessor Article 29 Working Party. Without prejudice to any future revision as appropriate, it endorses the Article 29 Working Party documents as following:

1. Guidelines on consent under Regulation 2016/679, WP259 rev.01

2. Guidelines on transparency under Regulation 2016/679, WP260 rev.01

3. Automated individual decision-making and profiling Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679, WP251rev.01

4. Personal data breach notification Guidelines on Personal data breach notification under Regulation 2016/679, WP 250 rev.01

5. The right to data portability Guidelines on the right to data portability under Regulation 2016/679, WP 242 rev.01

6. Data protection impact assessment Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is "likely to result in a high risk" for the purposes of Regulation 2016/679, WP248 rev.01

7. Data protection officers Guidelines on Data Protection Officers ('DPO'), WP243 rev.01

8. Lead supervisory authority Guidelines for identifying a controller or processor's lead supervisory authority, WP244 rev.01

9. Position Paper on the derogations from the obligation to maintain records of processing activities pursuant to Article 30(5) GDPR]

10. Working Document Setting Forth a Co-Operation Procedure for the approval of “Binding Corporate Rules” for controllers and processors under the GDPR, WP 263 rev.01

11. Recommendation on the Standard Application for Approval of Controller Binding Corporate Rules for the Transfer of Personal Data, WP 264

12. Recommendation on the Standard Application form for Approval of Processor Binding Corporate Rules for the Transfer of Personal Data, WP 265

13. Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules, WP 256 rev.01

14. Working Document setting up a table with the elements and principles to be found in Processor Binding Corporate Rules, WP 257 rev.01

15. Adequacy Referential, WP 254 rev.01

16. Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679, WP 253

Brussels, 25 May 2018

For the European Data Protection Board

Andrea Jelinek

Chair

© European Data Protection Board, 2018-2024.	This item was provided by the European Data Protection Board. You may re-use it free of charge for non-commercial and commercial purposes provided that the source is acknowledged and that you do not distort the original meaning or message of the document.

[[Category: