
GDPR in plain language
The information contained in this site is provided for informational purposes only, and should not be used as legal advice on any subject matter. You should not act or refrain from acting on the basis of any content included on this site without seeking legal or other professional advice
Article 11 - No ID required

How can we take care of an individual's rights if we don't have details that identify him?
Article 19 - Notification regarding rectification or erasure

Follow the trail of our information.
Article 30 - Records of processing activities

It's the ROPA time. This is the place to start the GDPR journey.
Article 31 - Cooperation with the supervisory authority

Please cooperate with the authorities
Article 32 - Security of processing

Security is not the core of this story, but it definitely matters!
Article 33 - Notification of a personal data breach

Notify the authorities when personal data leaks
Article 35 - Data protection impact assessment

Assess the risk before implementing a new product or service
Article 36 - Prior consultation

If your abilities to protect the private data are limited - consult the authorities
Article 37 -Designation of adata protection officer

When should you nominate an officer? (Hint - always)
Article 38 - Position of the Data Protection Officer

The DPO is your privacy coordinator both internally and externally.
Article 39 - Tasks of the Data Protection Officer

Being a DPO is a complicated assignment. He should be able to wear many hats.
Article 40 - Codes of conduct

Codes of Conduct assist members of that Code with data protection compliance and accountability in specific sectors.
Article 41 - Monitoring of approved codes of conduct

How can one demonstrate that the code of conduct meets the requirements?
Article 42 - Certification

Will we ever have a formal way to get GDPR certification? Great expectations
Article 43 - Certification bodies

Who will be able to certify us (when and if certification will exist)?
Article 45 - Transfers on the basis of an adequacy decision

The wonderful life of the adequate countries
Article 46 - Transfers subject to appropriate safeguards

It's not so easy to move data. The story of Schrems.
Article 47 - Binding corporate rules

All together now - Establish rules that hold for all the enterprise
Article 48 - Transfers or disclosures not authorized by Union law

The right to refuse even to the big guys