interactive GDPR 2016/0679 EN

(1) The protection of natural persons in relation to the processing of per...

(2) The principles of, and rules on the protection of natural persons with...

(3) Directive 95/46/EC of the European Parliament and of the Council (4) ...

(4) The processing of personal_data should be designed to serve mankind. T...

(5) The economic and social integration resulting from the functioning of ...

(6) Rapid technological developments and globalisation have brought new ch...

(7) Those developments require a strong and more coherent data protection ...

(8) Where this Regulation provides for specifications or restrictions of i...

(9) The objectives and principles of Directive 95/46/EC remain sound, but ...

(10) In order to ensure a consistent and high level of protection of natura...

(11) Effective protection of personal_data throughout the Union requires th...

(12) Article 16(2) TFEU mandates the European Parliament and the Council to...

(13) In order to ensure a consistent level of protection for natural person...

(14) The protection afforded by this Regulation should apply to natural per...

(15) In order to prevent creating a serious risk of circumvention, the prot...

(16) This Regulation does not apply to issues of protection of fundamental ...

(17) Regulation (EC) No 45/2001 of the European Parliament and of the Counc...

(18) This Regulation does not apply to the processing of personal_data by a...

(19) The protection of natural persons with regard to the processing of per...

(20) While this Regulation applies, inter alia, to the activities of courts...

(21) This Regulation is without prejudice to the application of Directive 2...

(22) Any processing of personal_data in the context of the activities of an...

(23) In order to ensure that natural persons are not deprived of the protec...

(24) The processing of personal_data of data subjects who are in the Union ...

(25) Where Member State law applies by virtue of public international law, ...

(26) The principles of data protection should apply to any information conc...

(27) This Regulation does not apply to the personal_data of deceased person...

(28) The application of pseudonymisation to personal_data can reduce the ri...

(29) In order to create incentives to apply pseudonymisation when processin...

(30) Natural persons may be associated with online identifiers provided by ...

(31) Public authorities to which personal_data are disclosed in accordance ...

(32) Consent should be given by a clear affirmative act establishing a free...

(33) It is often not possible to fully identify the purpose of personal dat...

(34) Genetic data should be defined as personal_data relating to the inheri...

(35) Personal data_concerning_health should include all data pertaining to ...

(36) The main_establishment of a controller in the Union should be the plac...

(37) A group_of_undertakings should cover a controlling undertaking and its...

(38) Children merit specific protection with regard to their personal_data,...

(39) Any processing of personal_data should be lawful and fair. It should b...

(40) In order for processing to be lawful, personal_data should be processe...

(41) Where this Regulation refers to a legal basis or a legislative measure...

(42) Where processing is based on the data subject's consent, the controlle...

(43) In order to ensure that consent is freely given, consent should not pr...

(44) Processing should be lawful where it is necessary in the context of a ...

(45) Where processing is carried out in accordance with a legal obligation ...

(46) The processing of personal_data should also be regarded to be lawful w...

(47) The legitimate interests of a controller, including those of a control...

(48) Controllers that are part of a group_of_undertakings or institutions a...

(49) The processing of personal_data to the extent strictly necessary and p...

(50) The processing of personal_data for purposes other than those for whic...

(51) Personal data which are, by their nature, particularly sensitive in re...

(52) Derogating from the prohibition on processing special categories of pe...

(53) Special categories of personal_data which merit higher protection shou...

(54) The processing of special categories of personal_data may be necessary...

(55) Moreover, the processing of personal_data by official authorities for ...

(56) Where in the course of electoral activities, the operation of the demo...

(57) If the personal_data processed by a controller do not permit the contr...

(58) The principle of transparency requires that any information addressed ...

(59) Modalities should be provided for facilitating the exercise of the dat...

(60) The principles of fair and transparent processing require that the dat...

(61) The information in relation to the processing of personal_data relatin...

(62) However, it is not necessary to impose the obligation to provide infor...

(63) A data subject should have the right of access to personal_data which ...

(64) The controller should use all reasonable measures to verify the identi...

(65) A data subject should have the right to have personal_data concerning ...

(66) To strengthen the right to be forgotten in the online environment, the...

(67) Methods by which to restrict the processing of personal_data could inc...

(68) To further strengthen the control over his or her own data, where the ...

(69) Where personal_data might lawfully be processed because processing is ...

(70) Where personal_data are processed for the purposes of direct marketing...

(71) The data subject should have the right not to be subject to a decision...

(72) Profiling is subject to the rules of this Regulation governing the pro...

(73) Restrictions concerning specific principles and the rights of informat...

(74) The responsibility and liability of the controller for any processing ...

(75) The risk to the rights and freedoms of natural persons, of varying lik...

(76) The likelihood and severity of the risk to the rights and freedoms of ...

(77) Guidance on the implementation of appropriate measures and on the demo...

(78) The protection of the rights and freedoms of natural persons with rega...

(79) The protection of the rights and freedoms of data subjects as well as ...

(80) Where a controller or a processor not established in the Union is proc...

(81) To ensure compliance with the requirements of this Regulation in respe...

(82) In order to demonstrate compliance with this Regulation, the controlle...

(83) In order to maintain security and to prevent processing in infringemen...

(84) In order to enhance compliance with this Regulation where processing o...

(85) A personal_data breach may, if not addressed in an appropriate and tim...

(86) The controller should communicate to the data subject a personal_data ...

(87) It should be ascertained whether all appropriate technological protect...

(88) In setting detailed rules concerning the format and procedures applica...

(89) Directive 95/46/EC provided for a general obligation to notify the pro...

(90) In such cases, a data protection impact assessment should be carried o...

(91) This should in particular apply to large-scale processing operations w...

(92) There are circumstances under which it may be reasonable and economica...

(93) In the context of the adoption of the Member State law on which the pe...

(94) Where a data protection impact assessment indicates that the processin...

(95) The processor should assist the controller, where necessary and upon r...

(96) A consultation of the supervisory_authority should also take place in ...

(97) Where the processing is carried out by a public authority, except for ...

(98) Associations or other bodies representing categories of controllers or...

(99) When drawing up a code of conduct, or when amending or extending such ...

(100) In order to enhance transparency and compliance with this Regulation, ...

(101) Flows of personal_data to and from countries outside the Union and int...

(102) This Regulation is without prejudice to international agreements concl...

(103) The Commission may decide with effect for the entire Union that a thir...

(104) In line with the fundamental values on which the Union is founded, in ...

(105) Apart from the international commitments the third country or internat...

(106) The Commission should monitor the functioning of decisions on the leve...

(107) The Commission may recognise that a third country, a territory or a sp...

(108) In the absence of an adequacy decision, the controller or processor sh...

(109) The possibility for the controller or processor to use standard data-p...

(110) A group_of_undertakings, or a group of enterprises engaged in a joint ...

(111) Provisions should be made for the possibility for transfers in certain...

(112) Those derogations should in particular apply to data transfers require...

(113) Transfers which can be qualified as not repetitive and that only conce...

(114) In any case, where the Commission has taken no decision on the adequat...

(115) Some third countries adopt laws, regulations and other legal acts whic...

(116) When personal_data moves across borders outside the Union it may put a...

(117) The establishment of supervisory authorities in Member States, empower...

(118) The independence of supervisory authorities should not mean that the s...

(119) Where a Member State establishes several supervisory authorities, it s...

(120) Each supervisory_authority should be provided with the financial and h...

(121) The general conditions for the member or members of the supervisory au...

(122) Each supervisory_authority should be competent on the territory of its...

(123) The supervisory authorities should monitor the application of the prov...

(124) Where the processing of personal_data takes place in the context of th...

(125) The lead authority should be competent to adopt binding decisions rega...

(126) The decision should be agreed jointly by the lead supervisory authorit...

(127) Each supervisory_authority not acting as the lead supervisory authorit...

(128) The rules on the lead supervisory_authority and the one-stop-shop mech...

(129) In order to ensure consistent monitoring and enforcement of this Regul...

(130) Where the supervisory_authority with which the complaint has been lodg...

(131) Where another supervisory_authority should act as a lead supervisory a...

(132) Awareness-raising activities by supervisory authorities addressed to t...

(133) The supervisory authorities should assist each other in performing the...

(134) Each supervisory_authority should, where appropriate, participate in j...

(135) In order to ensure the consistent application of this Regulation throu...

(136) In applying the consistency mechanism, the Board should, within a dete...

(137) There may be an urgent need to act in order to protect the rights and ...

(138) The application of such mechanism should be a condition for the lawful...

(139) In order to promote the consistent application of this Regulation, the...

(140) The Board should be assisted by a secretariat provided by the European...

(141) Every data subject should have the right to lodge a complaint with a s...

(142) Where a data subject considers that his or her rights under this Regul...

(143) Any natural or legal person has the right to bring an action for annul...

(144) Where a court seized of proceedings against a decision by a supervisor...

(145) For proceedings against a controller or processor, the plaintiff shoul...

(146) The controller or processor should compensate any damage which a perso...

(147) Where specific rules on jurisdiction are contained in this Regulation,...

(148) In order to strengthen the enforcement of the rules of this Regulation...

(149) Member States should be able to lay down the rules on criminal penalti...

(150) In order to strengthen and harmonise administrative penalties for infr...

(151) The legal systems of Denmark and Estonia do not allow for administrati...

(152) Where this Regulation does not harmonise administrative penalties or w...

(153) Member States law should reconcile the rules governing freedom of expr...

(154) This Regulation allows the principle of public access to official docu...

(155) Member State law or collective agreements, including ‘works agreemen...

(156) The processing of personal_data for archiving purposes in the public i...

(157) By coupling information from registries, researchers can obtain new kn...

(158) Where personal_data are processed for archiving purposes, this Regulat...

(159) Where personal_data are processed for scientific research purposes, th...

(160) Where personal_data are processed for historical research purposes, th...

(161) For the purpose of consenting to the participation in scientific resea...

(162) Where personal_data are processed for statistical purposes, this Regul...

(163) The confidential information which the Union and national statistical ...

(164) As regards the powers of the supervisory authorities to obtain from th...

(165) This Regulation respects and does not prejudice the status under exist...

(166) In order to fulfil the objectives of this Regulation, namely to protec...

(167) In order to ensure uniform conditions for the implementation of this R...

(168) The examination procedure should be used for the adoption of implement...

(169) The Commission should adopt immediately applicable implementing acts w...

(170) Since the objective of this Regulation, namely to ensure an equivalent...

(171) Directive 95/46/EC should be repealed by this Regulation. Processing a...

(172) The European Data Protection Supervisor was consulted in accordance wi...

(173) This Regulation should apply to all matters concerning the protection ...