The GDPR at a Glance 

A better understanding of the EU General Data Protection Regulation (GDPR) 

(Click on the icons below or scroll down the page and find the article you're looking for)

Introduction
The  main concepts to understand the GDPR  

 

The General Data Protection Regulation (“GDPR”) is a European regulation applicable since May 25, 2018. It is aimed at strengthening ...

The territorial scope of the new data protection regulation applicable from May 2018 (GDPR) is much wider than the one ...

Under the General Data Protection Regulation (GDPR), any person (including organisations) handling personal data is subject to a different level ...

Under the EU general data protection regulation (GDPR), any data processing activities must be compliant with six privacy principles, which ...

Data Protection by design and by default are principles defined in article 25 of the General Data Protection Regulation (GDPR).  ...

Under the General Data Protection Regulation (GDPR),  the controllers  must determine the legal basis for each purpose of data processing ...

Data Controller
A glimpse of what a data controller should be aware of
The General Data Protection Regulation (GDPR) requires organisations, processing personal data as controllers, to provide the data subjects (i.e. individuals ...

Under the European General Data Protection Regulation  (GDPR), controllers (company or public authority using personal data for their purposes) are ...

Under the European General Data Protection Regulation (GDPR), consent is one of the legal bases upon which controllers may rely ...

Under the General Gata Protection Regulation (GDPR), controllers must:  Keep a record of their processing activities (see here for more details); ...

Under the European General Data Protection Regulation (GDPR), organisations processing personal data must maintain a record of their processing activities (ROPA) ...

Under the General Data Protection Regulation (GDPR), controllers must notify: the competent authority of any personal data breach likely to ...

Data Processor
Check out the data processor's new responsibilities

Under the European General Data Protection Regulation (GDPR), organisations processing personal data must maintain a record of their processing activities (ROPA) ...

Under the General Data Protection Regulation (GDPR), processors (i.e. organisations processing personal data on behalf of a third party) is subject to new ...

Individuals' rights
Overview and more detailed analysis of individuals' rights
The General Data Protection Regulation (GDPR) gives data subjects rights over their own personal data, including the right of access ...

Under the General Data Protection Regulation (GDPR), individuals have several rights over their personal data (i.e. right of access, right ...

The right to data portability is the new individual’s right provided in article 20 (1) of the new data protection ...

Data Protection Officer (DPO)
Requirements, appointment, role etc.
The designation of a Data Protection Officer (DPO) is either mandatory or voluntary depending (i) on the kind of organisation, (ii) ...

Under the General Data Protection Regulation (GDPR), when an organisation must or choose to appoint a Data Protection Officer (see ...

When an organisation appoints a Data Protection Officer whether on a voluntarily basis or because its processing activities meet the ...

Miscellaneous
For both controllers and processors
Following the hundreds  of million fines imposed Amazon, Google and Facebook by the CNIL and other authorities relating to their ...

Under the General Data Protection Regulation (GDPR), personal data transfer outside of the EEA (i.e. EU and Norway, Lichtenstein and ...

The General Data Protection Regulation (GDPR), applicable since May 2018, gives the European Data Protection Authorities, since then called the ...

Under the General Data Protection Regulation (GDPR), organisations which carry out a « cross border data processing » must appoint ...