graphgrc

GDPR

• Article 1 - Subject-matter and objectives
• Article 2 - Material scope
• Article 3 - Territorial scope
• Article 4 - Definitions
• Article 5 - Principles relating to processing of personal data
• Article 6 - Lawfulness of processing
• Article 7 - Conditions for consent
• Article 8 - Conditions applicable to child’s consent in relation to information society services
• Article 9 - Processing of special categories of personal data
• Article 10 - Processing of personal data relating to criminal convictions and offences
• Article 11 - Processing which does not require identification
• Article 12 - Transparent information, communication and modalities for the exercise of the rights of the data subject
• Article 13 - Information to be provided where personal data are collected from the data subject
• Article 14 - Information to be provided where personal data have not been obtained from the data subject
• Article 15 - Right of access by the data subject
• Article 16 - Right to rectification
• Article 17 - Right to erasure (‘right to be forgotten’)
• Article 18 - Right to restriction of processing
• Article 19 - Notification obligation regarding rectification or erasure of personal data or restriction of processing
• Article 20 - Right to data portability
• Article 21 - Right to object
• Article 22 - Automated individual decision-making, including profiling
• Article 23 - Restrictions
• Article 24 - Responsibility of the controller
• Article 25 - Data protection by design and by default
• Article 26 - Joint controllers
• Article 27 - Representatives of controllers or processors not established in the Union
• Article 28 - Processor
• Article 29 - Processing under the authority of the controller or processor
• Article 30 - Records of processing activities
• Article 31 - Cooperation with the supervisory authority
• Article 32 - Security of processing
• Article 33 - Notification of a personal data breach to the supervisory authority
• Article 34 - Communication of a personal data breach to the data subject
• Article 35 - Data protection impact assessment
• Article 36 - Prior consultation
• Article 37 - Designation of the data protection officer
• Article 38 - Position of the data protection officer
• Article 39 - Tasks of the data protection officer
• Article 40 - Codes of conduct
• Article 42 - Certification
• Article 44 - General principle for transfers
• Article 45 - Transfers on the basis of an adequacy decision
• Article 46 - Transfers subject to appropriate safeguards
• Article 47 - Binding corporate rules
• Article 48 - Transfers or disclosures not authorised by Union law
• Article 49 - Derogations for specific situations
• Article 82 - Right to compensation and liability
• Article 83 - General conditions for imposing administrative fines
• Article 87 - Processing of the national identification number
• Article 88 - Processing in the context of employment
• Article 99 - Entry into force and application

This site is open source. Improve this page.