Overview of EU General Data Protection Regulation | Practical Law
https://content.next.westlaw.com/practical-law/document/Ib45db77d316f11e798dc8b09b4f043e0/Overview-of-EU-General-Data-Protection-Regulation?viewType=FullText&transitionType=Default&contextData=(sc.Default)
An overview of the nature and scope of the EU General Data Protection Regulation (GDPR) covering the EU perspective only.
US Home
Global Home
NEW
Sign in
Practical Law Home
Product Menu
Westlaw
Selected
Practical Law
Westlaw Today
Westlaw Form Builder
Enter to open, tab to navigate, enter to select
All Content
Content Menu
Search:
Search Westlaw
Advanced
Overview of EU General Data Protection Regulation
Practical Law Practice Note Overview w-007-9580
(Approx. 77 pages)
Overview of EU General Data Protection Regulation
by
Robbie Downing
, Baker & McKenzie with Data Privacy Advisor
Related Content
Maintained
•
European Union
An overview of the nature and scope of the EU General Data Protection Regulation (GDPR) covering the EU perspective only.
Toggle Table of Contents
Table of Contents
Close TOC
Ctrl + Alt + T to open/close
1
Scope of this note
2
Nature and scope of the EU data protection regime
History and background
Territorial scope
Material scope
Household exception
National derogations
3
GDPR: definitions
Controller and processor
Personal data and data subjects
Processing of data
4
Data protection principles
5
Transparency
Fair and lawful processing information
6
Lawfulness of processing
Personal data
Conditions for laws on which processing can be based
Special categories of personal data
7
Consent requirements
Form of consent
Withdrawal of consent
Freely given consent
Implied consent
Children's consent
8
Purpose limitation
Exceptions to the purpose limitation principle
Further compatible processing
9
Notification and registration requirements
10
Rights of data subject
Withdrawal of consent
Data subject access
Rectification and erasure
Right to object to processing
Measures based on profiling
Right to request delisting of search results
11
Obligations of controllers and processors
Appointment of a processor
Appointment of a data protection officer
Documentation requirements
Data protection impact assessment
Data protection by design and by default
Data security
Data security breach
12
Cross-border data transfers
Adequacy decisions
Adequate safeguards
Binding corporate rules
Approved codes of conduct and approved certification mechanisms
Derogations
Consequences of non-compliance
13
Enforcement, sanctions, and remedies
Monetary Fines
Criminal Penalties
Data Subject Claims