Rina Steenkamp - Privacy and technology

My annotated General Data Protection Regulation

[Recitals]

Whereas:

[Subject matter and objectives]

[Recitals 1-12: see Article 1] [More information]

[Material scope]

[Recitals 13-18: see Article 2] [More information]

[Territorial scope]

[Recitals 19-22: see Article 3] [More information]

[Definitions]

[Recitals 23-28: see Article 4] [More information]

[Processing of personal data of a child]

[Recital 29: see Article 8] [More information]

[Principles relating to personal data processing]

[Recital 30: see Article 5] [More information]

[Conditions for consent]

[Recitals 31-34: see Article 7] [More information]

[Lawfulness of processing]

[Recitals 35-40: see Article 6] [More information]

[Special categories of data]

[Recitals 41-44: see Article 9] [More information]

[Processing not allowing identification]

[Recital 45: see Article 10] [More information]

[Transparent information and communication]

[Recital 46: see Article 11] [More information]

[Procedures and mechanisms for exercising the rights of the data subject]

[Recital 47: see Article 12] [More information]

[Information to the data subject]

[Recitals 48-50: see Article 14] [More information]

[Right to access and to obtain data for the data subject]

[Recitals 51-52: see Article 15] [More information]

[Right to erasure]

[Recitals 53-54: see Article 17] [More information]

[Right to rectification]

[Recital 54a: see Article 16] [More information]

[Right to data portability - Deleted]

[Recital 55: see Article 18] [More information]

[Right to object]

[Recitals 56-57: see Article 19] [More information]

[Profiling]

[Recitals 58-58a: see Article 20] [More information]

[Restrictions]

[Recital 59: see Article 21] [More information]

[Responsibility and accountability of the controller]

[Recital 60: see Article 22] [More information]

[Data protection by design and by default]

[Recital 61: see Article 23] [More information]

[Joint controllers]

[Recital 62: see Article 24] [More information]

[Representatives of controllers not established in the Union]

[Recitals 63-64: see Article 25] [More information]

[Documentation]

[Recital 65: see Article 28] [More information]

[Security of processing]

[Recital 66: see Article 30] [More information]

[Data breach notifications]

[Recitals 67-69: see Articles 31 and 32] [More information]

[Data protection impact assessment]

[Recitals 70-73: see Article 33] [More information]

[Prior consultation]

[Recital 74: see Article 34] [More information]

[Data protection compliance review]

[Recital 74a: see Article 33a] [More information]

[Designation of the data protection officer]

[Recitals 75-75a: see Article 35] [More information]

[Codes of conduct]

[Recital 76: see Article 38] [More information]

[Certification]

[Recital 77: see Article 39] [More information]

[General principles for transfers]

[Recitals 78-79: see Article 40] [More information]

[Transfers with an adequacy decision]

[Recitals 80-82: see Article 41] [More information]

[Transfers by way of appropriate safeguards]

[Recitals 83-84: see Article 42] [More information]

[Transfers by way of binding corporate rules]

[Recital 85: see Article 43] [More information]

[Derogations]

[Recitals 86-89: see Article 44] [More information]

[Transfers or disclosures not authorised by Union law]

[Recital 90: see Article 43a] [More information]

[International co-operation for the protection of personal data]

[Recital 91: see Article 45] [More information]

[Supervisory authority]

[Recitals 92-93: see Article 46] [More information]

[Independence]

[Recital 94: see Article 47] [More information]

[General conditions for the supervisory authority]

[Recital 95: see Article 48] [More information]

[Competence]

[Recital 96: see Article 51] [More information]

[Lead authority]

[Recitals 97-98a: see Article 54a] [More information]

[Competence]

[Recital 99: see Article 51] [More information]

[Duties and powers]

[Recital 100: see Articles 52 and 53] [More information]

[Duties]

[Recitals 101-102: see Article 52] [More information]

[Mutual assistence]

[Recital 103: see Article 55] [More information]

[Joint operations of supervisory authorities]

[Recital 104: see Article 56] [More information]

[Consistency mechanism]

[Recital 105: see Article 57] [More information]

[Consistency in matters of general application]

[Recital 106: see Article 58] [More information]

[Consistency in individual cases]

[Recital 106a: see Article 58a] [More information]

[Opinion by the Commission - Deleted]

[Recital 107: see Article 59] [More information]

[Urgency procedure]

[Recital 108: see Article 61] [More information]

[Enforcement]

[Recital 109: see Article 63] [More information]

[European Data Protection Board]

[Recital 110: see Article 64] [More information]

[Right to lodge a complaint with a supervisory authority]

[Recitals 111-112: see Article 73] [More information]

[Right to a judicial remedy against a supervisory authority]

[Recitals 113-115: see Article 74] [More information]

[Right to a judicial remedy against a controller or processor]

[Recitals 116-117: see Article 75] [More information]

[Right to compensation and liability]

[Recital 118: see Article 77] [More information]

[Penalties]

[Recitals 119-119a: see Article 78] [More information]

[Administrative sanctions]

[Recital 120: see Article 79] [More information]

[Processing of personal data and freedom of expression]

[Recital 121: see Article 80] [More information]

[Processing of personal data concerning health]

[Recitals 122-123a: see Article 81] [More information]

[Processing of personal data in the employment context and in the social security context]

[Recital 124: see Articles 82 and 82a] [More information]

[Processing for historical, statistical and scientific research purposes]

[Recital 125: see Article 83] [More information]

[Processing of personal data by archive services]

[Recital 125a: see Article 83a] [More information]

[Processing for historical, statistical and scientific research purposes]

[Recital 126: see Article 83] [More information]

[Obligations of secrecy]

[Recital 127: see Article 84] [More information]

[Existing data protection rules of churches and religious associations]

[Recital 128: see Article 85] [More information]

[Exercise of the delegation]

[Recital 129: see Article 86] [More information]

[Standard forms]

[Recitals 130-132: see Article 85b] [More information]

[Repeal of Directive 95/46/EC]

[Recitals 133-134: see Article 88] [More information]

[Relationship and amendment of Directive 2002/58/EC]

[Recital 135: see Article 89] [More information]

[Entry into force and application(?)]

[Recitals 136-138: see Article 91] [More information]

[Respect of fundamental rights]

[Recital 139: see Article 85a] [More information]

[Notes; Recitals]