Privacy GDPR recitals

Privacy GDPR Recital 1
Protection of natural persons
Privacy GDPR Recital 2
Respect fundamental rights and freedoms
Privacy GDPR Recital 3
Harmonise the protection of fundamental rights and freedoms
Privacy GDPR Recital 4
Personal data should be designed to serve mankind
Privacy GDPR Recital 5
Economic and social integration
Privacy GDPR Recital 6
Rapid technological developments and globalisation
Privacy GDPR Recital 7
Strong and more coherent data protection framework
Privacy GDPR Recital 8
Comprehensible national provisions
Privacy GDPR Recital 9
Differences in the level of protection of the rights and freedoms
Privacy GDPR Recital 10
Ensure a consistent and high level of protection of natural persons
Privacy GDPR Recital 11
Effective protection of personal data
Privacy GDPR Recital 12
Article 16(2) TFEU mandates
Privacy GDPR Recital 13
Consistent level of protection for natural persons
Privacy GDPR Recital 14
Protection afforded by this Regulation
Privacy GDPR Recital 15
Technologically neutral
Privacy GDPR Recital 16
National security
Privacy GDPR Recital 17
Processing of personal data by the Union institutions
Privacy GDPR Recital 18
Course of a purely personal or household activity
Privacy GDPR Recital 19
Purposes and criminal offences
Privacy GDPR Recital 20
Processing of personal data by courts and other judicial authorities
Privacy GDPR Recital 21
Liability rules of intermediary service providers
Privacy GDPR Recital 22
Activities of an establishment of a controller in the Union
Privacy GDPR Recital 23
Natural persons are not deprived of the protection
Privacy GDPR Recital 24
Processing of personal data outside the European Union
Privacy GDPR Recital 25
Public international law
Privacy GDPR Recital 26
Principles of data protection
Privacy GDPR Recital 27
Personal data of deceased persons
Privacy GDPR Recital 28
Pseudonymisation
Privacy GDPR Recital 29
Incentives to apply pseudonymisation
Privacy GDPR Recital 30
Online identifiers
Privacy GDPR Recital 31
Public authorities to which personal data are disclosed
Privacy GDPR Recital 32
Consent should given by a clear affirmative act
Privacy GDPR Recital 33
Scientific research purposes
Privacy GDPR Recital 34
Genetic data
Privacy GDPR Recital 35
Personal data concerning health
Privacy GDPR Recital 36
Main establishment of a controller
Privacy GDPR Recital 37
Group of undertakings
Privacy GDPR Recital 38
Effective protection of personal data
Privacy GDPR Recital 39
Children merit specific protection
Privacy GDPR Recital 40
Processing to be lawful
Privacy GDPR Recital 41
Legislative act
Privacy GDPR Recital 42
Demonstration that the data subject has given consent
Privacy GDPR Recital 43
Consent is freely given
Privacy GDPR Recital 44
Processing should be lawful
Privacy GDPR Recital 45
In accordance with a legal obligation
Privacy GDPR Recital 46
For the life of the data subject
Privacy GDPR Recital 47
Legitimate interests of a controller such as direct marketing
Privacy GDPR Recital 48
Part of a group of undertakings or institutions
Privacy GDPR Recital 49
Strictly necessary and proportionate for the purposes
Privacy GDPR Recital 50
For which the personal data were not initially collected
Privacy GDPR Recital 51
Personal data sensitive to fundamental rights and freedom
Privacy GDPR Recital 52
Prohibition on processing special categories of personal data
Privacy GDPR Recital 53
Special categories of personal data meriting higher protection
Privacy GDPR Recital 54
Special categories of personal for reasons of public interest
Privacy GDPR Recital 55
Processing of personal data by official authorities
Privacy GDPR Recital 56
In the course of electoral activities
Privacy GDPR Recital 57
Not permitted to identify a natural person
Privacy GDPR Recital 58
Principle of transparency
Privacy GDPR Recital 59
Modalities for facilitating the exercise of the data subject’s rights
Privacy GDPR Recital 60
Principles of fair and transparent processing
Privacy GDPR Recital 61
Information at the time of collection
Privacy GDPR Recital 62
Data subject already informed about recording or disclosure
Privacy GDPR Recital 63
Right of access to personal at reasonable intervals
Privacy GDPR Recital 64
Reasonable measures to verify the identity of a data subject
Privacy GDPR Recital 65
Right to rectification and right to be forgotten
Privacy GDPR Recital 66
Right to be forgotten in the online environment
Privacy GDPR Recital 67
Methods by which to restrict the processing of personal data
Privacy GDPR Recital 68
Control while processing of personal data by automated means,
Privacy GDPR Recital 69
Protection in case of processing in the public interest
Privacy GDPR Recital 70
Direct marketing processing of personal data
Privacy GDPR Recital 71
Right not to be subject to evaluation of personal aspects
Privacy GDPR Recital 72
Profiling subject to rules of the GDPR
Privacy GDPR Recital 73
Restriction of data subject rights imposed by the European Union
Privacy GDPR Recital 74
Responsibility and Liability of the controller for personal data
Privacy GDPR Recital 75
Risk to the rights and freedoms of natural persons
Privacy GDPR Recital 76
Likelihood and severity of the risk to rights and freedoms
Privacy GDPR Recital 77
Implementation of appropriate measures and accountability
Privacy GDPR Recital 78
Appropriate technical and organisational measures
Privacy GDPR Recital 79
Responsibility and liability of controllers and processors
Privacy GDPR Recital 80
Controller or a processor outside the European Union
Privacy GDPR Recital 81
GDPR compliance by processors providing guarantees
Privacy GDPR Recital 82
Records of processing activities responsibility of controllers
Privacy GDPR Recital 83
Security and prevention of infringing the GDPR
Privacy GDPR Recital 84
High risk to the rights and freedoms of natural persons
Privacy GDPR Recital 85
Data breach damages for the data subject
Privacy GDPR Recital 86
Personal data breach communication to the data subject
Privacy GDPR Recital 87
Appropriate technological protection and organisational measures
Privacy GDPR Recital 88
Rules for notification of personal data breaches
Privacy GDPR Recital 89
Obligation to notify the supervisory authorities
Privacy GDPR Recital 90
Data protection impact assessment of likelihood and severity
Privacy GDPR Recital 91
Large-scale processing operation
Privacy GDPR Recital 92
Subject of a data protection impact assessment
Privacy GDPR Recital 93
Performance of the tasks of the public authority or public body
Privacy GDPR Recital 94
Security measures to mitigate risks to the rights and freedoms
Privacy GDPR Recital 95
Assistance of the processor for the controller DPIA
Privacy GDPR Recital 96
Consultation of the supervisory authority
Privacy GDPR Recital 97
Person with expert knowledge of data protection (DPO)
Privacy GDPR Recital 98
Associations representing categories of controllers or processors
Privacy GDPR Recital 99
Code of Conduct consultations and expression of views
Privacy GDPR Recital 100
Certification mechanisms and data protection seals and marks
Privacy GDPR Recital 101
Flow of personal data to and from countries outside the EU
Privacy GDPR Recital 102
Agreements involving transfer of personal data to third countries
Privacy GDPR Recital 103
Adequate level of data protection offered by third countries
Privacy GDPR Recital 104
Rule of law in adequacy decisions to assess third countries
Privacy GDPR Recital 105
Accession to the Council of Europe Convention of 28 January 1981
Privacy GDPR Recital 106
Monitoring of adequacy decisions of the European Commission
Privacy GDPR Recital 107
Transfer prohibition if third country adequacy does not work
Privacy GDPR Recital 108
Compensation for the lack of data protection in a third country
Privacy GDPR Recital 109
Standard data-protection clauses adopted by the Commission
Privacy GDPR Recital 110
Approved binding corporate rules by group of undertakings
Privacy GDPR Recital 111
Consent for occasional transfer of data
Privacy GDPR Recital 112
Derogations in the public interest and social security
Privacy GDPR Recital 113
Transfers which can be qualified as not repetitive and limited
Privacy GDPR Recital 114
Enforceable and effective rights concerning data processing
Privacy GDPR Recital 115
Transfers only be allowed where the conditions of GDPR are met
Privacy GDPR Recital 116
Exercise of data protection rights for third country processing
Privacy GDPR Recital 117
Essential component of protection is a supervisory authority
Privacy GDPR Recital 118
Monitoring mechanisms of authorities by judicial review
Privacy GDPR Recital 119
Effective participation in case of multiple supervisory authorities
Privacy GDPR Recital 120
Effective performance of supervisory tasks
Privacy GDPR Recital 121
Conditions for the members of the supervisory authority
Privacy GDPR Recital 122
Task performance by the supervisory authority
Privacy GDPR Recital 123
Monitoring of GDPR provision application
Privacy GDPR Recital 124
Activities of main establishment of a controller or a processor
Privacy GDPR Recital 125
Lead authority should be competent to adopt binding decisions
Privacy GDPR Recital 126
Compliance with decision notified by the lead supervisor
Privacy GDPR Recital 127
Competence of the lead supervisory authority
Privacy GDPR Recital 128
One-stop-shop mechanism not for public authorities
Privacy GDPR Recital 129
Ensuring consistent GDPR monitoring and enforcement
Privacy GDPR Recital 130
Complaint not lodged with the lead supervisory authority
Privacy GDPR Recital 131
Amicable settlement with the controller and supervisor
Privacy GDPR Recital 132
Awareness-raising activities by supervisory authorities
Privacy GDPR Recital 133
Task performance by supervisors and mutual assistance
Privacy GDPR Recital 134
Participation in joint operations with other supervisors
Privacy GDPR Recital 135
Consistency mechanism for cooperation between supervisors
Privacy GDPR Recital 136
Opinion by the European Data Protection Board
Privacy GDPR Recital 137
Urgent need to act to protect rights and freedoms
Privacy GDPR Recital 138
Lawfulness of a measure by a supervisory authority
Privacy GDPR Recital 139
Promotion of consistent application of the GDPR
Privacy GDPR Recital 140
Secretariat assistance for the Board provided by the EDPS
Privacy GDPR Recital 141
Right to lodge a complaint with a single supervisory authority
Privacy GDPR Recital 142
Rights infringement and mandate to a not-for-profit body
Privacy GDPR Recital 143
Right to bring an action for annulment of decisions of the Board
Privacy GDPR Recital 144
Confirmation of the existence of other related proceedings
Privacy GDPR Recital 145
Courts action where the controller has an establishment
Privacy GDPR Recital 146
Compensate for any damage which a person may suffer
Privacy GDPR Recital 147
Compensation legal remedies general jurisdiction
Privacy GDPR Recital 148
Enforcement rules of the GDPR including penalties
Privacy GDPR Recital 149
Rules on criminal penalties for infringements of the GDPR
Privacy GDPR Recital 150
Harmonisation of GDPR administrative penalties
Privacy GDPR Recital 151
Legal systems of Denmark and Estonia and GDPR fines
Privacy GDPR Recital 152
System for effective, proportionate and dissuasive penalties
Privacy GDPR Recital 153
Reconciliation with freedom of expression and information
Privacy GDPR Recital 154
Principle of public access to official documents
Privacy GDPR Recital 155
Processing of employees’ personal data in employment context
Privacy GDPR Recital 156
Purposes of archiving, public interest and scientific research
Privacy GDPR Recital 157
Information to obtain new knowledge of medical conditions
Privacy GDPR Recital 158
Regulation does not apply to deceased persons
Privacy GDPR Recital 159
Personal data for achieving a European Research Area
Privacy GDPR Recital 160
Processing data for historical research purposes
Privacy GDPR Recital 161
Consent for participation in scientific research clinical trials
Privacy GDPR Recital 162
Processing personal data for statistical purposes
Privacy GDPR Recital 163
Processing for official European or national statistics
Privacy GDPR Recital 164
Access to premises for data controller of data processor
Privacy GDPR Recital 165
Consisting constitutional law of churches and religious groups
Privacy GDPR Recital 166
Protection to ensure free movement of personal data
Privacy GDPR Recital 167
Implementing powers should be conferred on the Commission
Privacy GDPR Recital 168
Examination procedure for the adoption of implementing acts
Privacy GDPR Recital 169
Implementing acts for immediate application
Privacy GDPR Recital 170
Assuring an equivalent level of protection of natural persons
Privacy GDPR Recital 171
Conformity of Directive 95/46/EC with the GDPR
Privacy GDPR Recital 172
Consultation with the European Data Protection Supervisor
Privacy GDPR Recital 173
Protection of fundamental rights and other EU legislation

author avatar
Privacy Professor

Professor mr drs Romeo F. Kadir MA MSc LLM LLM (Adv) EMBA EMoC

At present Romeo Kadir serves as the President of the Global Association of Data Protection Professionals Europe (GADPPRO). GADPPRO is a thought leader self-regulatory association of data protection professionals based in the European Union, active around the globe and the first European Association of data protection professionals open for members outside the EU. Please visit www.gadppro.org for more information.

First appointed Data Protection Officer (DPO) ever in the Netherlands (European Union) at a semi-public entity. Seasoned European Privacy and Data Protection Expert (22+ years of practical experience in EU Privacy and Data Protection Law, Business Management, Compliance and Ethics).

Studied European and International Law, Political Sciences and Business Administration. Romeo Kadir is EIPACC EADPP Professor European Privacy & Data Protection Law at Universitas Padjadjaran UNpad (Indonesia) and Honorary Visiting Research Fellow with O.P. Jindal Global University (New Delhi), Senior Associate Fellow with Vidhi Centre for Legal Policy (New Delhi), Lecturer Science Honours Academy and Lecturer at the International Molengraaff Institute, Utrecht University (UU, Netherlands). In 2010 he was founder of the first European Data Protection Academy focusing on privacy-only executive education.

Present Occupations in European Data Protection Law

Member of the International Bar Association (IBA)
Member of the International Board of Experts with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
Member of the International Strategic Board with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
Member of the Swiss-Chinese Law Association (SCLA)

Former Occupations in European Data Protection Law

President European Institute for Privacy, Audit, Compliance & Certification (EIPACC)
Co-Founder/Vice-President European Association for Data Protection Professionals (EADPP)
Chair EADPP Certification Committee Data Protection Professionals,
Chair EADPP Academic Board
Chair EADPP Expert Committee on Cybersecurity
Chair EADPP Expert Committee on Artificial Intelligence (AI)
President Supervisory Board of the Dutch Privacy Complaints Office (NPKI)
Rapporteur to UN Monitoring Commission Human Rights on behalf of the Dutch Privacy Foundation (SPN)

Publications

'Handbook DPO - A Practical Guide', Privacy Publishing Group (2017)
Editor-in-Chief of ‘Data Protection Dictionary’, authored, edited and coordinated ‘Handbook for the Data Protection Officer – A practical Guide’, ‘The Ultimate GDPR Business Guide – Six Volumes’ and other relevant books in the field of privacy and data protection (www.dataprotectionbooks.com)

www.romeokadir.eu

You may also like

Children Safety Encryption www.privacad.com
Apple’s New Step to Protect Child Abuse via Encryption Feature
20 August, 2021
DNA Technology and Privacy www.privacad.com
DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
19 August, 2021
www.privacad.com
India accuses Twitter of not complying with new IT rules
18 August, 2021