Search results
From GDPRhub
- data can be transferred to a third country or an international organisation without the existence of an adequate level of protection or the implementation21 KB (1,831 words) - 08:51, 27 March 2023
- Persónuvernd (Iceland) (section Filing an Appeal)The Icelandic Data Protection Authority (Persónuvernd) is the national Data Protection Authority for Iceland. It resides in Reykjavík and is in charge2 KB (139 words) - 15:11, 1 December 2020
- Commission may not compel an undertaking to provide it with answers which might involve an admission on its part of the existence of an infringement which it22 KB (2,042 words) - 14:29, 20 November 2023
- of rights may apply, such as the preliminary results of an investigation, a decision opening an inquiry, etc.” Moreover, if special categories of personal44 KB (4,896 words) - 06:25, 16 June 2023
- officers, whether or not they are an employee of the controller, should be in a position to perform their duties and tasks in an independent manner. Article29 KB (2,951 words) - 14:19, 25 July 2023
- a third country or an international organisation. Member States should notify such provisions to the Commission. Any transfer to an international humanitarian29 KB (3,500 words) - 08:54, 27 March 2023
- the Commission with an opinion on the certification requirements referred to in Article 43(8); (r) provide the Commission with an opinion on the icons27 KB (3,038 words) - 12:19, 11 October 2023
- Article 65 GDPR (section (c) Decision after an opinion of the EDPB not requested or followed by supervisory authority (SA))particular whether there is an infringement of this Regulation. Recital 143: Action for Annulment of Decisions of the EDPB and Right to an Effective Judicial Remedy33 KB (4,185 words) - 16:09, 2 November 2023
- paragraphs 1 and 2, the Board shall issue an opinion on the matter submitted to it provided that it has not already issued an opinion on the same matter. That opinion23 KB (2,079 words) - 16:07, 2 November 2023
- CNIL (France) (section Filing an Appeal)CNIL was established in 1978 with the law "Informatique et Libertés". It is an independent administrative authority led by a college of 18 members and a8 KB (824 words) - 22:52, 27 February 2024
- they form the Sanctions Board, which imposes the fines set out in the GDPR. An independent Expert Board is also appointed by the government for three-year5 KB (492 words) - 18:09, 19 March 2024
- connection, “an activity cannot be regarded as being purely personal or domestic where its purpose is to make the data collected accessible to an unrestricted34 KB (4,652 words) - 12:07, 12 November 2023
- in particular, the transmission of relevant information on the conduct of an investigation. 3. Requests for assistance shall contain all the necessary24 KB (2,181 words) - 11:46, 15 January 2024
- request an urgent opinion or an urgent binding decision from the EDPB where a CSA has not taken an appropriate measure in a situation where there is an urgent20 KB (1,590 words) - 16:11, 2 November 2023
- procedure is whether the "advice" of the DPA is indeed merely an advice, or whether it can be seen as an approval on moving forward with the processing operation31 KB (3,646 words) - 08:51, 21 July 2023
- 'not-for-profit' must be given an autonomous meaning, its interpretation in this context should not be determined by Member State law. Essentially, an NPO must not pursue26 KB (2,575 words) - 15:50, 9 November 2023
- IP (Slovenia) (section Filing an Appeal)is in charge of enforcing GDPR in Slovenia. The Information Commissioner is an autonomous and independent body and it oversees personal data protection and10 KB (1,242 words) - 10:51, 6 February 2024
- Data Protection Authority (DPA) for Norway, headquartered in Oslo. The DPA is an independent body established in 1980, through the Act No. 48 of 9 June 197810 KB (1,078 words) - 06:40, 26 March 2023
- Article 26 GDPR (section By means of an arrangement)requires the joint controllers have an arrangement that clearly allocates the roles of each party. This is not an absolute rule. Where the responsibilities37 KB (3,915 words) - 12:49, 24 May 2023
- of SAs extends to adequacy decisions adopted by the Commission. An SA is not bound by an adequacy decision adopted by the Commission under Article 45 GDPR47 KB (5,594 words) - 22:45, 1 April 2024
- law must be subject to "control by an independent authority." Independent supervisory authorities are also considered an essential component of the right27 KB (2,604 words) - 14:24, 16 January 2024
- DSB (Austria) (section Filing an Appeal)is no need to be represented by a lawyer an the procedure is rather informal and usually does not require an oral hearing. The filing fee is € 35. Applicants11 KB (1,468 words) - 13:27, 14 May 2023
- the body, including whether it is an internal or external one. For example, an internal body could be in the form of an “ad hoc internal committee”, or another30 KB (2,720 words) - 14:02, 28 July 2023
- activities of an establishment on SA's territory, affects data subjects on its territory, or where processing, by a controller or processor without an establishment35 KB (3,971 words) - 21:34, 1 April 2024
- re-organisation of an SA. The provision's aim of establishing an exhaustive list of grounds for the termination of a member's mandate is an attempt to safeguard29 KB (2,894 words) - 23:06, 1 April 2024
- The adherence of the processor to an approved code of conduct or an approved certification mechanism may be used as an element to demonstrate compliance13 KB (674 words) - 13:15, 2 June 2023
- is intended to contribute to the accomplishment of an area of freedom, security and justice and of an economic union, to economic and social progress, to28 KB (3,831 words) - 16:21, 14 March 2024
- NAIH (Hungary) (section Filing an Appeal)personal data relating to him infringes the GDPR, he can submit an application for commencing an administrative procedure for data protection. The application7 KB (821 words) - 14:16, 7 March 2024
- example, a proportionate exemption will rightfully apply to an artistic photo meant for an exhibition, but not to the data of buyers that the art gallery33 KB (3,748 words) - 14:25, 7 November 2023
- According to Article 6(9) DMA, gatekeepers shall provide an end user and third parties authorised by an end user with effective portability of data provided40 KB (5,349 words) - 07:05, 1 June 2023
- this Article which intend to prepare a code of conduct or to amend or extend an existing code shall submit the draft code, amendment or extension to the supervisory44 KB (5,008 words) - 14:50, 28 July 2023
- harmonisation, in an attempt to confront a melting pot of legal principles, which are near impossible to fully reconcile. Article 88(1) GDPR acts as an opening clause32 KB (3,228 words) - 13:32, 30 November 2023
- Article 71 - Reports 1. The Board shall draw up an annual report regarding the protection of natural persons with regard to processing in the Union and15 KB (1,196 words) - 08:15, 19 October 2023
- or a specified sector within that third country, or an international organisation does not ensure an adequate level of protection, and imperative grounds17 KB (1,096 words) - 08:19, 19 October 2023
- officers, whether or not they are an employee of the controller, should be in a position to perform their duties and tasks in an independent manner. Article23 KB (2,165 words) - 15:10, 27 July 2023
- authorised by Union law Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor14 KB (716 words) - 15:19, 28 April 2022
- supervisory authority under Articles 57 and 58, certification bodies which have an appropriate level of expertise in relation to data protection shall, after22 KB (1,634 words) - 14:40, 28 July 2023
- DPC (Ireland) (section Filing an Appeal)previously directly engaged with controllers in an "audit" procedure. The DPC now mentions the option to conduct an "inquiry" on their webpage, but highlights8 KB (1,034 words) - 14:13, 20 August 2021
- "right to rectification", addresses situations of inaccurate personal data with an additional right of the data subject that has a broader scope, but also requires23 KB (2,489 words) - 23:24, 6 March 2024
- to professional secrecy or an equivalent obligation of confidentiality under Union Law or the Member State Law, or under an obligation issued by the competent18 KB (1,599 words) - 12:26, 29 April 2022
- The principles of data protection should apply to any information concerning an identified or identifiable natural person. Personal data which have undergone20 KB (1,854 words) - 16:32, 8 March 2024
- of a misdemeanour procedure, provided that such an application of the rules in those Member States has an equivalent effect to administrative fines imposed19 KB (1,477 words) - 14:12, 7 November 2023
- interpretations include 1) documents generated by an authority in its official capacity and 2) all documents held by an authority. Recital 154 seems to lean towards22 KB (2,177 words) - 10:01, 19 March 2024
- UODO (Poland) (section Filing an Appeal)The President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych) is the national Data Protection Authority for Poland. It3 KB (249 words) - 14:38, 1 December 2020
- constitute an appropriate safeguard for international data transfers. BCRs is one of the appropriate safeguards which can be used, in the absence of an adequacy29 KB (2,823 words) - 15:15, 28 April 2022
- a controller is processing inaccurate personal data and that this may have an adverse effect on them (e.g. inaccurate bank account details which may lead32 KB (3,730 words) - 08:43, 7 March 2024
- need for an EU framework to ensure the free flow of personal data within the European common market, the European Commission has proposed an EU Directive48 KB (5,978 words) - 15:57, 1 February 2024
- in Article 12(8) and Article 43(8) shall be conferred on the Commission for an indeterminate period of time from 24 May 2016. 3. The delegation of power19 KB (1,525 words) - 08:18, 19 October 2023
- the consistent application of this Regulation, the Board should be set up as an independent body of the Union. To fulfil its objectives, the Board should19 KB (1,530 words) - 14:23, 12 October 2023
- not adopt such rules and is thus subject to the GDPR. As an illustration of this, in June 2020, an administrative court in Slovenia upheld a decision from25 KB (2,482 words) - 10:04, 19 March 2024