adv IusOnDemand
GDPR: cerca testo considerando multilingue compara
Comparing text - Output generated live by software developed by IusOnDemand srl
GDPR, art.#47:
< >
GDPR - BG CS DE EL EN ES ET FI FR GA IT LV LT MT PT SK SL SV
KAPITOLU V Trasferimenti ta' data personali lejn pajjiżi terzi jew organizzazzjonijiet internazzjonali
Taqsima 5 Kodiċijiet ta' kondotta u ċertifikazzjoni
Artikolu 47 Regoli korporattivi vinkolanti

1.   L-awtorità superviżorja kompetenti għandha tapprova regoli korporattivi vinkolanti f'konformità mal-mekkaniżmu ta' konsistenza stabbilita fl-Artikolu 63, dment li dawn:

(a)

ikunu legalment vinkolanti u japplikaw għal, u jkunu infurzati minn, kull membru kkonċernat tal-grupp ta' impriżi, jew il-grupp ta' intrapriżi involuti f'attività ekonomika konġunta, inklużi l-impjegati tagħhom;

(b)

espressament jikkonferixxu drittijiet infurzabbli lis-suġġetti tad-data fir-rigward tal-ipproċessar tad-data personali tagħhom; u

(c)

jissodisfaw ir-rekwiżiti stipulati fil-paragrafu 2.

2.   Ir-regoli korporattivi vinkolanti msemmija fil-paragrafu 1 għandhom jispeċifikaw tal-anqas:

(a)

l-istruttura u d-dettalji ta' kuntatt tal-grupp ta' impriżi, jew grupp ta' intrapriżi involuti f'attività ekonomika konġunta u ta' kull wieħed mill-membri tiegħu;

(b)

it-trasferimenti tad-data jew is-sett ta' trasferimenti, inklużi l-kategoriji ta' data personali, it-tip ta' pproċessar u l-għanijiet tiegħu, it-tip ta' suġġetti tad-data affettwati u l-identifikazzjoni tal-pajjiż jew il-pajjiżi terzi inkwistjoni;

(c)

in-natura legalment vinkolanti tagħhom, kemm internament kif ukoll esternament;

(d)

l-applikazzjoni tal-prinċipji ġenerali tal-protezzjoni tad-data, b'mod partikolari l-limitazzjoni tal-għan, il-minimizzazzjoni tad-data, il-perijodi ta' ħżin limitati, il-kwalità tad-data, il-protezzjoni tad-data mid-disinn u b'mod awtomatiku, il-bażi legali għall-ipproċessar, l-ipproċessar ta' kategoriji speċjali ta' data personali, il-miżuri li jiżguraw is-sigurtà tad-data, u r-rekwiżiti fir-rigward ta' trasferimenti ulterjuri lejn korpi li ma jkunux marbuta bir-regoli korporattivi vinkolanti;

(e)

id-drittijiet tas-suġġetti tad-data fir-rigward tal-ipproċessar u l-mezzi għall-eżerċitar ta' dawk id-drittijiet, inkluż id-dritt li wieħed ma jkunx soġġett għal deċiżjonijiet ibbażati biss fuq ipproċessar awtomatizzat, inkluż it-tfassil ta' profili f'konformità mal-Artikolu 22, id-dritt li wieħed iressaq ilment mal-awtorità superviżorja kompetenti u quddiem il-qrati kompetenti tal-Istati Membri f'konformità mal-Artikolu 79, u li wieħed jikseb rimedju u, fejn xieraq, kumpens għal ksur tar-regoli korporattivi vinkolanti;

(f)

l-aċċettazzjoni mill-kontrollur jew il-proċessur stabbilit fit-territorju ta' Stat Membru tar-responsabbiltà għal kwalunkwe ksur tar-regoli korporattivi vinkolanti minn kwalunkwe membru kkonċernat mhux stabbilit fl-Unjoni; il-kontrollur jew il-proċessur għandu jkun eżentat minn dik ir-responsabbiltà, b'mod sħiħ jew parzjali, biss jekk jagħti prova li dak il-membru mhuwiex responsabbli għall-avveniment li ħoloq id-dannu;

(g)

kif l-informazzjoni dwar ir-regoli korporattivi vinkolanti, b'mod partikolari dwar id-dispożizzjonijiet imsemmija fil-punti (d), (e) u (f) ta' dan il-paragrafu tiġi pprovduta lis-suġġetti tad-data flimkien mal-informazzjoni msemmija fl-Artikoli 13 u 14;

(h)

il-kompiti ta' kwalunkwe uffiċjal tal-protezzjoni tad-data maħtur f'konformità mal-Artikolu 37 jew kwalunkwe persuna jew entità oħra inkarigata mill-monitoraġġ tal-konformità mar-regoli korporattivi vinkolanti fil-grupp ta' impriżi, jew grupp ta' intrapriżi involuti f'attività ekonomika konġunta, kif ukoll il-monitoraġġ tat-taħriġ u l-ġestjoni tal-ilmenti;

(i)

il-proċeduri tal-ilmenti;

(j)

il-mekkaniżmi fil-grupp ta' impriżi, jew grupp ta' intrapriżi involuti f'attività ekonomika konġunta li jiżguraw il-verifika tal-konformità mar-regoli korporattivi vinkolanti. Tali mekkaniżmi għandhom jinkludu awditi tal-protezzjoni tad-data u metodi li jiżguraw azzjonijiet korrettivi għall-protezzjoni tad-drittijiet tas-suġġett tad-data. Ir-riżultati ta' tali verifika għandhom jiġu kkomunikati lill-persuna jew l-entità msemmija fil-punt (h) u lill-bord tal-impriża ta' kontroll ta' grupp ta' impriżi jew tal-grupp ta' intrapriżi involuti f'attività ekonomika konġunta, u għandhom ikunu disponibbli, fuq talba, għall-awtorità superviżorja kompetenti;

(k)

il-mekkaniżmi għar-rappurtar u r-reġistrazzjoni ta' bidliet fir-regoli u r-rappurtar ta' dawk il-bidliet lill-awtorità superviżorja;

(l)

il-mekkaniżmu ta' kooperazzjoni mal-awtorità superviżorja biex tiġi żgurata konformità minn kwalunkwe membru tal-grupp ta' impriżi, jew grupp ta' intrapriżi involuti f'attività ekonomika konġunta, b'mod partikolari billi jagħmel disponibbli għall-awtorità superviżorja r-riżultati ta' verifiki tal-miżuri msemmija fil-punt (j);

(m)

il-mekkaniżmi għar-rappurtar lill-awtorità superviżorja kompetenti ta' kwalunkwe rekwiżit legali li għalih membru tal-grupp ta' impriżi jew grupp ta' intrapriżi involuti f'attività ekonomika konġunta ikun soġġett f'pajjiż terz li x'aktarx jista' jkollu effett negattiv sostanzjali fuq il-garanziji previsti mir-regoli korporattivi vinkolanti; u

(n)

it-taħriġ xieraq fil-protezzjoni tad-data lil persunal li jkollu aċċess permanenti jew regolari għad-data personali.

3.   Il-Kummissjoni tista' tispeċifika l-format u l-proċeduri għall-iskambju ta' informazzjoni bejn kontrolluri, proċessuri u awtoritajiet superviżorji għar-regoli korporattivi vinkolanti fis-sens ta' dan l-Artikolu. Dawk l-atti ta' implimentazzjoni għandhom jiġu adottati f'konformità mal-proċedura ta' eżami stabbilita fl-Artikolu 93(2).

  • tad-data 15
  • vinkolanti 12
  • korporattivi 10
  • intrapriżi 7
  • involuti 7
  • ekonomika 7
  • superviżorja 7
  • konġunta 7
  • impriżi 7
  • attività 7
  • kwalunkwe 6
  • konformità 6
  • grupp 6
  • tal-grupp 5
  • kompetenti 5
  • membru 5
  • għandhom 5
  • wieħed 4
  • minn 4
  • personali 4
  • msemmija 4
  • għal 4
  • mal-artikolu 3
  • partikolari 3
  • dawk 3
  • il-mekkaniżmi 3
  • jiżguraw 3
  • fir-rigward 3
  • tal-protezzjoni 3
  • tagħhom 3
  • it-tip 2
  • tal-konformità 2
 GDPR - BG CS DE EL EN ES ET FI FR GA IT LV LT MT PT SK SL SV
CHAPTER V Transfers of personal data to third countries or international organisations
Section 5 Codes of conduct and certification
Article 47 Binding corporate rules

1.   The competent supervisory authority shall approve binding corporate rules in accordance with the consistency mechanism set out in Article 63, provided that they:

(a)

are legally binding and apply to and are enforced by every member concerned of the group of undertakings, or group of enterprises engaged in a joint economic activity, including their employees;

(b)

expressly confer enforceable rights on data subjects with regard to the processing of their personal data; and

(c)

fulfil the requirements laid down in paragraph 2.

2.   The binding corporate rules referred to in paragraph 1 shall specify at least:

(a)

the structure and contact details of the group of undertakings, or group of enterprises engaged in a joint economic activity and of each of its members;

(b)

the data transfers or set of transfers, including the categories of personal data, the type of processing and its purposes, the type of data subjects affected and the identification of the third country or countries in question;

(c)

their legally binding nature, both internally and externally;

(d)

the application of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design and by default, legal basis for processing, processing of special categories of personal data, measures to ensure data security, and the requirements in respect of onward transfers to bodies not bound by the binding corporate rules;

(e)

the rights of data subjects in regard to processing and the means to exercise those rights, including the right not to be subject to decisions based solely on automated processing, including profiling in accordance with Article 22, the right to lodge a complaint with the competent supervisory authority and before the competent courts of the Member States in accordance with Article 79, and to obtain redress and, where appropriate, compensation for a breach of the binding corporate rules;

(f)

the acceptance by the controller or processor established on the territory of a Member State of liability for any breaches of the binding corporate rules by any member concerned not established in the Union; the controller or the processor shall be exempt from that liability, in whole or in part, only if it proves that that member is not responsible for the event giving rise to the damage;

(g)

how the information on the binding corporate rules, in particular on the provisions referred to in points (d), (e) and (f) of this paragraph is provided to the data subjects in addition to Articles 13 and 14;

(h)

the tasks of any data protection officer designated in accordance with Article 37 or any other person or entity in charge of the monitoring compliance with the binding corporate rules within the group of undertakings, or group of enterprises engaged in a joint economic activity, as well as monitoring training and complaint-handling;

(i)

the complaint procedures;

(j)

the mechanisms within the group of undertakings, or group of enterprises engaged in a joint economic activity for ensuring the verification of compliance with the binding corporate rules. Such mechanisms shall include data protection audits and methods for ensuring corrective actions to protect the rights of the data subject. Results of such verification should be communicated to the person or entity referred to in point (h) and to the board of the controlling undertaking of a group of undertakings, or of the group of enterprises engaged in a joint economic activity, and should be available upon request to the competent supervisory authority;

(k)

the mechanisms for reporting and recording changes to the rules and reporting those changes to the supervisory authority;

(l)

the cooperation mechanism with the supervisory authority to ensure compliance by any member of the group of undertakings, or group of enterprises engaged in a joint economic activity, in particular by making available to the supervisory authority the results of verifications of the measures referred to in point (j);

(m)

the mechanisms for reporting to the competent supervisory authority any legal requirements to which a member of the group of undertakings, or group of enterprises engaged in a joint economic activity is subject in a third country which are likely to have a substantial adverse effect on the guarantees provided by the binding corporate rules; and

(n)

the appropriate data protection training to personnel having permanent or regular access to personal data.

3.   The Commission may specify the format and procedures for the exchange of information between controllers, processors and supervisory authorities for binding corporate rules within the meaning of this Article. Those implementing acts shall be adopted in accordance with the examination procedure set out in Article 93(2).

Link to art.:

· article 63
  • data 18
  • group 14
  • binding 12
  • rules 11
  • corporate 10
  • supervisory 8
  • enterprises 7
  • joint 7
  • activity 7
  • engaged 7
  • authority 7
  • undertakings 7
  • economic 7
  • member 6
  • processing 6
  • accordance 5
  • competent 5
  • shall 5
  • protection 5
  • personal 4
  • mechanisms 4
  • referred 4
  • subjects 4
  • rights 4
  • including 4
  • article  4
  • within 3
  •    the 3
  • provided 3
  • compliance 3
  • requirements 3
  • transfers 3

Home GDPR - Reset comparing


dal 2004 diritto e informatica