General Data Protection Regulation (GDPR)
Table of Contents
Chapter I — General provisions
Chapter II — Principles
Art. 5 — Principles relating to processing of personal dataArt. 6 — Lawfulness of processingArt. 7 — Conditions for consentArt. 8 — Conditions applicable to child's consent in relation to information society servicesArt. 9 — Processing of special categories of personal dataArt. 10 — Processing of personal data relating to criminal convictions and offencesArt. 11 — Processing which does not require identification
Chapter III — Rights of the data subject
Art. 12 — Transparent information, communication and modalities for the exercise of the rights of the data subjectArt. 13 — Information to be provided where personal data are collected from the data subjectArt. 14 — Information to be provided where personal data have not been obtained from the data subjectArt. 15 — Right of access by the data subjectArt. 16 — Right to rectificationArt. 17 — Right to erasure (‘right to be forgotten’)Art. 18 — Right to restriction of processingArt. 19 — Notification obligation regarding rectification or erasure of personal data or restriction of processingArt. 20 — Right to data portability
Chapter IV — Section 4
Chapter V — Section 5
Art. 23 — RestrictionsArt. 24 — Responsibility of the controllerArt. 25 — Data protection by design and by defaultArt. 26 — Joint controllersArt. 27 — Representatives of controllers or processors not established in the UnionArt. 28 — ProcessorArt. 29 — Processing under the authority of the controller or processorArt. 30 — Records of processing activitiesArt. 31 — Cooperation with the supervisory authorityArt. 32 — Security of processingArt. 33 — Notification of a personal data breach to the supervisory authorityArt. 34 — Communication of a personal data breach to the data subjectArt. 35 — Data protection impact assessmentArt. 36 — Prior consultationArt. 37 — Designation of the data protection officerArt. 38 — Position of the data protection officerArt. 39 — Tasks of the data protection officerArt. 40 — Codes of conductArt. 41 — Monitoring of approved codes of conductArt. 42 — CertificationArt. 43 — Certification bodiesArt. 44 — General principle for transfersArt. 45 — Transfers on the basis of an adequacy decisionArt. 46 — Transfers subject to appropriate safeguardsArt. 47 — Binding corporate rulesArt. 48 — Transfers or disclosures not authorised by Union lawArt. 49 — Derogations for specific situationsArt. 50 — International cooperation for the protection of personal data
Chapter VI — Independent supervisory authorities
Art. 51 — Supervisory authorityArt. 52 — IndependenceArt. 53 — General conditions for the members of the supervisory authorityArt. 54 — Rules on the establishment of the supervisory authorityArt. 55 — CompetenceArt. 56 — Competence of the lead supervisory authorityArt. 57 — TasksArt. 58 — PowersArt. 59 — Activity reports
Chapter VII — Cooperation and consistency
Art. 60 — Cooperation between the lead supervisory authority and the other supervisory authorities concernedArt. 61 — Mutual assistanceArt. 62 — Joint operations of supervisory authoritiesArt. 63 — Consistency mechanismArt. 64 — Opinion of the BoardArt. 65 — Dispute resolution by the BoardArt. 66 — Urgency procedureArt. 67 — Exchange of informationArt. 68 — European Data Protection BoardArt. 69 — IndependenceArt. 70 — Tasks of the BoardArt. 71 — ReportsArt. 72 — ProcedureArt. 73 — ChairArt. 74 — Tasks of the ChairArt. 75 — SecretariatArt. 76 — Confidentiality
Chapter VIII — Remedies, liability and penalties
Art. 77 — Right to lodge a complaint with a supervisory authorityArt. 78 — Right to an effective judicial remedy against a supervisory authorityArt. 79 — Right to an effective judicial remedy against a controller or processorArt. 80 — Representation of data subjectsArt. 81 — Suspension of proceedingsArt. 82 — Right to compensation and liabilityArt. 83 — General conditions for imposing administrative finesArt. 84 — Penalties
Chapter IX — Provisions relating to specific processing situations
Art. 85 — Processing and freedom of expression and informationArt. 86 — Processing and public access to official documentsArt. 87 — Processing of the national identification numberArt. 88 — Processing in the context of employmentArt. 89 — Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposesArt. 90 — Obligations of secrecyArt. 91 — Existing data protection rules of churches and religious associations
Chapter X — Delegated acts and implementing acts
Chapter XI — Final provisions
Recitals
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173