Editing Article 57 GDPR

From GDPRhub

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.

Latest revision Your text
Line 285: Line 285:
  
 
====(m) encourage the drawing up of codes of conduct pursuant to Article 40(1) and provide an opinion and approve such codes of conduct which provide sufficient safeguards, pursuant to Article 40(5);====
 
====(m) encourage the drawing up of codes of conduct pursuant to Article 40(1) and provide an opinion and approve such codes of conduct which provide sufficient safeguards, pursuant to Article 40(5);====
See comment under Article 40.
+
Supervisory authorities promote according to Art.40 para.1 (→ Art. 40Rn. 7 ) the elaboration of rules of conduct. What the funding should consist of is not specifically regulated. A pragmatic approach consists in the publication of checklists for the creation of rules of conduct. On the other hand, it is correctly argued that, if the encouragement to develop codes of conduct takes place, regulators must have sufficient resources for these time-consuming and labor-intensive processes. The approval procedure is set out in Article 40(5). Rules of conduct that affect processing activities in several Member States must be submitted to the EDPB in accordance with Article 40(7) GDPR. The coherence procedure according to Art.64(1)(b) applies.
  
 
====(n) encourage the establishment of data protection certification mechanisms and of data protection seals and marks pursuant to Article 42(1), and approve the criteria of certification pursuant to Article 42(5);====
 
====(n) encourage the establishment of data protection certification mechanisms and of data protection seals and marks pursuant to Article 42(1), and approve the criteria of certification pursuant to Article 42(5);====
See comment under Article 42.
+
The supervisory authorities should expressly introduce data protection certification mechanisms as well as data protection seals and certification marks in accordance with Article 42(1) GDPR.
  
====(o) where applicable, carry out a periodic review of certifications issued in accordance with Article 42(7);====
+
==== (o) where applicable, carry out a periodic review of certifications issued in accordance with Article 42(7); ====
See comment under Article 42.
 
  
====(p) draft and publish the criteria for accreditation of a body for monitoring codes of conduct pursuant to Article 41 and of a certification body pursuant to Article 43;====
+
==== (p) draft and publish the criteria for accreditation of a body for monitoring codes of conduct pursuant to Article 41 and of a certification body pursuant to Article 43 ====
See comments under Article 41 and 43.
 
  
====(q) conduct the accreditation of a body for monitoring codes of conduct pursuant to Article 41 and of a certification body pursuant to Article 43;====
+
==== (q) conduct the accreditation of a body for monitoring codes of conduct pursuant to Article 41 and of a certification body pursuant to Article 43; ====
See comments under Article 41 and 43.
 
  
====(r) authorise contractual clauses and provisions referred to in Article 46(3);====
+
==== (r) authorise contractual clauses and provisions referred to in Article 46(3); ====
See comment under Article 46.
 
  
====(s) approve binding corporate rules pursuant to Article 47;====
+
==== (s) approve binding corporate rules pursuant to Article 47; ====
See comment under Article 47.
 
  
====(t) contribute to the activities of the Board;====
+
==== (t) contribute to the activities of the Board; ====
''You can help us fill this section!''
 
  
====(u) keep internal records of infringements of this Regulation and of measures taken in accordance with Article 58(2); and====
+
==== (u) keep internal records of infringements of this Regulation and of measures taken in accordance with Article 58(2); and ====
See comment under Article 58.
 
  
====(v) fulfil any other tasks related to the protection of personal data.====
+
==== (v) fulfil any other tasks related to the protection of personal data. ====
Article 57(1)(v) constitutes the residual provision for all “''other tasks related to the protection of personal data''”. The list of tasks is therefore not exhaustive and Member States can provide for further tasks in national law. However, these should be chosen carefully with a view to the respective financial resources and the already far-reaching tasks. <ref>Kühling / Buchner / Boehm, 3rd edition 2020, GDPR Art. 57 Rn. 24</ref>
 
  
 
===Submission of complaints should be facilitated===
 
===Submission of complaints should be facilitated===

Please note that all contributions to GDPRhub are considered to be released under the Creative Commons Attribution-NonCommercial-ShareAlike (see GDPRhub:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To edit this page, please answer the question that appears below (more info):

Cancel Editing help (opens in new window)