Search results

data can be transferred to a third country or an international organisation without the existence of an adequate level of protection or the implementation

The Icelandic Data Protection Authority (Persónuvernd) is the national Data Protection Authority for Iceland. It resides in Reykjavík and is in charge

Commission may not compel an undertaking to provide it with answers which might involve an admission on its part of the existence of an infringement which it

of rights may apply, such as the preliminary results of an investigation, a decision opening an inquiry, etc.” Moreover, if special categories of personal

a third country or an international organisation. Member States should notify such provisions to the Commission. Any transfer to an international humanitarian

officers, whether or not they are an employee of the controller, should be in a position to perform their duties and tasks in an independent manner. Article

the Commission with an opinion on the certification requirements referred to in Article 43(8); (r) provide the Commission with an opinion on the icons

particular whether there is an infringement of this Regulation. Recital 143: Action for Annulment of Decisions of the EDPB and Right to an Effective Judicial Remedy

paragraphs 1 and 2, the Board shall issue an opinion on the matter submitted to it provided that it has not already issued an opinion on the same matter. That opinion

CNIL was established in 1978 with the law "Informatique et Libertés". It is an independent administrative authority led by a college of 18 members and a

they form the Sanctions Board, which imposes the fines set out in the GDPR. An independent Expert Board is also appointed by the government for three-year

in particular, the transmission of relevant information on the conduct of an investigation. 3. Requests for assistance shall contain all the necessary

request an urgent opinion or an urgent binding decision from the EDPB where a CSA has not taken an appropriate measure in a situation where there is an urgent

procedure is whether the "advice" of the DPA is indeed merely an advice, or whether it can be seen as an approval on moving forward with the processing operation

connection, “an activity cannot be regarded as being purely personal or domestic where its purpose is to make the data collected accessible to an unrestricted

'not-for-profit' must be given an autonomous meaning, its interpretation in this context should not be determined by Member State law. Essentially, an NPO must not pursue

is in charge of enforcing GDPR in Slovenia. The Information Commissioner is an autonomous and independent body and it oversees personal data protection and

Data Protection Authority (DPA) for Norway, headquartered in Oslo. The DPA is an independent body established in 1980, through the Act No. 48 of 9 June 1978

requires the joint controllers have an arrangement that clearly allocates the roles of each party. This is not an absolute rule. Where the responsibilities

of SAs extends to adequacy decisions adopted by the Commission. An SA is not bound by an adequacy decision adopted by the Commission under Article 45 GDPR