The GDPR at a Glance 

A better understanding of the EU General Data Protection Regulation (GDPR) 

(Click on the icons below or scroll down the page and find the article you're looking for)

Introduction
The  main concepts to understand the GDPR  

 

The General Data Protection Regulation (“GDPR”) is a European regulation applicable since May 25, 2018. It is aimed at strengthening ...
Read More

The territorial scope of the new data protection regulation applicable from May 2018 (GDPR) is much wider than the one ...
Read More

Under the General Data Protection Regulation (GDPR), any person (including organisations) handling personal data is subject to a different level ...
Read More

Under the EU general data protection regulation (GDPR), any data processing activities must be compliant with six privacy principles, which ...
Read More

Data Protection by design and by default are principles defined in article 25 of the General Data Protection Regulation (GDPR).  ...
Read More

Under the General Data Protection Regulation (GDPR),  the controllers  must determine the legal basis for each purpose of data processing ...
Read More

Data Controller
A glimpse of what a data controller should be aware of
The General Data Protection Regulation (GDPR) requires organisations, processing personal data as controllers, to provide the data subjects (i.e. individuals ...
Read More

Under the European General Data Protection Regulation  (GDPR), controllers (company or public authority using personal data for their purposes) are ...
Read More

Under the European General Data Protection Regulation (GDPR), consent is one of the legal bases upon which controllers may rely ...
Read More

Under the General Gata Protection Regulation (GDPR), controllers must:  Keep a record of their processing activities (see here for more details); ...
Read More

Under the European General Data Protection Regulation (GDPR), organisations processing personal data must maintain a record of their processing activities (ROPA) ...
Read More

Under the General Data Protection Regulation (GDPR), controllers must notify: the competent authority of any personal data breach likely to ...
Read More

Data Processor
Check out the data processor's new responsibilities

Under the European General Data Protection Regulation (GDPR), organisations processing personal data must maintain a record of their processing activities (ROPA) ...
Read More

Under the General Data Protection Regulation (GDPR), processors (i.e. organisations processing personal data on behalf of a third party) is subject to new ...
Read More

Individuals' rights
Overview and more detailed analysis of individuals' rights
The General Data Protection Regulation (GDPR) gives data subjects rights over their own personal data, including the right of access ...
Read More

Under the General Data Protection Regulation (GDPR), individuals have several rights over their personal data (i.e. right of access, right ...
Read More

The right to data portability is the new individual’s right provided in article 20 (1) of the new data protection ...
Read More

Data Protection Officer (DPO)
Requirements, appointment, role etc.
The designation of a Data Protection Officer (DPO) is either mandatory or voluntary depending (i) on the kind of organisation, (ii) ...
Read More

Under the General Data Protection Regulation (GDPR), when an organisation must or choose to appoint a Data Protection Officer (see ...
Read More

When an organisation appoints a Data Protection Officer whether on a voluntarily basis or because its processing activities meet the ...
Read More

Miscellaneous
For both controllers and processors
Following the hundreds  of million fines imposed Amazon, Google and Facebook by the CNIL and other authorities relating to their ...
Read More

Under the General Data Protection Regulation (GDPR), personal data transfer outside of the EEA (i.e. EU and Norway, Lichtenstein and ...
Read More

The General Data Protection Regulation (GDPR), applicable since May 2018, gives the European Data Protection Authorities, since then called the ...
Read More

Under the General Data Protection Regulation (GDPR), organisations which carry out a « cross border data processing » must appoint ...
Read More