Privacy Data Protection Guidelines by the European Data Protection Board EDPB
EDPB GDPR Guidelines, Recommendations, Best Practices
- Guidelines 03/2020 on the processing of data concerning health for the purpose of scientific research in the context of the COVID-19 outbreak
- Guidelines 2/2020 on articles 46 (2) (a) and 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies – version for public consultation
- Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications – version for public consultation
- Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR (part 1) – version adopted after public consultation
- Guidelines 4/2019 on Article 25 Data Protection by Design and by Default – version for public consultation
- Guidelines 3/2019 on processing of personal data through video devices – Adopted after public consultation
- Recommendation 01/2019 on the draft list of the European Data Protection Supervisor regarding the processing operations subject to the requirement of a data protection impact assessment (Article 39.4 of Regulation (EU) 2018/1725)
- Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects – version adopted after public consultation
- Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679 – version adopted after public consultation
- Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679) – version adopted after public consultation
- Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) – version adopted after public consultation
- Guidelines 2/2018 on derogations of Article 49 under Regulation 2016/679
- Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the Regulation – version adopted after public consultation
Endorsement of GDPR WP29 Documents
During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines:
- Guidelines on consent under Regulation 2016/679, WP259 rev.01
Superseded by Guidelines 05/2020 on consent under Regulation 2016/679 - Guidelines on transparency under Regulation 2016/679, WP260 rev.01
- Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679, WP251rev.01
- Guidelines on Personal data breach notification under Regulation 2016/679, WP250 rev.01
- Guidelines on the right to data portability under Regulation 2016/679, WP242 rev.01
- Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679, WP248 rev.01
- Guidelines on Data Protection Officers (‘DPO’), WP243 rev.01
- Guidelines for identifying a controller or processor’s lead supervisory authority, WP244 rev.01
- Position Paper on the derogations from the obligation to maintain records of processing activities pursuant to Article 30(5) GDPR
- Working Document Setting Forth a Co-Operation Procedure for the approval of “Binding Corporate Rules” for controllers and processors under the GDPR, WP 263 rev.01
- Recommendation on the Standard Application for Approval of Controller Binding Corporate Rules for the Transfer of Personal Data, WP 264
- Recommendation on the Standard Application form for Approval of Processor Binding Corporate Rules for the Transfer of Personal Data, WP 265
- Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules, WP 256 rev.01
- Working Document setting up a table with the elements and principles to be found in Processor Binding Corporate Rules, WP 257 rev.01
- Adequacy Referential, WP 254 rev.01
- Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679, WP 253
PRIVACY
PRIVACY
PRIVACY