| Principle of lawfulness, fairness and transparency
|
| Purpose limitation principle
|
| Data minimization principle
|
| Principle of accuracy
|
| Storage limitation principle
|
| Principle of integrity and confidentiality
|
| Principle of accountability
|
| Processing for a purpose other than that for which the personal data have been collected originally
|
| Obligation to demonstrate the consent for processing the personal data
|
| Obligations of the controller on context of the child when processing the personal data
|
| Prohibition of processing the special categories of personal data
|
| Reasons for derogating the exercise of the Articles 15 – 20
|
| Measures of the controller in terms of providing the information to data subjects
|
| Facilitating the data subject rights
|
| Providing the information on action taken on a request under Articles 15 to 22 to the data subject
|
| Obligations of the controller in case when the data subject request is unadopted
|
| Information provided to the data subject when personal data has been acquired from a data subject
|
| Additional information provided to the data subject when personal data has been acquired from a data subject
|
| Information provided to the data subject when controller intends to further process the personal data for a purpose other than that for which the personal data were collected
|
| Information provided where personal data have not been obtained from the data subject
|
| Some additional information provided where personal data have not been obtained from the data subject
|
| Principles of providing the information in terms of the Article 14, paragraph 1 and 2 of the regulation
|
| Providing the information where the controller intends to process the personal data for a purpose other than that for which the personal data were obtained
|
| Obligation to provide a copy of the personal data which are being processed
|
| Obligations of the controller after the right to be forgotten has been applied
|
| Information duty of the controller in context of the personal data processing limitation
|
| Information obligation of the controller towards the recipients
|
| Right of the data subject to object the processing of personal data
|
| Prohibition of the personal data processing after the Article 21, paragraph 2 has been applied
|
| Obligation of the controller to inform the data subject about the to object
|
| Proceedings of the controller in case of the Article 22, paragraph 2, points a) – c) application
|
| Responsibilities of the controller relating to the personal data processing
|
| Implementation of an appropriate data protection policies by the controller
|
| Implementation of the appropriate technical and organisational measures
|
| Processing of the personal data “by default”
|
| Personal data processing by the joint controllers
|
| Respective roles and relationships of the joint controllers vis-à-vis the data subjects
|
| Guaranties of the processor for implementing the adequate protective measurements
|
| Contract or any other legal document in terms of the Article 28, paragraphs 3 and 4
|
| Mandatory scope of the processing activities record
|
| Form of the records according to Article 30, paragraphs 1 and 2
|
| Making the records available to the supervisory authority if needed
|
| Cooperation with the supervisory authority
|
| Implementation of the appropriate technical and organisational measures
|
| Ensuring the activities compliance of any natural person, acting under the authority of controller or processor
|
| Period for declaring the personal data breach
|
| The minimal content of the personal data breach notification
|
| Documentary measures relating to the personal data breach
|
| Communication the personal data breach to the data subject
|
| Personal data processing that require the DPIA – general provision
|
| Cooperation between the controller and data protection officer
|
| Gathering the opinions of data subjects or their representatives
|
| Situation where the DPIA might be necessary
|
| Situations that require the prior consultations with the supervisory authority
|
| Information provided for the supervisory authority by the controller
|
| Compulsory designation of the data protection officer (DPO)
|
| Publishing the data of the designated data protection officer
|
| Responsibility of the controller and processor in context of the Data protection officer
|
| Providing the support for the data protection officer
|
| Organizational status of the Data protection officer
|
| The Data protection officer and it´s other tasks and duties
|
| Providing the information and access, that are essential for the certification procedure
|
| Documentation of the assessment and suitable safeguards
|
| Obligations of the controller (or processor) after the decision has been published
|
| Joint liability in context of the personal data processing
|
| Appropriate safeguards related to the rights and freedoms of the data subject
|
