Chapter GDPR

Question 1

chapter 1

Article 1-4 General Provision

Answer 1

1. subject matters and objectives
2. Material scope
3. Teritorial Scope
4. Definitions

Question 2

chapter 2

Article 5 -11 Principles

Answer 2

5. Principles
6. Lawfulness of processing
7. condition of consent
8. Conditions applicable to child’s consent in relation to information society services
9. Processing of special categories of personal data
10. Processing of personal data relating to criminal convictions and offences (6 1)
11. Processing which does not require identification

Question 3

chapter 3

article 12-23 right of the data subject

Answer 3

12. Transparent information, communication and modalities for the exercise of the rights of the data subject (13/14/15/22/34)
13. Information to be provided where personal data are collected from the data subject
14. Information to be provided where personal data have not been obtained from the data subject
15. Right of access by the data subject
16. Right to rectification
17. Right to erasure (‘right to be forgotten’)
18. Right to restriction of processing
19. Notification obligation regarding rectification or erasure of personal data or restriction of processing
20. Right to data portability
21. Right to object
22. Automated individual decision-making, including profiling
23. Restrictions

Question 4

chapter 4 section 1 (5)

Controller and processor -

article 24-31 general abligation

Answer 4

24. Responsibility of the controller
25. Data protection by design and by default
26. Joint controllers
27. Representatives of controllers or processors not established in the Union
28. Processor
29. Processing under the authority of the controller or processor
30. Records of processing activities
31. Cooperation with the supervisory authority

Question 5

chapter 4 section 2 (5) contoller and processor

Securtiy of personal data
article 32-34

Answer 5

32. Security of processing
33. Notification of a personal data breach to the supervisory authority
34. Communication of a personal data breach to the data subject

Question 6

chapter 4 section 3 (5) contoller and processor

Data protection impact assessment and prior consultation
article 35 - 36

Answer 6

35. Data protection impact assessment para 3 (a-c)
    (Datenschutz-Folgenabschätzung)
    reference to article 9 (processing special categories of personal data) and 10
36. Prior consultation

Question 7

chapter 4 section 4 (5) contoller and processor

Data protection officer
37-39

Answer 7

37. Designation of the data protection officer
38. Position of the data protection officer
39. Tasks of the data protection officer

Question 8

chapter 4 section 5 (5) contoller and processor

Codes of conduct and certification
40-43

Answer 8

40. Codes of conduct
41. Monitoring of approved codes of conduct
42. Certification
43. Certification bodies (article 58)

Question 9

chapter 5
Transfers of personal data to third countries or international organisations
article 44-50

Answer 9

44. General principle for transfers
45. Transfers on the basis of an adequacy decision
46. Transfers subject to appropriate safeguards
47. Binding corporate rules
48. Transfers or disclosures not authorised by Union law
49. Derogations for specific situations
50. International cooperation for the protection of personal data

Question 10

chapter 6 Independent supervisory authorities
article 51-59

section 1 (2)  Independent status
article 51-53

Answer 10

51. Supervisory authority
52. Independence
53. General conditions for the members of the supervisory authority
54. Rules on the establishment of the supervisory authority

Question 11

chapter 6 Independent supervisory authorities
article 55-59

section 2 (2) Competence, tasks and powers

Answer 11

55. Competence
56. Competence of the lead supervisory authority
57. Tasks
58. Powers
59. Activity reports