GDPR Map
Recitals
Blog
Contact
Chapter 1 (Art. 1 – 4)
General provisions
Art. 1 – Subject-matter and objectives
Art. 2 – Material Scope
Art. 3 – Territorial scope
Art. 4 – Definitions
Chapter 2 (Art. 5 – 11)
Principles
Art. 5 – Principles relating to processing of personal data
Art. 6 – Lawfulness of processing
Art. 7 – Conditions for consent
Art. 8 – Conditions applicable to child's consent in relation to information society services
Art. 9 – Processing of special categories of personal data
Art. 10 – Processing of personal data relating to criminal convictions and offences
Art. 11 – Processing which does not require identification
Chapter 3 (Art. 12 – 23)
Rights of the data subject
Art. 12 – Transparent information, communication and modalities for the exercise of the rights of the data subject
Art. 13 – Information to be provided where personal data are collected from the data subject
Art. 14 – Information to be provided where personal data have not been obtained from the data subject
Art. 15 – Right of access by the data subject
Art. 16 – Right to rectification
Art. 17 – Right to erasure (‘right to be forgotten’)
Art. 18 – Right to restriction of processing
Art. 19 – Notification obligation regarding rectification or erasure of personal data or restriction of processing
Art. 20 – Right to data portability
Art. 21 – Right to object
Art. 22 – Automated individual decision-making, including profiling
Art. 23 – Restrictions
Chapter 4 (Art. 24 – 43)
Controller and processor
Art. 24 – Responsibility of the controller
Art. 25 – Data protection by design and by default
Art. 26 – Joint controllers
Art. 27 – Representatives of controllers or processors not established in the Union
Art. 28 – Processor
Art. 29 – Processing under the authority of the controller or processor
Art. 30 – Records of processing activities
Art. 31 – Cooperation with the supervisory authority
Art. 32 – Security of processing
Art. 33 – Notification of a personal data breach to the supervisory authority
Art. 34 – Communication of a personal data breach to the data subject
Art. 35 – Data protection impact assessment
Art. 36 – Prior consultation
Art. 37 – Designation of the data protection officer
Art. 38 – Position of the data protection officer
Art. 39 – Tasks of the data protection officer
Art. 40 – Codes of conduct
Art. 41 – Monitoring of approved codes of conduct
Art. 42 – Certification
Art. 43 – Certification bodies
Chapter 5 (Art. 44 – 50)
Transfers of personal data to third countries or international organisations
Art. 44 – General principle for transfers
Art. 45 – Transfers on the basis of an adequacy decision
Art. 46 – Transfers subject to appropriate safeguards
Art. 47 – Binding corporate rules
Art. 48 – Transfers or disclosures not authorised by Union law
Art. 49 – Derogations for specific situations
Art. 50 – International cooperation for the protection of personal data
Chapter 6 (Art. 51 – 59)
Independent supervisory authorities
Art. 51 – Supervisory authority
Art. 52 – Independence
Art. 53 – General conditions for the members of the supervisory authority
Art. 54 – Rules on the establishment of the supervisory authority
Art. 55 – Competence
Art. 56 – Competence of the lead supervisory authority
Art. 57 – Tasks
Art. 58 – Powers
Art. 59 – Activity reports
Chapter 7 (Art. 60 – 76)
Cooperation and consistency
Art. 60 – Cooperation between the lead supervisory authority and the other supervisory authorities concerned
Art. 61 – Mutual assistance
Art. 62 – Joint operations of supervisory authorities
Art. 63 – Consistency mechanism
Art. 64 – Opinion of the Board
Art. 65 – Dispute resolution by the Board
Art. 66 – Urgency procedure
Art. 67 – Exchange of information
Art. 68 – European Data Protection Board
Art. 69 – Independence
Art. 70 – Tasks of the Board
Art. 71 – Reports
Art. 72 – Procedure
Art. 73 – Chair
Art. 74 – Tasks of the Chair
Art. 75 – Secretariat
Art. 76 – Confidentiality
Chapter 8 (Art. 77 – 84)
Remedies, liability and penalties
Art. 77 – Right to lodge a complaint with a supervisory authority
Art. 78 – Right to an effective judicial remedy against a supervisory authority
Art. 79 – Right to an effective judicial remedy against a controller or processor
Art. 80 – Representation of data subjects
Art. 81 – Suspension of proceedings
Art. 82 – Right to compensation and liability
Art. 83 – General conditions for imposing administrative fines
Art. 84 – Penalties
Chapter 9 (Art. 85 – 91)
Provisions relating to specific processing situations
Art. 85 – Processing and freedom of expression and information
Art. 86 – Processing and public access to official documents
Art. 87 – Processing of the national identification number
Art. 88 – Processing in the context of employment
Art. 89 – Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
Art. 90 – Obligations of secrecy
Art. 91 – Existing data protection rules of churches and religious associations
Chapter 10 (Art. 92 – 93)
Delegated acts and implementing acts
Art. 92 – Exercise of the delegation
Art. 93 – Committee procedure
Chapter 11 (Art. 94 – 99)
Final provisions
Art. 94 – Repeal of Directive 95/46/EC
Art. 95 – Relationship with Directive 2002/58/EC
Art. 96 – Relationship with previously concluded Agreements
Art. 97 – Commission reports
Art. 98 – Review of other Union legal acts on data protection
Art. 99 – Entry into force and application
Recital 172 - Consultation of the European Data Protection Supervisor
The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 and delivered an opinion on 7 March 2012.
← Recital 171
Recital 173 →