GDPR in plain language
The information contained in this site is provided for informational purposes only, and should not be used as legal advice on any subject matter. You should not act or refrain from acting on the basis of any content included on this site without seeking legal or other professional advice
Article 11 - No ID required
How can we take care of an individual's rights if we don't have details that identify him?
Article 19 - Notification regarding rectification or erasure
Follow the trail of our information.
Article 30 - Records of processing activities
It's the ROPA time. This is the place to start the GDPR journey.
Article 31 - Cooperation with the supervisory authority
Please cooperate with the authorities
Article 32 - Security of processing
Security is not the core of this story, but it definitely matters!
Article 33 - Notification of a personal data breach
Notify the authorities when personal data leaks
Article 35 - Data protection impact assessment
Assess the risk before implementing a new product or service
Article 36 - Prior consultation
If your abilities to protect the private data are limited - consult the authorities
Article 37 -Designation of adata protection officer
When should you nominate an officer? (Hint - always)
Article 38 - Position of the Data Protection Officer
The DPO is your privacy coordinator both internally and externally.
Article 39 - Tasks of the Data Protection Officer
Being a DPO is a complicated assignment. He should be able to wear many hats.
Article 40 - Codes of conduct
Codes of Conduct assist members of that Code with data protection compliance and accountability in specific sectors.
Article 41 - Monitoring of approved codes of conduct
How can one demonstrate that the code of conduct meets the requirements?
Article 42 - Certification
Will we ever have a formal way to get GDPR certification? Great expectations
Article 43 - Certification bodies
Who will be able to certify us (when and if certification will exist)?
Article 45 - Transfers on the basis of an adequacy decision
The wonderful life of the adequate countries
Article 46 - Transfers subject to appropriate safeguards
It's not so easy to move data. The story of Schrems.
Article 47 - Binding corporate rules
All together now - Establish rules that hold for all the enterprise
Article 48 - Transfers or disclosures not authorized by Union law
The right to refuse even to the big guys