Principle of lawfulness, fairness and transparency
(In role Controller)
(In role Processor)
|
Purpose limitation principle
(In role Controller)
(In role Processor)
|
Data minimization principle
(In role Controller)
(In role Processor)
|
Principle of accuracy
(In role Controller)
(In role Processor)
|
Storage limitation principle
(In role Controller)
(In role Processor)
|
Principle of integrity and confidentiality
(In role Controller)
(In role Processor)
|
Principle of accountability
(In role Controller)
|
Processing for a purpose other than that for which the personal data have been collected originally
(In role Controller)
|
Obligation to demonstrate the consent for processing the personal data
(In role Controller)
|
Obligations of the controller on context of the child when processing the personal data
(In role Controller)
|
Prohibition of processing the special categories of personal data
(In role Controller)
(In role Processor)
|
Reasons for derogating the exercise of the Articles 15 – 20
(In role Controller)
|
Measures of the controller in terms of providing the information to data subjects
(In role Controller)
|
Facilitating the data subject rights
(In role Controller)
|
Providing the information on action taken on a request under Articles 15 to 22 to the data subject
(In role Controller)
|
Obligations of the controller in case when the data subject request is unadopted
(In role Controller)
|
Information provided to the data subject when personal data has been acquired from a data subject
(In role Controller)
|
Additional information provided to the data subject when personal data has been acquired from a data subject
(In role Controller)
|
Information provided to the data subject when controller intends to further process the personal data for a purpose other than that for which the personal data were collected
(In role Controller)
|
Information provided where personal data have not been obtained from the data subject
(In role Controller)
|
Some additional information provided where personal data have not been obtained from the data subject
(In role Controller)
|
Principles of providing the information in terms of the Article 14, paragraph 1 and 2 of the regulation
(In role Controller)
|
Providing the information where the controller intends to process the personal data for a purpose other than that for which the personal data were obtained
(In role Controller)
|
Obligation to provide a copy of the personal data which are being processed
(In role Controller)
|
Obligations of the controller after the right to be forgotten has been applied
(In role Controller)
|
Information duty of the controller in context of the personal data processing limitation
(In role Controller)
|
Information obligation of the controller towards the recipients
(In role Controller)
|
Right of the data subject to object the processing of personal data
(In role Controller)
|
Prohibition of the personal data processing after the Article 21, paragraph 2 has been applied
(In role Controller)
|
Obligation of the controller to inform the data subject about the to object
(In role Controller)
|
Proceedings of the controller in case of the Article 22, paragraph 2, points a) – c) application
(In role Controller)
|
Responsibilities of the controller relating to the personal data processing
(In role Controller)
|
Implementation of an appropriate data protection policies by the controller
(In role Controller)
|
Implementation of the appropriate technical and organisational measures
(In role Controller)
|
Processing of the personal data “by default”
(In role Controller)
|
Personal data processing by the joint controllers
(In role Controller)
(In role Joint Controller)
|
Respective roles and relationships of the joint controllers vis-à-vis the data subjects
(In role Controller)
(In role Joint Controller)
|
Designating the place of activity of the controller, that is settled outside the EU
(Delegated Representative of the Controller)
|
Guaranties of the processor for implementing the adequate protective measurements
(In role Controller)
|
Conditions for engaging the other processor to the data processing
(In role Processor)
|
Designation of the identical scope of the responsibilities for the other processor
(In role Processor)
|
Contract or any other legal document in terms of the Article 28, paragraphs 3 and 4
(In role Controller)
(In role Processor)
|
Consequences of misconducting the purposes and instruments in the process of personal data processing by the processor
(In role Processor)
|
Obligation of the processor to comply with the instructions of the controller
(In role Processor)
|
Mandatory scope of the processing activities record
(In role Controller)
(Delegated Representative of the Controller)
|
A record of all the processing activities categories, that are carried on behalf of a controller
(In role Processor)
(Delegated Representative of the Processor)
|
Form of the records according to Article 30, paragraphs 1 and 2
(In role Controller)
(In role Processor)
|
Making the records available to the supervisory authority if needed
(In role Controller)
(In role Processor)
(Delegated Representative of the Controller)
(Delegated Representative of the Processor)
|
Cooperation with the supervisory authority
(In role Controller)
(In role Processor)
(Delegated Representative of the Controller)
(Delegated Representative of the Processor)
|
Implementation of the appropriate technical and organisational measures
(In role Controller)
(In role Processor)
|
Ensuring the activities compliance of any natural person, acting under the authority of controller or processor
(In role Controller)
(In role Processor)
|
Period for declaring the personal data breach
(In role Controller)
|
Notification the data breach to the controller
(In role Processor)
|
The minimal content of the personal data breach notification
(In role Controller)
|
Documentary measures relating to the personal data breach
(In role Controller)
|
Communication the personal data breach to the data subject
(In role Controller)
|
Personal data processing that require the DPIA – general provision
(In role Controller)
|
Cooperation between the controller and data protection officer
(In role Controller)
|
Gathering the opinions of data subjects or their representatives
(In role Controller)
|
Situation where the DPIA might be necessary
(In role Controller)
|
Situations that require the prior consultations with the supervisory authority
(In role Controller)
|
Information provided for the supervisory authority by the controller
(In role Controller)
|
Compulsory designation of the data protection officer (DPO)
(In role Controller)
(In role Processor)
|
Publishing the data of the designated data protection officer
(In role Controller)
(In role Processor)
|
Responsibility of the controller and processor in context of the Data protection officer
(In role Controller)
(In role Processor)
|
Providing the support for the data protection officer
(In role Controller)
(In role Processor)
|
Organizational status of the Data protection officer
(In role Controller)
(In role Processor)
|
The Data protection officer and it´s other tasks and duties
(In role Controller)
(In role Processor)
|
Providing the information and access, that are essential for the certification procedure
(In role Controller)
(In role Processor)
|
Documentation of the assessment and suitable safeguards
(In role Controller)
(In role Processor)
|
Obligations of the controller (or processor) after the decision has been published
(In role Controller)
(In role Processor)
|
Joint liability in context of the personal data processing
(In role Controller)
(In role Processor)
|
Appropriate safeguards related to the rights and freedoms of the data subject
(In role Controller)
(In role Processor)
|