>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Home / Frameworks / GDPR

GDPR v2016/679

General Data Protection Regulation - EU regulation on data protection and privacy

This is a reference tool, not an authoritative source. For official documentation, visit gdpr.eu.

499 All

Chapter II Principles (55 articles)

Article 5Principles relating to processing of personal data
Article 5.1Article 5.1
Article 5.1(a)Article 5.1(a)
Article 5.1(b)Article 5.1(b)
Article 5.1(c)Article 5.1(c)
Article 5.1(d)Article 5.1(d)
Article 5.1(e)Article 5.1(e)
Article 5.1(f)Article 5.1(f)
Article 5.2Article 5.2
Article 6Lawfulness of processing
Article 6.1Article 6.1
Article 6.1(a)Article 6.1(a)
Article 6.1(b)Article 6.1(b)
Article 6.1(c)Article 6.1(c)
Article 6.1(d)Article 6.1(d)
Article 6.1(e)Article 6.1(e)
Article 6.1(f)Article 6.1(f)
Article 6.2Article 6.2
Article 6.3Article 6.3
Article 6.3(a)Article 6.3(a)
Article 6.3(b)Article 6.3(b)
Article 6.4Article 6.4
Article 6.4(a)Article 6.4(a)
Article 6.4(b)Article 6.4(b)
Article 6.4(c)Article 6.4(c)
Article 6.4(d)Article 6.4(d)
Article 6.4(e)Article 6.4(e)
Article 7Conditions for consent
Article 7.1Article 7.1
Article 7.2Article 7.2
Article 7.3Article 7.3
Article 7.4Article 7.4
Article 8Conditions applicable to child's consent in relation to information society services
Article 8.1Article 8.1
Article 8.2Article 8.2
Article 8.3Article 8.3
Article 9Processing of special categories of personal data
Article 9.1Article 9.1
Article 9.2Article 9.2
Article 9.2(a)Article 9.2(a)
Article 9.2(b)Article 9.2(b)
Article 9.2(c)Article 9.2(c)
Article 9.2(d)Article 9.2(d)
Article 9.2(e)Article 9.2(e)
Article 9.2(f)Article 9.2(f)
Article 9.2(g)Article 9.2(g)
Article 9.2(h)Article 9.2(h)
Article 9.2(i)Article 9.2(i)
Article 9.2(j)Article 9.2(j)
Article 9.3Article 9.3
Article 9.4Article 9.4
Article 10Processing of personal data relating to criminal convictions and offences
Article 11Processing which does not require identification
Article 11.1Article 11.1
Article 11.2Article 11.2

Chapter III Rights of the data subject (134 articles)

Article 12Transparent information, communication and modalities for the exercise of the rights of the data subject
Article 12.1Article 12.1
Article 12.2Article 12.2
Article 12.3Article 12.3
Article 12.4Article 12.4
Article 12.5Article 12.5
Article 12.5(a)Article 12.5(a)
Article 12.5(b)Article 12.5(b)
Article 12.6Article 12.6
Article 12.7Article 12.7
Article 12.8Article 12.8
Article 13Information to be provided where personal data are collected from the data subject
Article 13.1Article 13.1
Article 13.1(a)Article 13.1(a)
Article 13.1(b)Article 13.1(b)
Article 13.1(c)Article 13.1(c)
Article 13.1(d)Article 13.1(d)
Article 13.1(e)Article 13.1(e)
Article 13.2Article 13.2
Article 13.2(a)Article 13.2(a)
Article 13.2(b)Article 13.2(b)
Article 13.2(c)Article 13.2(c)
Article 13.2(d)Article 13.2(d)
Article 13.2(e)Article 13.2(e)
Article 13.2(f)Article 13.2(f)
Article 13.3Article 13.3
Article 13.4Article 13.4
Article 14Information to be provided where personal data have not been obtained from the data subject
Article 14.1Article 14.1
Article 14.1(a)Article 14.1(a)
Article 14.1(b)Article 14.1(b)
Article 14.1(c)Article 14.1(c)
Article 14.1(d)Article 14.1(d)
Article 14.1(e)Article 14.1(e)
Article 14.1(f)Article 14.1(f)
Article 14.2Article 14.2
Article 14.2(a)Article 14.2(a)
Article 14.2(b)Article 14.2(b)
Article 14.2(c)Article 14.2(c)
Article 14.2(d)Article 14.2(d)
Article 14.2(e)Article 14.2(e)
Article 14.2(f)Article 14.2(f)
Article 14.2(g)Article 14.2(g)
Article 14.3Article 14.3
Article 14.3(a)Article 14.3(a)
Article 14.3(b)Article 14.3(b)
Article 14.3(c)Article 14.3(c)
Article 14.4Article 14.4
Article 14.5Article 14.5
Article 14.5(a)Article 14.5(a)
Article 14.5(b)Article 14.5(b)
Article 14.5(c)Article 14.5(c)
Article 14.5(d)Article 14.5(d)
Article 15Right of access by the data subject
Article 15.1Article 15.1
Article 15.1(a)Article 15.1(a)
Article 15.1(b)Article 15.1(b)
Article 15.1(c)Article 15.1(c)
Article 15.1(d)Article 15.1(d)
Article 15.1(e)Article 15.1(e)
Article 15.1(f)Article 15.1(f)
Article 15.1(g)Article 15.1(g)
Article 15.1(h)Article 15.1(h)
Article 15.2Article 15.2
Article 15.3Article 15.3
Article 15.4Article 15.4
Article 16Right to rectification
Article 17Right to erasure (‘right to be forgotten’)
Article 17.1Article 17.1
Article 17.1(a)Article 17.1(a)
Article 17.1(b)Article 17.1(b)
Article 17.1(c)Article 17.1(c)
Article 17.1(d)Article 17.1(d)
Article 17.1(e)Article 17.1(e)
Article 17.1(f)Article 17.1(f)
Article 17.2Article 17.2
Article 17.3Article 17.3
Article 17.3(a)Article 17.3(a)
Article 17.3(b)Article 17.3(b)
Article 17.3(c)Article 17.3(c)
Article 17.3(d)Article 17.3(d)
Article 17.3(e)Article 17.3(e)
Article 18Right to restriction of processing
Article 18.1Article 18.1
Article 18.1(a)Article 18.1(a)
Article 18.1(b)Article 18.1(b)
Article 18.1(c)Article 18.1(c)
Article 18.1(d)Article 18.1(d)
Article 18.2Article 18.2
Article 18.3Article 18.3
Article 19Notification obligation regarding rectification or erasure of personal data or restriction of processing
Article 20Right to data portability
Article 20.1Article 20.1
Article 20.1(a)Article 20.1(a)
Article 20.1(b)Article 20.1(b)
Article 20.2Article 20.2
Article 20.3Article 20.3
Article 20.4Article 20.4
Article 21Right to object
Article 21.1Article 21.1
Article 21.2Article 21.2
Article 21.3Article 21.3
Article 21.4Article 21.4
Article 21.5Article 21.5
Article 21.6Article 21.6
Article 22Automated individual decision-making, including profiling
Article 22.1Article 22.1
Article 22.2Article 22.2
Article 22.2(a)Article 22.2(a)
Article 22.2(b)Article 22.2(b)
Article 22.2(c)Article 22.2(c)
Article 22.3Article 22.3
Article 22.4Article 22.4
Article 23Restrictions
Article 23.1Article 23.1
Article 23.1(a)Article 23.1(a)
Article 23.1(b)Article 23.1(b)
Article 23.1(c)Article 23.1(c)
Article 23.1(d)Article 23.1(d)
Article 23.1(e)Article 23.1(e)
Article 23.1(f)Article 23.1(f)
Article 23.1(g)Article 23.1(g)
Article 23.1(h)Article 23.1(h)
Article 23.1(i)Article 23.1(i)
Article 23.1(j)Article 23.1(j)
Article 23.2Article 23.2
Article 23.2(a)Article 23.2(a)
Article 23.2(b)Article 23.2(b)
Article 23.2(c)Article 23.2(c)
Article 23.2(d)Article 23.2(d)
Article 23.2(e)Article 23.2(e)
Article 23.2(f)Article 23.2(f)
Article 23.2(g)Article 23.2(g)
Article 23.2(h)Article 23.2(h)

Chapter IV Controller and processor (168 articles)

Article 24Responsibility of the controller
Article 24.1Article 24.1
Article 24.2Article 24.2
Article 24.3Article 24.3
Article 25Data protection by design and by default
Article 25.1Article 25.1
Article 25.2Article 25.2
Article 25.3Article 25.3
Article 26Joint controllers
Article 26.1Article 26.1
Article 26.2Article 26.2
Article 26.3Article 26.3
Article 27Representatives of controllers or processors not established in the Union
Article 27.1Article 27.1
Article 27.2Article 27.2
Article 27.2(a)Article 27.2(a)
Article 27.2(b)Article 27.2(b)
Article 27.3Article 27.3
Article 27.4Article 27.4
Article 27.5Article 27.5
Article 28Processor
Article 28.1Article 28.1
Article 28.2Article 28.2
Article 28.3Article 28.3
Article 28.3(a)Article 28.3(a)
Article 28.3(b)Article 28.3(b)
Article 28.3(c)Article 28.3(c)
Article 28.3(d)Article 28.3(d)
Article 28.3(e)Article 28.3(e)
Article 28.3(f)Article 28.3(f)
Article 28.3(g)Article 28.3(g)
Article 28.3(h)Article 28.3(h)
Article 28.4Article 28.4
Article 28.5Article 28.5
Article 28.6Article 28.6
Article 28.7Article 28.7
Article 28.8Article 28.8
Article 28.9Article 28.9
Article 28.10Article 28.10
Article 29Processing under the authority of the controller or processor
Article 30Records of processing activities
Article 30.1Article 30.1
Article 30.1(a)Article 30.1(a)
Article 30.1(b)Article 30.1(b)
Article 30.1(c)Article 30.1(c)
Article 30.1(d)Article 30.1(d)
Article 30.1(e)Article 30.1(e)
Article 30.1(f)Article 30.1(f)
Article 30.1(g)Article 30.1(g)
Article 30.2Article 30.2
Article 30.2(a)Article 30.2(a)
Article 30.2(b)Article 30.2(b)
Article 30.2(c)Article 30.2(c)
Article 30.2(d)Article 30.2(d)
Article 30.3Article 30.3
Article 30.4Article 30.4
Article 30.5Article 30.5
Article 31Cooperation with the supervisory authority
Article 32Security of processing
Article 32.1Article 32.1
Article 32.1(a)Article 32.1(a)
Article 32.1(b)Article 32.1(b)
Article 32.1(c)Article 32.1(c)
Article 32.1(d)Article 32.1(d)
Article 32.2Article 32.2
Article 32.3Article 32.3
Article 32.4Article 32.4
Article 33Notification of a personal data breach to the supervisory authority
Article 33.1Article 33.1
Article 33.2Article 33.2
Article 33.3Article 33.3
Article 33.3(a)Article 33.3(a)
Article 33.3(b)Article 33.3(b)
Article 33.3(c)Article 33.3(c)
Article 33.3(d)Article 33.3(d)
Article 33.4Article 33.4
Article 33.5Article 33.5
Article 34Communication of a personal data breach to the data subject
Article 34.1Article 34.1
Article 34.2Article 34.2
Article 34.3Article 34.3
Article 34.3(a)Article 34.3(a)
Article 34.3(b)Article 34.3(b)
Article 34.3(c)Article 34.3(c)
Article 34.4Article 34.4
Article 35Data protection impact assessment
Article 35.1Article 35.1
Article 35.2Article 35.2
Article 35.3Article 35.3
Article 35.3(a)Article 35.3(a)
Article 35.3(b)Article 35.3(b)
Article 35.3(c)Article 35.3(c)
Article 35.4Article 35.4
Article 35.5Article 35.5
Article 35.6Article 35.6
Article 35.7Article 35.7
Article 35.7(a)Article 35.7(a)
Article 35.7(b)Article 35.7(b)
Article 35.7(c)Article 35.7(c)
Article 35.7(d)Article 35.7(d)
Article 35.8Article 35.8
Article 35.9Article 35.9
Article 35.10Article 35.10
Article 35.11Article 35.11
Article 36Prior consultation
Article 36.1Article 36.1
Article 36.2Article 36.2
Article 36.3Article 36.3
Article 36.3(a)Article 36.3(a)
Article 36.3(b)Article 36.3(b)
Article 36.3(c)Article 36.3(c)
Article 36.3(d)Article 36.3(d)
Article 36.3(e)Article 36.3(e)
Article 36.3(f)Article 36.3(f)
Article 36.4Article 36.4
Article 36.5Article 36.5
Article 37Designation of the data protection officer
Article 37.1Article 37.1
Article 37.1(a)Article 37.1(a)
Article 37.1(b)Article 37.1(b)
Article 37.1(c)Article 37.1(c)
Article 37.2Article 37.2
Article 37.3Article 37.3
Article 37.4Article 37.4
Article 37.5Article 37.5
Article 37.6Article 37.6
Article 37.7Article 37.7
Article 38Position of the data protection officer
Article 38.1Article 38.1
Article 38.2Article 38.2
Article 38.3Article 38.3
Article 38.4Article 38.4
Article 38.5Article 38.5
Article 38.6Article 38.6
Article 39Tasks of the data protection officer
Article 39.1Article 39.1
Article 39.1(a)Article 39.1(a)
Article 39.1(b)Article 39.1(b)
Article 39.1(c)Article 39.1(c)
Article 39.1(d)Article 39.1(d)
Article 39.1(e)Article 39.1(e)
Article 39.2Article 39.2
Article 40Codes of conduct
Article 40.1Article 40.1
Article 40.2Article 40.2
Article 40.2(a)Article 40.2(a)
Article 40.2(b)Article 40.2(b)
Article 40.2(c)Article 40.2(c)
Article 40.2(d)Article 40.2(d)
Article 40.2(e)Article 40.2(e)
Article 40.2(f)Article 40.2(f)
Article 40.2(g)Article 40.2(g)
Article 40.2(h)Article 40.2(h)
Article 40.2(i)Article 40.2(i)
Article 40.2(j)Article 40.2(j)
Article 40.2(k)Article 40.2(k)
Article 40.3Article 40.3
Article 40.4Article 40.4
Article 40.5Article 40.5
Article 40.6Article 40.6
Article 40.7Article 40.7
Article 40.8Article 40.8
Article 40.9Article 40.9
Article 40.10Article 40.10
Article 40.11Article 40.11
Article 41Article 41
Article 42Article 42
Article 43Article 43

Chapter V Transfers to third countries (64 articles)

Article 44General principle for transfers
Article 45Transfers on the basis of an adequacy decision
Article 45.1Article 45.1
Article 45.2Article 45.2
Article 45.2(a)Article 45.2(a)
Article 45.2(b)Article 45.2(b)
Article 45.2(c)Article 45.2(c)
Article 45.3Article 45.3
Article 45.4Article 45.4
Article 45.5Article 45.5
Article 45.6Article 45.6
Article 45.7Article 45.7
Article 45.8Article 45.8
Article 45.9Article 45.9
Article 46Transfers subject to appropriate safeguards
Article 46.1Article 46.1
Article 46.2Article 46.2
Article 46.2(a)Article 46.2(a)
Article 46.2(b)Article 46.2(b)
Article 46.2(c)Article 46.2(c)
Article 46.2(d)Article 46.2(d)
Article 46.2(e)Article 46.2(e)
Article 46.2(f)Article 46.2(f)
Article 46.3Article 46.3
Article 46.3(a)Article 46.3(a)
Article 46.3(b)Article 46.3(b)
Article 46.4Article 46.4
Article 46.5Article 46.5
Article 47Binding corporate rules
Article 47.1Article 47.1
Article 47.1(a)Article 47.1(a)
Article 47.1(b)Article 47.1(b)
Article 47.1(c)Article 47.1(c)
Article 47.2Article 47.2
Article 47.2(a)Article 47.2(a)
Article 47.2(b)Article 47.2(b)
Article 47.2(c)Article 47.2(c)
Article 47.2(d)Article 47.2(d)
Article 47.2(e)Article 47.2(e)
Article 47.2(f)Article 47.2(f)
Article 47.2(g)Article 47.2(g)
Article 47.2(h)Article 47.2(h)
Article 47.2(i)Article 47.2(i)
Article 47.2(j)Article 47.2(j)
Article 47.2(k)Article 47.2(k)
Article 47.2(l)Article 47.2(l)
Article 47.2(m)Article 47.2(m)
Article 47.2(n)Article 47.2(n)
Article 47.3Article 47.3
Article 48Transfers or disclosures not authorised by Union law
Article 49Derogations for specific situations
Article 49.1Article 49.1
Article 49.1(a)Article 49.1(a)
Article 49.1(b)Article 49.1(b)
Article 49.1(c)Article 49.1(c)
Article 49.1(d)Article 49.1(d)
Article 49.1(e)Article 49.1(e)
Article 49.1(f)Article 49.1(f)
Article 49.1(g)Article 49.1(g)
Article 49.2Article 49.2
Article 49.3Article 49.3
Article 49.4Article 49.4
Article 49.5Article 49.5
Article 49.6Article 49.6

Chapter X Delegated and implementing acts (2 articles)

Article 92Exercise of the delegation
Article 93Committee procedure