Search results
From GDPRhub
- provide the complainant with information about progress on the complaint, or of the outcome of the complaint, before the end of the period of 3 months beginning18 KB (2,488 words) - 15:22, 14 December 2021
- Article 47 GDPR (section (3) Exchange of Information)members; (b) the data transfers or set of transfers, including the categories of personal data, the type of processing and its purposes, the type of data subjects29 KB (2,823 words) - 15:15, 28 April 2022
- considers the decision invalid. However, a national court may not refer a question on the validity of the decision of the Board at the request of a natural30 KB (3,874 words) - 10:46, 7 December 2023
- “accredited” by the competent DPA for the purpose of ensuring compliance with the code of conduct. The criteria for this accreditation is provided in the section30 KB (2,720 words) - 14:02, 28 July 2023
- Article 21 GDPR (section Or processing concerns the establishment, excercise or defence of legal claims)reiterates the obligation on the data controller to inform about the existence of the right to object at the time of the first communication with the data subject49 KB (5,993 words) - 06:22, 16 June 2023
- relevant, as to: (a) the purposes of the processing or categories of processing; (b) the categories of personal data; (c) the scope of the restrictions introduced;44 KB (4,896 words) - 06:25, 16 June 2023
- conflict of interests. 3. The accreditation of certification bodies as referred to in paragraphs 1 and 2 of this Article shall take place on the basis of criteria22 KB (1,634 words) - 14:40, 28 July 2023
- Article 55 GDPR (section (2) Exclusive competence regarding processing for compliance with a legal obligation or in the public interest)for the performance of the tasks assigned to and the exercise of the powers conferred on it in accordance with this Regulation on the territory of its35 KB (3,971 words) - 21:34, 1 April 2024
- here. The budget of the CNIL is decided by the Parliament as part of the annual finance act. data on the budget since 2000 can be found here. You can help8 KB (824 words) - 22:52, 27 February 2024
- includes general elements of any procedure like the service of documents (Section 106 DPA 2018) or the appeals system (Section 150 DPA 2018) in data protection8 KB (1,034 words) - 14:13, 20 August 2021
- Article 34 GDPR (section (2) Minimal requirements of the controller's communication to the data subject)that the enforcement of Article 34 GDPR is likely to be difficult as the controller is the entity making the assessment of the level of the risk. The reporting37 KB (3,962 words) - 15:20, 16 June 2023
- such a manner that the processing will meet the requirements of the GDPR and ensure the protection of the rights of the data subject. The controller must72 KB (9,140 words) - 13:12, 2 June 2023
- Article 39 GDPR (section (2) Risk-based approach)and on the demonstration of compliance by the controller or the processor, especially as regards the identification of the risk related to the processing23 KB (2,165 words) - 15:10, 27 July 2023
- following the expiration of the second month referred to in paragraph 2 by a simple majority of the members of the Board. Where the members of the Board are33 KB (4,185 words) - 16:09, 2 November 2023
- Article 91 GDPR (section (2) DPA supervision)itself, or the general DPA responsible for monitoring the application of the GDPR at the regional or national level. In both cases, all the conditions25 KB (2,482 words) - 10:04, 19 March 2024
- Article 38 GDPR (section (2) Necessary resources)monitoring of the data subjects on a large scale, or where the core activities of the controller or the processor consist of processing on a large scale of special29 KB (2,951 words) - 14:19, 25 July 2023
- helps to clarify the scope of obligations placed on controllers and processors based outside of the EU. Where Article 3(2) GDPR applies, the controller or25 KB (2,418 words) - 14:11, 24 May 2023
- Article 57 GDPR (section (m) Encourage the drawing up of codes of conduct and regulate the use of codes of conduct)indicate the supervisory authority which has issued the measure, the date of issue of the measure, bear the signature of the head, or a member of the supervisory60 KB (7,796 words) - 20:12, 1 April 2024
- Spanish DPA regarding a controller established in the UK. The Spanish DPA was unable to settle a case after the British DPA, following Brexit, left the Internal17 KB (1,142 words) - 15:41, 28 April 2022
- investigative powers of the competent DPA. The powers in question are provided for in Article 58(e) and (f) GDPR, under which the DPA can “obtain, from the controller18 KB (1,599 words) - 12:26, 29 April 2022