# Instrument Metadata # Output tuned for LLM consumption -- deterministic parse of the # EUR-Lex source, no LLM involved in generation. instrument_id: gdpr celex: "32016R0679" eli: "http://data.europa.eu/eli/reg/2016/679/oj" full_title: General Data Protection Regulation short_title: GDPR instrument_type: regulation document_type: regulation normative_weight: binding jurisdiction: EU effective_period: from: "2016-05-24" to: null dates: adopted: "2016-04-27" entered_into_force: "2016-05-24" status: in_force structure_levels: - title - chapter - article total_articles: 99 total_recitals: 173 definitions_article: 4 chunk_strategy: by_chapter chunks: - /gdpr/chunks/recitals.md - /gdpr/chunks/gdpr_t01_general_provisions.md - /gdpr/chunks/gdpr_t02_principles.md - /gdpr/chunks/gdpr_t03_ch01_transparency_and_modalities.md - /gdpr/chunks/gdpr_t03_ch02_information_and_access_to_personal_data.md - /gdpr/chunks/gdpr_t03_ch03_rectification_and_erasure.md - /gdpr/chunks/gdpr_t03_ch04_right_to_object_and_automated_individual.md - /gdpr/chunks/gdpr_t03_ch05_restrictions.md - /gdpr/chunks/gdpr_t04_ch01_general_obligations.md - /gdpr/chunks/gdpr_t04_ch02_security_of_personal_data.md - /gdpr/chunks/gdpr_t04_ch03_data_protection_impact_assessment_and_pr.md - /gdpr/chunks/gdpr_t04_ch04_data_protection_officer.md - /gdpr/chunks/gdpr_t04_ch05_codes_of_conduct_and_certification.md - /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md - /gdpr/chunks/gdpr_t06_ch01_independent_status.md - /gdpr/chunks/gdpr_t06_ch02_competence_tasks_and_powers.md - /gdpr/chunks/gdpr_t07_ch01_cooperation.md - /gdpr/chunks/gdpr_t07_ch02_consistency.md - /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md - /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md - /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md - /gdpr/chunks/gdpr_t10_delegated_acts_and_implementing_acts.md - /gdpr/chunks/gdpr_t11_final_provisions.md generated_at: "2026-05-01T17:48:41.517Z" articles: - article_number: 1 article_title: Subject-matter and objectives chunk_file: /gdpr/chunks/gdpr_t01_general_provisions.md path: "Title 1 > Article 1" applies_to_entities: [] topics: - data_protection keywords: - data - personal data - processing contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 2 article_title: Material scope chunk_file: /gdpr/chunks/gdpr_t01_general_provisions.md path: "Title 1 > Article 2" applies_to_entities: - member_states - competent_authorities topics: - data_protection - liability keywords: - liability - POS - security - data - system - personal data - processing - filing system contains: obligations: true prohibitions: false permissions: false definitions: true penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 98 - target: Article 12 - target: Article 13 - target: Article 14 - target: Article 15 external_references: [] recitals: - 13 - article_number: 3 article_title: Territorial scope chunk_file: /gdpr/chunks/gdpr_t01_general_provisions.md path: "Title 1 > Article 3" applies_to_entities: [] topics: - data_protection keywords: - data - personal data - processing - controller - processor contains: obligations: false prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 4 article_title: Definitions chunk_file: /gdpr/chunks/gdpr_t01_general_provisions.md path: "Title 1 > Article 4" applies_to_entities: - member_states - competent_authorities topics: - data_protection - authorisation - enforcement keywords: - liability - transfer - SEPA - POS - biometric - security - data - access - consent - third party - cross-border - system - ITS - personal data - processing - restriction of processing - profiling - pseudonymisation - filing system - controller contains: obligations: true prohibitions: true permissions: true definitions: true penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 27 - target: Article 51 - target: Article 1 paragraph: "1" external_references: [] recitals: [] - article_number: 5 article_title: Principles relating to processing of personal data chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 5" applies_to_entities: [] topics: - data_protection - authorisation - liability keywords: - POS - security - data - ITS - personal data - processing - controller contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 89 paragraph: "1" external_references: [] recitals: - 170 - article_number: 6 article_title: Lawfulness of processing chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 6" applies_to_entities: - member_states topics: - data_protection keywords: - POS - data - consent - third party - personal data - processing - pseudonymisation - controller contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 23 paragraph: "1" - target: Article 9 - target: Article 10 external_references: [] recitals: [] - article_number: 7 article_title: Conditions for consent chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 7" applies_to_entities: [] topics: - data_protection - enforcement keywords: - data - access - consent - ITS - personal data - processing - controller contains: obligations: true prohibitions: true permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 8 article_title: "Conditions applicable to child's consent in relation to information society services" chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 8" applies_to_entities: - member_states topics: - data_protection - authorisation keywords: - POS - data - consent - RTS - personal data - processing - controller - information society service contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" external_references: [] recitals: - 1 - article_number: 9 article_title: Processing of special categories of personal data chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 9" applies_to_entities: - member_states topics: - data_protection - authorisation keywords: - POS - ATM - biometric - security - data - consent - cross-border - system - RTS - ITS - personal data - processing - controller - genetic data - biometric data - data concerning health contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 89 paragraph: "1" external_references: [] recitals: [] - article_number: 10 article_title: Processing of personal data relating to criminal convictions and offences chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 10" applies_to_entities: [] topics: - data_protection - authorisation - security keywords: - security - data - personal data - processing contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" external_references: [] recitals: [] - article_number: 11 article_title: Processing which does not require identification chunk_file: /gdpr/chunks/gdpr_t02_principles.md path: "Title 2 > Article 11" applies_to_entities: [] topics: - data_protection keywords: - POS - data - personal data - processing - controller contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 15 - target: Article 16 - target: Article 17 - target: Article 18 - target: Article 19 - target: Article 20 external_references: [] recitals: - 153 - article_number: 12 article_title: "Transparent information, communication and modalities for the exercise of the rights of the data subject" chunk_file: /gdpr/chunks/gdpr_t03_ch01_transparency_and_modalities.md path: "Title 3 > Chapter 1 > Article 12" applies_to_entities: - competent_authorities topics: - data_protection - transparency - information_requirements keywords: - POS - data - access - processing - controller - supervisory authority contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: true implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 13 - target: Article 14 - target: Article 15 - target: Article 16 - target: Article 17 - target: Article 18 - target: Article 19 - target: Article 20 - target: Article 21 - target: Article 22 - target: Article 11 paragraph: "2" - target: Article 11 - target: Article 92 external_references: [] recitals: [] - article_number: 13 article_title: Information to be provided where personal data are collected from the data subject chunk_file: /gdpr/chunks/gdpr_t03_ch02_information_and_access_to_personal_data.md path: "Title 3 > Chapter 2 > Article 13" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - data_access - payment_systems - information_requirements keywords: - transfer - POS - data - access - consent - third party - ITS - personal data - processing - restriction of processing - profiling - controller - recipient - representative - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: false definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" - target: Article 46 - target: Article 49 paragraph: "1" - target: Article 9 paragraph: "2" - target: Article 22 paragraph: "1" - target: Article 22 paragraph: "4" external_references: [] recitals: [] - article_number: 14 article_title: Information to be provided where personal data have not been obtained from the data subject chunk_file: /gdpr/chunks/gdpr_t03_ch02_information_and_access_to_personal_data.md path: "Title 3 > Chapter 2 > Article 14" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - data_access - payment_systems - information_requirements keywords: - transfer - POS - data - access - consent - third party - ITS - personal data - processing - restriction of processing - profiling - controller - recipient - representative - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: false definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 46 - target: Article 49 paragraph: "1" - target: Article 6 paragraph: "1" - target: Article 9 paragraph: "2" - target: Article 22 paragraph: "1" - target: Article 22 paragraph: "4" - target: Article 89 paragraph: "1" external_references: [] recitals: [] - article_number: 15 article_title: Right of access by the data subject chunk_file: /gdpr/chunks/gdpr_t03_ch02_information_and_access_to_personal_data.md path: "Title 3 > Chapter 2 > Article 15" applies_to_entities: - competent_authorities topics: - data_protection - data_access - payment_systems keywords: - transfer - POS - data - access - personal data - processing - restriction of processing - profiling - controller - recipient - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 22 paragraph: "1" - target: Article 22 paragraph: "4" - target: Article 46 external_references: [] recitals: [] - article_number: 16 article_title: Right to rectification chunk_file: /gdpr/chunks/gdpr_t03_ch03_rectification_and_erasure.md path: "Title 3 > Chapter 3 > Article 16" applies_to_entities: [] topics: - data_protection keywords: - POS - data - personal data - processing - controller contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: - 1 - 12 - article_number: 17 article_title: Right to erasure (‘right to be forgotten’) chunk_file: /gdpr/chunks/gdpr_t03_ch03_rectification_and_erasure.md path: "Title 3 > Chapter 3 > Article 17" applies_to_entities: [] topics: - data_protection keywords: - POS - data - consent - personal data - processing - controller - information society service contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" - target: Article 9 paragraph: "2" - target: Article 21 paragraph: "1" - target: Article 21 paragraph: "2" - target: Article 8 paragraph: "1" - target: Article 9 paragraph: "3" - target: Article 89 paragraph: "1" external_references: [] recitals: - 165 - article_number: 18 article_title: Right to restriction of processing chunk_file: /gdpr/chunks/gdpr_t03_ch03_rectification_and_erasure.md path: "Title 3 > Chapter 3 > Article 18" applies_to_entities: [] topics: - data_protection keywords: - POS - data - consent - personal data - processing - restriction of processing - controller contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 21 paragraph: "1" external_references: [] recitals: [] - article_number: 19 article_title: Notification obligation regarding rectification or erasure of personal data or restriction of processing chunk_file: /gdpr/chunks/gdpr_t03_ch03_rectification_and_erasure.md path: "Title 3 > Chapter 3 > Article 19" applies_to_entities: [] topics: - data_protection keywords: - POS - data - notification - personal data - processing - restriction of processing - controller - recipient contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 16 - target: Article 17 paragraph: "1" - target: Article 18 external_references: [] recitals: [] - article_number: 20 article_title: Right to data portability chunk_file: /gdpr/chunks/gdpr_t03_ch03_rectification_and_erasure.md path: "Title 3 > Chapter 3 > Article 20" applies_to_entities: [] topics: - data_protection keywords: - data - consent - personal data - processing - controller contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" - target: Article 9 paragraph: "2" - target: Article 17 external_references: [] recitals: [] - article_number: 21 article_title: Right to object chunk_file: /gdpr/chunks/gdpr_t03_ch04_right_to_object_and_automated_individual.md path: "Title 3 > Chapter 4 > Article 21" applies_to_entities: [] topics: - data_protection keywords: - SEPA - POS - data - personal data - processing - profiling - controller - information society service contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" - target: Article 89 paragraph: "1" external_references: - instrument_type: directive reference: "2002/58/EC" recitals: [] - article_number: 22 article_title: "Automated individual decision-making, including profiling" chunk_file: /gdpr/chunks/gdpr_t03_ch04_right_to_object_and_automated_individual.md path: "Title 3 > Chapter 4 > Article 22" applies_to_entities: [] topics: - data_protection - authorisation keywords: - data - consent - personal data - processing - profiling - controller contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 9 paragraph: "1" - target: Article 9 paragraph: "2" external_references: [] recitals: [] - article_number: 23 article_title: Restrictions chunk_file: /gdpr/chunks/gdpr_t03_ch05_restrictions.md path: "Title 3 > Chapter 5 > Article 23" applies_to_entities: [] topics: - data_protection keywords: - transfer - POS - security - data - access - ITS - personal data - processing - controller - processor contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 12 - target: Article 13 - target: Article 14 - target: Article 15 - target: Article 16 - target: Article 17 - target: Article 18 - target: Article 19 - target: Article 20 - target: Article 21 - target: Article 22 - target: Article 34 - target: Article 5 external_references: [] recitals: [] - article_number: 24 article_title: Responsibility of the controller chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 24" applies_to_entities: [] topics: - data_protection keywords: - POS - data - processing - controller contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 40 - target: Article 42 external_references: [] recitals: [] - article_number: 25 article_title: Data protection by design and by default chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 25" applies_to_entities: [] topics: - data_protection keywords: - POS - data - access - ITS - personal data - processing - pseudonymisation - controller contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 42 external_references: [] recitals: - 106 - article_number: 26 article_title: Joint controllers chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 26" applies_to_entities: [] topics: - data_protection keywords: - POS - data - processing - controller contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 13 - target: Article 14 external_references: [] recitals: - 106 - article_number: 27 article_title: Representatives of controllers or processors not established in the Union chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 27" applies_to_entities: - member_states - competent_authorities topics: - data_protection keywords: - SCA - POS - data - personal data - processing - controller - processor - representative contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 3 paragraph: "2" - target: Article 9 paragraph: "1" - target: Article 10 external_references: [] recitals: [] - article_number: 28 article_title: Processor chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 28" applies_to_entities: - member_states - competent_authorities topics: - data_protection - authorisation - liability - committee_procedure keywords: - authorisation - transfer - POS - data - ITS - personal data - processing - controller - processor - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 32 - target: Article 33 - target: Article 34 - target: Article 35 - target: Article 36 - target: Article 40 - target: Article 42 - target: Article 43 - target: Article 93 paragraph: "2" - target: Article 63 - target: Article 82 - target: Article 83 - target: Article 84 external_references: [] recitals: - 172 - article_number: 29 article_title: Processing under the authority of the controller or processor chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 29" applies_to_entities: [] topics: - data_protection keywords: - data - access - personal data - processing - controller - processor contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 30 article_title: Records of processing activities chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 30" applies_to_entities: - competent_authorities topics: - data_protection - security keywords: - transfer - POS - security - data - ITS - personal data - processing - controller - processor - recipient - representative - enterprise - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 49 paragraph: "1" - target: Article 32 paragraph: "1" - target: Article 9 paragraph: "1" - target: Article 10 external_references: [] recitals: [] - article_number: 31 article_title: Cooperation with the supervisory authority chunk_file: /gdpr/chunks/gdpr_t04_ch01_general_obligations.md path: "Title 4 > Chapter 1 > Article 31" applies_to_entities: - competent_authorities topics: - data_protection keywords: - ITS - controller - processor - representative - supervisory authority contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 32 article_title: Security of processing chunk_file: /gdpr/chunks/gdpr_t04_ch02_security_of_personal_data.md path: "Title 4 > Chapter 2 > Article 32" applies_to_entities: - member_states topics: - data_protection - security - authorisation keywords: - POS - security - data - access - system - personal data - processing - pseudonymisation - controller - processor contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 40 - target: Article 42 external_references: [] recitals: [] - article_number: 33 article_title: Notification of a personal data breach to the supervisory authority chunk_file: /gdpr/chunks/gdpr_t04_ch02_security_of_personal_data.md path: "Title 4 > Chapter 2 > Article 33" applies_to_entities: - competent_authorities topics: - data_protection - security keywords: - POS - data - ITS - notification - personal data - controller - processor - personal data breach - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 55 external_references: [] recitals: [] - article_number: 34 article_title: Communication of a personal data breach to the data subject chunk_file: /gdpr/chunks/gdpr_t04_ch02_security_of_personal_data.md path: "Title 4 > Chapter 2 > Article 34" applies_to_entities: - competent_authorities topics: - data_protection - security - authorisation keywords: - data - access - personal data - controller - personal data breach - supervisory authority contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 33 paragraph: "3" external_references: [] recitals: [] - article_number: 35 article_title: Data protection impact assessment chunk_file: /gdpr/chunks/gdpr_t04_ch03_data_protection_impact_assessment_and_pr.md path: "Title 4 > Chapter 3 > Article 35" applies_to_entities: - competent_authorities topics: - data_protection - consumer_protection - security keywords: - SCA - POS - security - data - access - system - personal data - processing - profiling - controller - processor - representative - supervisory authority contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 9 paragraph: "1" - target: Article 10 - target: Article 68 - target: Article 63 - target: Article 40 - target: Article 6 paragraph: "1" external_references: [] recitals: [] - article_number: 36 article_title: Prior consultation chunk_file: /gdpr/chunks/gdpr_t04_ch03_data_protection_impact_assessment_and_pr.md path: "Title 4 > Chapter 3 > Article 36" applies_to_entities: - member_states - competent_authorities topics: - data_protection - consumer_protection - authorisation keywords: - authorisation - POS - data - ITS - processing - controller - processor - group of undertakings - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 35 - target: Article 58 external_references: [] recitals: [] - article_number: 37 article_title: Designation of the data protection officer chunk_file: /gdpr/chunks/gdpr_t04_ch04_data_protection_officer.md path: "Title 4 > Chapter 4 > Article 37" applies_to_entities: - member_states - competent_authorities topics: - data_protection - consumer_protection keywords: - SCA - POS - data - access - system - RTS - personal data - processing - controller - processor - group of undertakings - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 9 - target: Article 10 - target: Article 39 external_references: [] recitals: [] - article_number: 38 article_title: Position of the data protection officer chunk_file: /gdpr/chunks/gdpr_t04_ch04_data_protection_officer.md path: "Title 4 > Chapter 4 > Article 38" applies_to_entities: [] topics: - data_protection - consumer_protection keywords: - POS - data - access - personal data - processing - controller - processor contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 39 external_references: [] recitals: [] - article_number: 39 article_title: Tasks of the data protection officer chunk_file: /gdpr/chunks/gdpr_t04_ch04_data_protection_officer.md path: "Title 4 > Chapter 4 > Article 39" applies_to_entities: - member_states - competent_authorities topics: - data_protection - consumer_protection keywords: - POS - data - ITS - personal data - processing - controller - processor - supervisory authority contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 35 - target: Article 36 external_references: [] recitals: [] - article_number: 40 article_title: Codes of conduct chunk_file: /gdpr/chunks/gdpr_t04_ch05_codes_of_conduct_and_certification.md path: "Title 4 > Chapter 5 > Article 40" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection - committee_procedure - implementing_acts keywords: - transfer - POS - security - data - consent - ITS - notification - personal data - processing - pseudonymisation - controller - processor - personal data breach - enterprise - supervisory authority - international organisation contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: true rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 24 - target: Article 25 - target: Article 32 - target: Article 77 - target: Article 79 - target: Article 3 - target: Article 46 paragraph: "2" - target: Article 41 paragraph: "1" - target: Article 55 - target: Article 63 - target: Article 93 paragraph: "2" external_references: [] recitals: [] - article_number: 41 article_title: Monitoring of approved codes of conduct chunk_file: /gdpr/chunks/gdpr_t04_ch05_codes_of_conduct_and_certification.md path: "Title 4 > Chapter 5 > Article 41" applies_to_entities: - competent_authorities topics: - data_protection - enforcement keywords: - POS - data - ITS - processing - controller - processor - supervisory authority contains: obligations: true prohibitions: true permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 57 - target: Article 58 - target: Article 40 - target: Article 63 external_references: [] recitals: [] - article_number: 42 article_title: Certification chunk_file: /gdpr/chunks/gdpr_t04_ch05_codes_of_conduct_and_certification.md path: "Title 4 > Chapter 5 > Article 42" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection keywords: - transfer - POS - data - access - ITS - personal data - processing - controller - processor - enterprise - supervisory authority - international organisation contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 3 - target: Article 46 paragraph: "2" - target: Article 55 - target: Article 43 - target: Article 58 paragraph: "3" - target: Article 63 external_references: [] recitals: [] - article_number: 43 article_title: Certification bodies chunk_file: /gdpr/chunks/gdpr_t04_ch05_codes_of_conduct_and_certification.md path: "Title 4 > Chapter 5 > Article 43" applies_to_entities: - member_states - competent_authorities topics: - data_protection - enforcement - committee_procedure - implementing_acts keywords: - POS - data - access - ITS - controller - processor - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: true implementing_powers: true rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 57 - target: Article 58 - target: Article 58 paragraph: "2" - target: Article 55 - target: Article 42 paragraph: "5" - target: Article 63 - target: Article 92 - target: Article 42 paragraph: "1" - target: Article 93 paragraph: "2" external_references: [] recitals: [] - article_number: 44 article_title: General principle for transfers chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 44" applies_to_entities: [] topics: - data_protection keywords: - transfer - data - personal data - processing - controller - processor - international organisation contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 45 article_title: Transfers on the basis of an adequacy decision chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 45" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - authorisation - security - committee_procedure - implementing_acts keywords: - authorisation - transfer - security - data - access - system - ITS - personal data - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: true rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 93 paragraph: "2" - target: Article 93 paragraph: "3" - target: Article 46 - target: Article 47 - target: Article 48 - target: Article 49 external_references: - instrument_type: directive reference: "95/46/EC" recitals: [] - article_number: 46 article_title: Transfers subject to appropriate safeguards chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 46" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection - authorisation - committee_procedure keywords: - authorisation - transfer - data - personal data - controller - processor - recipient - binding corporate rules - supervisory authority - international organisation contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 45 paragraph: "3" - target: Article 47 - target: Article 93 paragraph: "2" - target: Article 40 - target: Article 42 - target: Article 63 external_references: - instrument_type: directive reference: "95/46/EC" - instrument_type: directive reference: "95/46/EC" recitals: [] - article_number: 47 article_title: Binding corporate rules chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 47" applies_to_entities: - member_states - competent_authorities topics: - data_protection - liability - committee_procedure - implementing_acts keywords: - liability - transfer - POS - security - data - access - RTS - ITS - reporting - personal data - processing - profiling - controller - processor - enterprise - group of undertakings - binding corporate rules - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: true rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 63 - target: Article 22 - target: Article 79 - target: Article 13 - target: Article 14 - target: Article 37 - target: Article 93 paragraph: "2" external_references: [] recitals: - 141 - article_number: 48 article_title: Transfers or disclosures not authorised by Union law chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 48" applies_to_entities: [] topics: - data_protection - authorisation keywords: - transfer - data - personal data - controller - processor contains: obligations: false prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 49 article_title: Derogations for specific situations chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 49" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection keywords: - transfer - POS - data - consent - ITS - personal data - controller - processor - recipient - binding corporate rules - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 45 paragraph: "3" - target: Article 46 - target: Article 45 - target: Article 13 - target: Article 14 - target: Article 30 external_references: [] recitals: [] - article_number: 50 article_title: International cooperation for the protection of personal data chunk_file: /gdpr/chunks/gdpr_t05_transfers_of_personal_data_to_third_coun.md path: "Title 5 > Article 50" applies_to_entities: - competent_authorities - european_commission topics: - data_protection keywords: - data - notification - personal data - international organisation contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 51 article_title: Supervisory authority chunk_file: /gdpr/chunks/gdpr_t06_ch01_independent_status.md path: "Title 6 > Chapter 1 > Article 51" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection keywords: - POS - data - ITS - personal data - processing - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 63 external_references: [] recitals: [] - article_number: 52 article_title: Independence chunk_file: /gdpr/chunks/gdpr_t06_ch01_independent_status.md path: "Title 6 > Chapter 1 > Article 52" applies_to_entities: - member_states - competent_authorities topics: - data_protection keywords: - SEPA - ITS - supervisory authority - supervisory authority concerned contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 53 article_title: General conditions for the members of the supervisory authority chunk_file: /gdpr/chunks/gdpr_t06_ch01_independent_status.md path: "Title 6 > Chapter 1 > Article 53" applies_to_entities: - member_states - competent_authorities topics: - data_protection keywords: - data - ITS - personal data - supervisory authority contains: obligations: true prohibitions: false permissions: false definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 54 article_title: Rules on the establishment of the supervisory authority chunk_file: /gdpr/chunks/gdpr_t06_ch01_independent_status.md path: "Title 6 > Chapter 1 > Article 54" applies_to_entities: - member_states - competent_authorities topics: - data_protection - enforcement keywords: - ITS - reporting - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 55 article_title: Competence chunk_file: /gdpr/chunks/gdpr_t06_ch02_competence_tasks_and_powers.md path: "Title 6 > Chapter 2 > Article 55" applies_to_entities: - member_states - competent_authorities topics: - data_protection keywords: - RTS - ITS - processing - supervisory authority contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 6 paragraph: "1" - target: Article 56 external_references: [] recitals: [] - article_number: 56 article_title: Competence of the lead supervisory authority chunk_file: /gdpr/chunks/gdpr_t06_ch02_competence_tasks_and_powers.md path: "Title 6 > Chapter 2 > Article 56" applies_to_entities: - member_states - competent_authorities topics: - data_protection - enforcement keywords: - POS - data - cross-border - ITS - processing - controller - processor - supervisory authority - cross-border processing contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 55 - target: Article 60 - target: Article 60 paragraph: "3" - target: Article 61 - target: Article 62 external_references: [] recitals: [] - article_number: 57 article_title: Tasks chunk_file: /gdpr/chunks/gdpr_t06_ch02_competence_tasks_and_powers.md path: "Title 6 > Chapter 2 > Article 57" applies_to_entities: - member_states - competent_authorities topics: - data_protection - authorisation - enforcement keywords: - data - ITS - personal data - processing - controller - processor - binding corporate rules - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 80 - target: Article 28 paragraph: "8" - target: Article 46 paragraph: "2" - target: Article 35 paragraph: "4" - target: Article 36 paragraph: "2" - target: Article 40 paragraph: "1" - target: Article 40 paragraph: "5" - target: Article 42 paragraph: "1" - target: Article 42 paragraph: "5" - target: Article 42 paragraph: "7" - target: Article 41 - target: Article 43 - target: Article 46 paragraph: "3" - target: Article 47 - target: Article 58 paragraph: "2" external_references: [] recitals: [] - article_number: 58 article_title: Powers chunk_file: /gdpr/chunks/gdpr_t06_ch02_competence_tasks_and_powers.md path: "Title 6 > Chapter 2 > Article 58" applies_to_entities: - member_states - competent_authorities topics: - data_protection - authorisation - enforcement keywords: - authorisation - POS - data - access - ITS - notification - personal data - processing - restriction of processing - controller - processor - recipient - personal data breach - representative - binding corporate rules - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: true definitions: true penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 42 paragraph: "7" - target: Article 16 - target: Article 17 - target: Article 18 - target: Article 17 paragraph: "2" - target: Article 19 - target: Article 42 - target: Article 43 - target: Article 83 - target: Article 36 - target: Article 36 paragraph: "5" - target: Article 40 paragraph: "5" - target: Article 42 paragraph: "5" - target: Article 28 paragraph: "8" - target: Article 46 paragraph: "2" - target: Article 46 paragraph: "3" - target: Article 47 external_references: [] recitals: [] - article_number: 59 article_title: Activity reports chunk_file: /gdpr/chunks/gdpr_t06_ch02_competence_tasks_and_powers.md path: "Title 6 > Chapter 2 > Article 59" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - enforcement keywords: - RTS - ITS - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 58 paragraph: "2" external_references: [] recitals: [] - article_number: 60 article_title: Cooperation between the lead supervisory authority and the other supervisory authorities concerned chunk_file: /gdpr/chunks/gdpr_t07_ch01_cooperation.md path: "Title 7 > Chapter 1 > Article 60" applies_to_entities: - member_states - competent_authorities topics: - data_protection keywords: - SEPA - data - RTS - ITS - processing - controller - processor - supervisory authority - supervisory authority concerned - relevant and reasoned objection contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 61 - target: Article 62 - target: Article 63 - target: Article 66 external_references: [] recitals: [] - article_number: 61 article_title: Mutual assistance chunk_file: /gdpr/chunks/gdpr_t07_ch01_cooperation.md path: "Title 7 > Chapter 1 > Article 61" applies_to_entities: - member_states - competent_authorities topics: - data_protection - committee_procedure - implementing_acts keywords: - authorisation - POS - ITS - supervisory authority contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: true rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 55 paragraph: "1" - target: Article 66 paragraph: "1" - target: Article 66 paragraph: "2" - target: Article 93 paragraph: "2" external_references: [] recitals: [] - article_number: 62 article_title: Joint operations of supervisory authorities chunk_file: /gdpr/chunks/gdpr_t07_ch01_cooperation.md path: "Title 7 > Chapter 1 > Article 62" applies_to_entities: - member_states - competent_authorities topics: - data_protection - authorisation - liability - refunds keywords: - liability - authorisation - data - ITS - processing - controller - processor - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 56 paragraph: "1" - target: Article 55 - target: Article 66 paragraph: "1" - target: Article 66 paragraph: "2" external_references: [] recitals: [] - article_number: 63 article_title: Consistency mechanism chunk_file: /gdpr/chunks/gdpr_t07_ch02_consistency.md path: "Title 7 > Chapter 2 > Article 63" applies_to_entities: - competent_authorities - european_commission topics: - data_protection keywords: [] contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 64 article_title: Opinion of the Board chunk_file: /gdpr/chunks/gdpr_t07_ch02_consistency.md path: "Title 7 > Chapter 2 > Article 64" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - authorisation keywords: - data - ITS - processing - binding corporate rules - supervisory authority - supervisory authority concerned contains: obligations: true prohibitions: true permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 35 paragraph: "4" - target: Article 40 paragraph: "7" - target: Article 41 paragraph: "3" - target: Article 43 paragraph: "3" - target: Article 46 paragraph: "2" - target: Article 28 paragraph: "8" - target: Article 46 paragraph: "3" - target: Article 47 - target: Article 61 - target: Article 62 - target: Article 65 paragraph: "1" external_references: [] recitals: [] - article_number: 65 article_title: Dispute resolution by the Board chunk_file: /gdpr/chunks/gdpr_t07_ch02_consistency.md path: "Title 7 > Chapter 2 > Article 65" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - enforcement keywords: - data - ITS - controller - processor - supervisory authority - supervisory authority concerned - relevant and reasoned objection contains: obligations: true prohibitions: true permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 60 paragraph: "4" - target: Article 64 paragraph: "1" - target: Article 64 - target: Article 60 paragraph: "7" - target: Article 60 paragraph: "8" - target: Article 60 paragraph: "9" external_references: [] recitals: [] - article_number: 66 article_title: Urgency procedure chunk_file: /gdpr/chunks/gdpr_t07_ch02_consistency.md path: "Title 7 > Chapter 2 > Article 66" applies_to_entities: - competent_authorities - european_commission topics: - data_protection keywords: - data - ITS - supervisory authority - supervisory authority concerned contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 63 - target: Article 64 - target: Article 65 - target: Article 60 - target: Article 64 paragraph: "3" - target: Article 65 paragraph: "2" external_references: [] recitals: [] - article_number: 67 article_title: Exchange of information chunk_file: /gdpr/chunks/gdpr_t07_ch02_consistency.md path: "Title 7 > Chapter 2 > Article 67" applies_to_entities: - competent_authorities topics: - data_protection - committee_procedure - implementing_acts keywords: [] contains: obligations: true prohibitions: false permissions: true definitions: true penalties: false delegated_powers: false implementing_powers: true rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 64 - target: Article 93 paragraph: "2" external_references: [] recitals: [] - article_number: 68 article_title: European Data Protection Board chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 68" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection - consumer_protection keywords: - POS - data - ITS - representative - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 65 external_references: [] recitals: [] - article_number: 69 article_title: Independence chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 69" applies_to_entities: - european_commission topics: - data_protection - consumer_protection keywords: - ITS contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 70 - target: Article 71 - target: Article 70 paragraph: "1" - target: Article 70 paragraph: "2" external_references: [] recitals: [] - article_number: 70 article_title: Tasks of the Board chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 70" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - consumer_protection - enforcement keywords: - transfer - POS - data - access - RTS - ITS - guidelines - reporting - personal data - profiling - controller - processor - personal data breach - binding corporate rules - international organisation contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 64 - target: Article 65 - target: Article 17 paragraph: "2" - target: Article 22 paragraph: "2" - target: Article 33 paragraph: "1" - target: Article 33 paragraph: "2" - target: Article 34 paragraph: "1" - target: Article 47 - target: Article 49 paragraph: "1" - target: Article 58 paragraph: "1" - target: Article 58 paragraph: "2" - target: Article 58 paragraph: "3" - target: Article 83 - target: Article 54 paragraph: "2" - target: Article 40 - target: Article 42 - target: Article 43 - target: Article 43 paragraph: "6" - target: Article 42 paragraph: "7" - target: Article 43 paragraph: "3" - target: Article 43 paragraph: "8" - target: Article 12 paragraph: "7" - target: Article 64 paragraph: "1" - target: Article 64 paragraph: "2" - target: Article 66 - target: Article 40 paragraph: "9" - target: Article 93 - target: Article 76 external_references: [] recitals: [] - article_number: 71 article_title: Reports chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 71" applies_to_entities: - european_commission topics: - data_protection - consumer_protection keywords: - RTS - guidelines - processing - international organisation contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 70 paragraph: "1" - target: Article 65 external_references: [] recitals: [] - article_number: 72 article_title: Procedure chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 72" applies_to_entities: [] topics: - data_protection - consumer_protection keywords: - ITS contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 73 article_title: Chair chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 73" applies_to_entities: [] topics: - data_protection - consumer_protection keywords: - ITS contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 74 article_title: Tasks of the Chair chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 74" applies_to_entities: - competent_authorities topics: - data_protection - consumer_protection keywords: - ITS - supervisory authority contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 65 - target: Article 63 external_references: [] recitals: [] - article_number: 75 article_title: Secretariat chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 75" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - consumer_protection keywords: - SEPA - data - settlement - ITS - reporting contains: obligations: true prohibitions: false permissions: false definitions: true penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 76 article_title: Confidentiality chunk_file: /gdpr/chunks/gdpr_t07_ch03_european_data_protection_board.md path: "Title 7 > Chapter 3 > Article 76" applies_to_entities: [] topics: - data_protection - consumer_protection keywords: - access - RTS - ITS - representative contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 77 article_title: Right to lodge a complaint with a supervisory authority chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 77" applies_to_entities: - member_states - competent_authorities topics: - data_protection - liability - enforcement - sanctions keywords: - POS - data - personal data - processing - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 78 external_references: [] recitals: [] - article_number: 78 article_title: Right to an effective judicial remedy against a supervisory authority chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 78" applies_to_entities: - competent_authorities topics: - data_protection - liability - enforcement - sanctions keywords: - data - RTS - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 55 - target: Article 56 - target: Article 77 external_references: [] recitals: [] - article_number: 79 article_title: Right to an effective judicial remedy against a controller or processor chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 79" applies_to_entities: - competent_authorities topics: - data_protection - liability - enforcement - sanctions keywords: - data - RTS - ITS - personal data - processing - controller - processor - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 77 external_references: [] recitals: [] - article_number: 80 article_title: Representation of data subjects chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 80" applies_to_entities: - member_states - competent_authorities topics: - data_protection - liability - enforcement - sanctions keywords: - data - personal data - processing - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 77 - target: Article 78 - target: Article 79 - target: Article 82 external_references: [] recitals: [] - article_number: 81 article_title: Suspension of proceedings chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 81" applies_to_entities: - member_states topics: - data_protection - liability - enforcement - sanctions - consolidation keywords: - ITS - processing - controller - processor contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 82 article_title: Right to compensation and liability chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 82" applies_to_entities: - member_states topics: - data_protection - liability - enforcement - sanctions keywords: - liability - data - RTS - processing - controller - processor contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 79 paragraph: "2" external_references: [] recitals: [] - article_number: 83 article_title: General conditions for imposing administrative fines chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 83" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection - liability - enforcement - sanctions keywords: - transfer - POS - data - access - consent - system - RTS - ITS - personal data - processing - controller - processor - recipient - supervisory authority - international organisation contains: obligations: true prohibitions: true permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 58 paragraph: "2" - target: Article 25 - target: Article 32 - target: Article 40 - target: Article 42 - target: Article 8 - target: Article 11 - target: Article 26 - target: Article 27 - target: Article 28 - target: Article 29 - target: Article 30 - target: Article 31 - target: Article 33 - target: Article 34 - target: Article 35 - target: Article 36 - target: Article 37 - target: Article 38 - target: Article 39 - target: Article 43 - target: Article 41 paragraph: "4" - target: Article 5 - target: Article 6 - target: Article 7 - target: Article 9 - target: Article 12 - target: Article 13 - target: Article 14 - target: Article 15 - target: Article 16 - target: Article 17 - target: Article 18 - target: Article 19 - target: Article 20 - target: Article 21 - target: Article 22 - target: Article 44 - target: Article 45 - target: Article 46 - target: Article 47 - target: Article 48 - target: Article 49 - target: Article 58 paragraph: "1" external_references: [] recitals: [] - article_number: 84 article_title: Penalties chunk_file: /gdpr/chunks/gdpr_t08_remedies_liability_and_penalties.md path: "Title 8 > Article 84" applies_to_entities: - member_states - european_commission topics: - data_protection - liability - enforcement - sanctions keywords: - ITS contains: obligations: true prohibitions: false permissions: true definitions: false penalties: true delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 83 external_references: [] recitals: [] - article_number: 85 article_title: Processing and freedom of expression and information chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 85" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection keywords: - transfer - POS - data - ITS - personal data - processing - controller - processor - international organisation contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 86 article_title: Processing and public access to official documents chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 86" applies_to_entities: - member_states topics: - data_protection keywords: - data - access - personal data - processing contains: obligations: false prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 87 article_title: Processing of the national identification number chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 87" applies_to_entities: - member_states topics: - data_protection keywords: - data - processing contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 88 article_title: Processing in the context of employment chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 88" applies_to_entities: - member_states - european_commission topics: - data_protection keywords: - transfer - POS - data - system - ITS - personal data - processing - enterprise - group of undertakings contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 89 article_title: "Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes" chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 89" applies_to_entities: - member_states topics: - data_protection keywords: - POS - data - ITS - personal data - processing - pseudonymisation contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 15 - target: Article 16 - target: Article 18 - target: Article 21 - target: Article 19 - target: Article 20 external_references: [] recitals: [] - article_number: 90 article_title: Obligations of secrecy chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 90" applies_to_entities: - member_states - competent_authorities - european_commission topics: - data_protection keywords: - data - personal data - controller - processor contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 58 paragraph: "1" external_references: [] recitals: [] - article_number: 91 article_title: Existing data protection rules of churches and religious associations chunk_file: /gdpr/chunks/gdpr_t09_provisions_relating_to_specific_processi.md path: "Title 9 > Article 91" applies_to_entities: - member_states - competent_authorities topics: - data_protection keywords: - supervision - data - processing - supervisory authority contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: true internal_references: [] external_references: [] recitals: [] - article_number: 92 article_title: Exercise of the delegation chunk_file: /gdpr/chunks/gdpr_t10_delegated_acts_and_implementing_acts.md path: "Title 10 > Article 92" applies_to_entities: - european_commission topics: - data_protection - delegated_acts keywords: - ITS - notification contains: obligations: true prohibitions: true permissions: true definitions: false penalties: false delegated_powers: true implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 12 paragraph: "8" - target: Article 43 paragraph: "8" external_references: [] recitals: [] - article_number: 93 article_title: Committee procedure chunk_file: /gdpr/chunks/gdpr_t10_delegated_acts_and_implementing_acts.md path: "Title 10 > Article 93" applies_to_entities: [] topics: - data_protection - delegated_acts - committee_procedure keywords: [] contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 5 external_references: [] recitals: [] - article_number: 94 article_title: Repeal of Directive 95/46/EC chunk_file: /gdpr/chunks/gdpr_t11_final_provisions.md path: "Title 11 > Article 94" applies_to_entities: [] topics: - data_protection - final_provisions keywords: - data - personal data - processing contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: - instrument_type: directive reference: "95/46/EC" - instrument_type: directive reference: "95/46/EC" recitals: [] - article_number: 95 article_title: Relationship with Directive 2002/58/EC chunk_file: /gdpr/chunks/gdpr_t11_final_provisions.md path: "Title 11 > Article 95" applies_to_entities: [] topics: - data_protection - final_provisions keywords: - POS - network - processing contains: obligations: true prohibitions: true permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: - instrument_type: directive reference: "2002/58/EC" recitals: [] - article_number: 96 article_title: Relationship with previously concluded Agreements chunk_file: /gdpr/chunks/gdpr_t11_final_provisions.md path: "Title 11 > Article 96" applies_to_entities: - member_states topics: - data_protection - final_provisions keywords: - transfer - data - personal data - international organisation contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 97 article_title: Commission reports chunk_file: /gdpr/chunks/gdpr_t11_final_provisions.md path: "Title 11 > Article 97" applies_to_entities: - competent_authorities - european_commission topics: - data_protection - final_provisions keywords: - transfer - POS - data - RTS - personal data - international organisation contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: - target: Article 45 paragraph: "3" external_references: - instrument_type: directive reference: "95/46/EC" recitals: [] - article_number: 98 article_title: Review of other Union legal acts on data protection chunk_file: /gdpr/chunks/gdpr_t11_final_provisions.md path: "Title 11 > Article 98" applies_to_entities: [] topics: - data_protection - final_provisions keywords: - POS - data - personal data - processing contains: obligations: true prohibitions: false permissions: false definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: false internal_references: [] external_references: [] recitals: [] - article_number: 99 article_title: Entry into force and application chunk_file: /gdpr/chunks/gdpr_t11_final_provisions.md path: "Title 11 > Article 99" applies_to_entities: [] topics: - data_protection - final_provisions keywords: - ITS contains: obligations: true prohibitions: false permissions: true definitions: false penalties: false delegated_powers: false implementing_powers: false rts_mandate: false its_mandate: false transitional: true internal_references: [] external_references: [] recitals: []