Resources

GDPR and You (PDF)

GDPR Infographic (PDF)

Full text of the General Data Protection Regulation

Rights of Individuals under the General Data Protection Regulation

Data Protection Act 2018

Data Protection Impact Assessments (DPIA)

Cross-border processing and the one stop shop

Preparing Your Organisation for the GDPR – A Guide for SMEs

Personal Data Security Guidance for Microenterprises under the GDPR

Download your GDPR checklist

Data Protection Officer

Five Steps to Secure Cloud-Based Environments

Guidance for Data Protection Contracts

Limiting Data Subject Rights and the Application of Article 23 of the General Data Protection Regulation

EU Commission Guidance on the GDPR

Protecting Europeans’ personal data in elections factsheet

Commission guidance on the application of Union data protection law in the electoral context

2018 Reform of EU data Protection Rules (overview)

Rules for businesses and organisations

Rights for citizens

Guidance on direct application of the GDPR

Better Data Protection rights for European citizens

It’s Your Data – Take Control

Better rules for European businesses

Successful application of the Data Protection Reform: a concerted effort

Next steps

General Data Protection Regulation: ensuring its enforcement

The GDPR: new opportunities, new obligations

What your company must do

Article 29 Working Party

The A29 Working Party is made up of representatives of European Union Data Protection Authorities.

Article 29 Working Party Guidance on Data Portability

Article 29 Working Party Guidance on Data Protection Officers

Article 29 Working Party Guidance on identifying the Lead Supervisory Authority

Article 29 Work Programme (PDF)

Article 29 Working Party Guidance on Data Protection Impact Assessments (DPIA)

Article 29 Working Party Guidance on Personal Data Breach Notification

Article 29 Working Party Guidance on the Application and Setting of Administrative Fines

Article 29 Working Party Guidance on Automated individual decision-making and Profiling

Article 29 Working Party Guidance on Adequacy Referential

Article 29 Working Party Guidance on Binding Corporate Rules for Controllers

Article 29 Working Party Guidance on Binding Corporate Rules for Processors

Article 29 Working Party Guidance on Consent

Article 29 Working Party Guidance on Transparency

Article 29 Working Party DRAFT Guidance on Article 49 of the regulation (currently open for consultation)

Article 29 Working Party DRAFT Guidance on the accreditation of certification bodies (currently open for consultation)

Article 29 Working Party Position Paper on Article 30(5)

Article 29 Working Party Statement on Encryption

Article 29 Working Party Recommendation on the Approval of Controller Binding Corporate Rules form

Article 29 Working Party Recommendation on the Approval of Processor Binding Corporate Rules form

European Union Data Protection Authorities

Ireland www.dataprotection.ie

European Data Protection Supervisor (regulates EU institutions) www.edps.europa.eu/EDPSweb

Austria www.dsb.gv.at

Belgium www.privacycommission.be

Bulgaria www.cpdp.bg

Croatia www.azop.hr

Cyprus www.dataprotection.gov.cy

Czech Republic www.uoou.cz

Denmark www.datatilsynet.dk

Estonia www.aki.ee

Finland www.tietosuoja.fi

France www.cnil.fr

Germany www.bfdi.bund.de

List of regional data protection authorities in Germany

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Greece www.dpa.gr

Hungary www.naih.hu

Italy www.garanteprivacy.it

Latvia www.dvi.gov.lv

Lithuania www.ada.lt

Luxembourg www.cnpd.lu

Malta www.dataprotection.gov.mt

Netherlands www.autoriteitpersoonsgegevens.nl/nl

Poland www.giodo.gov.pl

Portugal www.cnpd.pt

Romania www.dataprotection.ro

Slovakia www.dataprotection.gov.sk

Slovenia www.ip-rs.si

Spain www.agpd.es

Sweden www.datainspektionen.se

United Kingdom www.ico.org.uk