The data protection impact assessment (DPIA) I (Preparation of DPIA) The GDPR contains rules on when controllers are required to prepare a data protection impact assessment (DPIA), when they have to seek the views of data subjects or their representatives on the intended processing and,…

The data breach III (Documentation of data breaches) The GDPR defines the notion of data breach and contains rules on when it is mandatory for controllers to report a data breach to the competent supervisory authority and when they are obliged to communicate data breaches to the data subjects.…

The data breach II (Communication of data breach to data subjects) The GDPR defines the notion of data breach and contains rules on when it is mandatory for controllers to report a data breach to the competent supervisory authority and when they are obliged to communicate such breaches to the data…

The data breach I (Notifying the supervisory authority of the data breach) The GDPR defines the notion of data breach and contains rules on when it is mandatory for controllers to report a data breach to the competent supervisory authority and when they are obliged to communicate such breaches to…

The data protection officer (DPO) The GDPR contains rules on when it is mandatory for controllers and processors to designate a data protection officer. The Article 29 Data Protection Working Party (WP29) issued guidelines on the data protection officers (DPOs) on 13 December 2016, which were then…

Dear Reader, First of all, thank you for reading my post! This means that you are interested in hearing about the EU's General Data Protection Regulation (GDPR). My name is Zoltán Balázs Kovács and I am a Hungarian lawyer with a strong focus on data protection law. Since the passing of the GDPR,…