GDPR Articles

Question 1

Article 1

Answer 1

Subject-matter and objectives

Question 2

Article 2

Answer 2

Material Scope

Question 3

Article 3

Answer 3

Territorial Scope

Question 4

Article 4

Answer 4

Definitions

Question 5

Article 5

Answer 5

Principles relating to processing of personal data

Question 6

Article 6

Answer 6

Lawfulness of processing

Question 7

Article 7

Answer 7

Conditions for consent

Question 8

Article 8

Answer 8

Conditions applicable to child’s consent in relation to information society services

Question 9

Article 9

Answer 9

Processing of special categories of personal data

Question 10

Article 10

Answer 10

Processing of personal data related to criminal convictions

Question 11

Article 11

Answer 11

Processing which does not require identification

Question 12

Article 12

Answer 12

Transparent information, communication and modalities for the exercise of rights of the data subject

Question 13

Article 13

Answer 13

Information to be provided where personal data are collected from the data subject

Question 14

Article 14

Answer 14

Information to be provided where personal data have not been obtained by the data subject

Question 15

Article 15

Answer 15

Right of access by the data subject

Question 16

Article 16

Answer 16

Right to rectification

Question 17

Article 17

Answer 17

Right of erasure (right to be forgotten)

Question 18

Article 18

Answer 18

Right to restriction of processing

Question 19

Article 19

Answer 19

Notification Obligation regarding rectification or erasure of personal data or restriction of processing

Question 20

Article 20

Answer 20

Right to data portability

Question 21

Article 21

Answer 21

Right to object

Question 22

Article 22

Answer 22

Automated individual decision-making, including profiling

Question 23

Article 23

Answer 23

Restrictions

Question 24

Article 24

Answer 24

Responsibility of the controller

Question 25

Article 25

Answer 25

Data protection by design and default

Question 26

Article 26

Answer 26

Joint controllers

Question 27

Article 27

Answer 27

Representatives of controllers or processors not established in the Union

Question 28

Article 28

Answer 28

Processor

Question 29

Article 29

Answer 29

Processing under the authority of the controller or processor

Question 30

Article 30

Answer 30

Records of processing activities

Question 31

Article 31

Answer 31

Cooperation with the supervisory authority

Question 32

Article 32

Answer 32

Security of processing

Question 33

Article 33

Answer 33

Notification of personal data breach to the supervisory authority

Question 34

Article 34

Answer 34

Communication of a personal data breach to the data subject

Question 35

Article 35

Answer 35

Data protection impact assessment

Question 36

Article 36

Answer 36

Prior Consultation

Question 37

Article 37

Answer 37

Designation of the data protection officer

Question 38

Article 38

Answer 38

Position of the data protection officer

Question 39

Article 39

Answer 39

Tasks of the data protection officer

Question 40

Article 40

Answer 40

Codes of conduct

Question 41

Article 41

Answer 41

Monitoring approved codes of conduct

Question 42

Article 42

Answer 42

Certification

Question 43

Article 43

Answer 43

Certification bodies

Question 44

Article 44

Answer 44

General principles for transfer

Question 45

Article 45

Answer 45

Transfers on the basis of an adequacy decision

Question 46

Article 46

Answer 46

Transfers subject to appropriate safeguards

Question 47

Article 47

Answer 47

Binding corporate rules

Question 48

Article 48

Answer 48

Transfers of disclosures not authorized by Union law

Question 49

Article 49

Answer 49

Derogations for specific situations

Question 50

Article 50

Answer 50

International cooperation for the protection of personal data

Question 51

Article 51

Answer 51

Supervisory authority

Question 52

Article 52

Answer 52

Tasks

Question 53

Article 58

Answer 53

Powers

Question 54

Article 59

Answer 54

Activity reports

Question 55

Article 53

Answer 55

General conditions for the members of the supervisory authority

Question 56

Article 54

Answer 56

Rules on the establishment of the supervisory authority

Question 57

Article 55

Answer 57

Competence

Question 58

Article 56

Answer 58

Competence of the lead supervisory authority

Question 59

Article 57

Answer 59

Tasks

Question 60

Article 60

Answer 60

Cooperation between the lead supervisory authority and the other supervisory authorities concerned

Question 61

Article 61

Answer 61

Mutual Assistance

Question 62

Article 62

Answer 62

Joint operations of supervisory authorities

Question 63

Article 63

Answer 63

Consistency mechanism

Question 64

Article 64

Answer 64

Opinion of the Board

Question 65

Article 65

Answer 65

Disputed resolution by the Board of

Question 66

Article 66

Answer 66

Urgency procedure

Question 67

Article 67

Answer 67

Exchange of information

Question 68

Article 68

Answer 68

European Data Protection Board

Question 69

Article 69

Answer 69

Independence

Question 70

Article 70

Answer 70

Tasks of the Board

Question 71

Article 71

Answer 71

Reports

Question 72

Article 72

Answer 72

Procedure

Question 73

Article 73

Answer 73

Chair

Question 74

Article 74

Answer 74

Tasks of the chair

Question 75

Article 75

Answer 75

Secretariat

Question 76

Article 76

Answer 76

Confidentiality

Question 77

Article 77

Answer 77

Right to lodge a complaint with the supervisory authority

Question 78

Article 78

Answer 78

Right to an effective judicial remedy against a supervisory authority

Question 79

Article 79

Answer 79

Right to an effective judicial remedy against a controller or processor

Question 80

Article 80

Answer 80

Representation of data subjects

Question 81

Article 81

Answer 81

Suspension of procedings

Question 82

Article 82

Answer 82

Right to compensation and liability

Question 83

Article 83

Answer 83

General conditions for imposing administrative fines

Question 84

Article 84

Answer 84

Penalties

Question 85

Article 85

Answer 85

Processing and freedom of expression and information

Question 86

Article 86

Answer 86

Processing and public access to official documents

Question 87

Article 87

Answer 87

Processing of the national identification number

Question 88

Article 88

Answer 88

Processing in the context of employment

Question 89

Article 89

Answer 89

Safeguards and derogations relating to the processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes

Question 90

Article 90

Answer 90

Obligations of secrecy

Question 91

Article 91

Answer 91

Existing data protection rules of churches and religious associations

Question 92

Article 92

Answer 92

Exercise of the delegation

Question 93

Article 93

Answer 93

Committee procedure

Question 94

Article 94

Answer 94

Repeal of Directive 95/46/EC

Question 95

Article 95

Answer 95

Relationship with Directive 2002/58/EC - ePrivacy Directive

Question 96

Article 96

Answer 96

Relationship with previously concluded Agreements

Question 97

Article 97

Answer 97

Commission reports

Question 98

Article 98

Answer 98

Review of other Union legal acts on data protection

Question 99

Article 99

Answer 99

Entry into force and application

Question 100

Recital 26

Answer 100

How to determine if a natural person is identifiable - there must be a reasonable likelihood

Question 101

Recital 30

Answer 101

Information that constitutes an online identifier such as IP address, cookie, or radio frequency identification (RFID) may be used to create a person’s profile and identify them, demonstrating the breadth of content considered personal data

Question 102

Recital 15

Answer 102

Clarifies that GDPR is intended to be technologically neutral

Question 103

Recital 27

Answer 103

GDPR does not apply to the personal data of deceased persons which may be protected through the SCCs although member states may provide for rules in this area

Question 104

Recital 22

Answer 104

The term establishment is not defined in GDPR but it implies that the effective and real exercise of activity through a stable arrangement - even a minimal one - in the context of which that processing is carried out

Question 105

Recital 60

Answer 105

Data subject should be provided any information to ensure fair and transparent processing, taking into account the specific circumstances and context in which personal data are processed

Question 106

Recital 67

Answer 106

The types of methods that can be used to restrict processing include temporarily moving the selected data to another processing system, making the selected personal data unavailable to users or temporarily removing published data from a website