|
- Legal framework of EU data protection - European Commission
The General Data Protection Regulation (GDPR) Regulation (EU) 2016 679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data This text includes the corrigendum published in the OJEU of 23 May 2018 The adoption of the GDPR was an essential step to strengthen individuals' fundamental rights in the digital age and facilitate
- Data protection - European Commission
Find out more about the rules for the protection of personal data inside and outside the EU, including the GDPR
- Data protection explained - European Commission
Read about key concepts such as personal data, data processing, who the GDPR applies to, the principles of the GDPR, the rights of individuals, and more
- Data protection adequacy for non-EU countries
On 4 March 2024, the Commission hosted the first ever high-level meeting on safe data flows, gathering responsible Ministers and heads of the data protection authorities of 15 countries and territories for which the EU has adopted an adequacy decision as well as the Chair of the European Data Protection Board Participants discussed ways to leverage this network of like-minded partners to
- Principles of the GDPR - European Commission
Principles of the GDPR For how long can data be kept and is it necessary to update it? Rules on the length of time personal data can be stored and whether it needs to be updated under the EU’s data protection rules
- Standard Contractual Clauses (SCC) - European Commission
Read about EU Standard Contractual Clauses under the GDPR that are used for data transfers from controllers or processors from the EU to third countries
- Publications on the General Data Protection Regulation (GDPR)
Access reports, communications and other publications on the GDPR
- Who the General Data Protection Law applies to
The GDPR applies to: a company or entity which processes personal data as part of the activities of one of its branches established in the EU, regardless of where the data is processed; or a company established outside the EU and is offering goods services (paid or for free) or is monitoring the behaviour of individuals in the EU If your company is a small and medium-sized enterprise ('SME
|
|
|