| Principle of lawfulness, fairness and transparency
(In role Controller)
(In role Processor)
|
| Purpose limitation principle
(In role Controller)
(In role Processor)
|
| Data minimization principle
(In role Controller)
(In role Processor)
|
| Principle of accuracy
(In role Controller)
(In role Processor)
|
| Storage limitation principle
(In role Controller)
(In role Processor)
|
| Principle of integrity and confidentiality
(In role Controller)
(In role Processor)
|
| Principle of accountability
(In role Controller)
|
| Processing for a purpose other than that for which the personal data have been collected originally
(In role Controller)
|
| Obligation to demonstrate the consent for processing the personal data
(In role Controller)
|
| Obligations of the controller on context of the child when processing the personal data
(In role Controller)
|
| Prohibition of processing the special categories of personal data
(In role Controller)
(In role Processor)
|
| Reasons for derogating the exercise of the Articles 15 – 20
(In role Controller)
|
| Measures of the controller in terms of providing the information to data subjects
(In role Controller)
|
| Facilitating the data subject rights
(In role Controller)
|
| Providing the information on action taken on a request under Articles 15 to 22 to the data subject
(In role Controller)
|
| Obligations of the controller in case when the data subject request is unadopted
(In role Controller)
|
| Information provided to the data subject when personal data has been acquired from a data subject
(In role Controller)
|
| Additional information provided to the data subject when personal data has been acquired from a data subject
(In role Controller)
|
| Information provided to the data subject when controller intends to further process the personal data for a purpose other than that for which the personal data were collected
(In role Controller)
|
| Information provided where personal data have not been obtained from the data subject
(In role Controller)
|
| Some additional information provided where personal data have not been obtained from the data subject
(In role Controller)
|
| Principles of providing the information in terms of the Article 14, paragraph 1 and 2 of the regulation
(In role Controller)
|
| Providing the information where the controller intends to process the personal data for a purpose other than that for which the personal data were obtained
(In role Controller)
|
| Obligation to provide a copy of the personal data which are being processed
(In role Controller)
|
| Obligations of the controller after the right to be forgotten has been applied
(In role Controller)
|
| Information duty of the controller in context of the personal data processing limitation
(In role Controller)
|
| Information obligation of the controller towards the recipients
(In role Controller)
|
| Right of the data subject to object the processing of personal data
(In role Controller)
|
| Prohibition of the personal data processing after the Article 21, paragraph 2 has been applied
(In role Controller)
|
| Obligation of the controller to inform the data subject about the to object
(In role Controller)
|
| Proceedings of the controller in case of the Article 22, paragraph 2, points a) – c) application
(In role Controller)
|
| Responsibilities of the controller relating to the personal data processing
(In role Controller)
|
| Implementation of an appropriate data protection policies by the controller
(In role Controller)
|
| Implementation of the appropriate technical and organisational measures
(In role Controller)
|
| Processing of the personal data “by default”
(In role Controller)
|
| Personal data processing by the joint controllers
(In role Controller)
(In role Joint Controller)
|
| Respective roles and relationships of the joint controllers vis-à-vis the data subjects
(In role Controller)
(In role Joint Controller)
|
| Designating the place of activity of the controller, that is settled outside the EU
(Delegated Representative of the Controller)
|
| Guaranties of the processor for implementing the adequate protective measurements
(In role Controller)
|
| Conditions for engaging the other processor to the data processing
(In role Processor)
|
| Designation of the identical scope of the responsibilities for the other processor
(In role Processor)
|
| Contract or any other legal document in terms of the Article 28, paragraphs 3 and 4
(In role Controller)
(In role Processor)
|
| Consequences of misconducting the purposes and instruments in the process of personal data processing by the processor
(In role Processor)
|
| Obligation of the processor to comply with the instructions of the controller
(In role Processor)
|
| Mandatory scope of the processing activities record
(In role Controller)
(Delegated Representative of the Controller)
|
| A record of all the processing activities categories, that are carried on behalf of a controller
(In role Processor)
(Delegated Representative of the Processor)
|
| Form of the records according to Article 30, paragraphs 1 and 2
(In role Controller)
(In role Processor)
|
| Making the records available to the supervisory authority if needed
(In role Controller)
(In role Processor)
(Delegated Representative of the Controller)
(Delegated Representative of the Processor)
|
| Cooperation with the supervisory authority
(In role Controller)
(In role Processor)
(Delegated Representative of the Controller)
(Delegated Representative of the Processor)
|
| Implementation of the appropriate technical and organisational measures
(In role Controller)
(In role Processor)
|
| Ensuring the activities compliance of any natural person, acting under the authority of controller or processor
(In role Controller)
(In role Processor)
|
| Period for declaring the personal data breach
(In role Controller)
|
| Notification the data breach to the controller
(In role Processor)
|
| The minimal content of the personal data breach notification
(In role Controller)
|
| Documentary measures relating to the personal data breach
(In role Controller)
|
| Communication the personal data breach to the data subject
(In role Controller)
|
| Personal data processing that require the DPIA – general provision
(In role Controller)
|
| Cooperation between the controller and data protection officer
(In role Controller)
|
| List of processing operations which require an obligatory data protection impact assessment
(In role Supervisory authority)
|
| Consistency mechanism referred to in Article 63
(In role Supervisory authority)
|
| Gathering the opinions of data subjects or their representatives
(In role Controller)
|
| Situation where the DPIA might be necessary
(In role Controller)
|
| Situations that require the prior consultations with the supervisory authority
(In role Controller)
|
| Competency of the supervisory authority in case of the specific situations
(In role Supervisory authority)
|
| Information provided for the supervisory authority by the controller
(In role Controller)
|
| Compulsory designation of the data protection officer (DPO)
(In role Controller)
(In role Processor)
|
| Publishing the data of the designated data protection officer
(In role Controller)
(In role Processor)
|
| Responsibility of the controller and processor in context of the Data protection officer
(In role Controller)
(In role Processor)
|
| Providing the support for the data protection officer
(In role Controller)
(In role Processor)
|
| Organizational status of the Data protection officer
(In role Controller)
(In role Processor)
|
| The Data protection officer and it´s other tasks and duties
(In role Controller)
(In role Processor)
|
| Support in working out the codes of conduct
(In role Supervisory authority)
|
| Registration and publication of the code of conduct
(In role Supervisory authority)
|
| Submitting the code of conduct to the Board
(In role Supervisory authority)
|
| Submitting the draft for the accreditation process
(In role Supervisory authority)
|
| Reasons for withdrawal of the accreditation
(In role Supervisory authority)
|
| Supporting the certification mechanisms process
(In role Supervisory authority)
|
| Common certification and the European Data Protection Seal
(In role Certification body)
(In role Supervisory authority)
|
| Providing the information and access, that are essential for the certification procedure
(In role Controller)
(In role Processor)
|
| Issuing the certification
(In role Certification body)
|
| Validity of the accreditation and it´s prolongation
(In role Certification body)
|
| Information obligation of the certification subjects
(In role Certification body)
|
| Publishing the certification criteria
(In role Supervisory authority)
|
| Revocation of the accreditation
(In role Supervisory authority)
|
| Application of the consistency mechanism based on the Article 63
(In role Supervisory authority)
|
| Conditions for accepting the binding corporate rules
(In role Supervisory authority)
|
| Documentation of the assessment and suitable safeguards
(In role Controller)
(In role Processor)
|
| Activity of the Commission and the supervisory authorities in context of the international support
(In role Supervisory authority)
|
| Activity of the supervisory authority
(In role Supervisory authority)
|
| Independence of the supervisory authority
(In role Supervisory authority)
|
| Independence of the supervisory authority ´s members
(Organisation's body or staff: Member of the supervisory authority)
|
| Obligation of the supervisory authority members to refrain from any action, that might be incompatible with their duties
(Organisation's body or staff: Member of the supervisory authority)
|
| Essential requirements for the supervisory authority members
(Organisation's body or staff: Member of the supervisory authority)
|
| Professional secrecy commitment of the supervisory authority members and employees
(Organisation's body or staff: Member of the supervisory authority)
|
| Competence of the supervisory authority
(In role Supervisory authority)
|
| Limitation of the competence scope of the supervisory authority
(In role Supervisory authority)
|
| Right of the supervisory authority right in context pf the submitted complaint
(In role Supervisory authority)
|
| Obligations of the supervisory authority after the receiving of the complaint in terms of the Article 56, paragraph 2
(In role Lead supervisory authority)
(In role Supervisory authority)
|
| Decision of the lead supervisory authority to reject the case
(In role Supervisory authority)
|
| Scope of the supervisory authority on its territory
(In role Supervisory authority)
|
| Facilitation of the complaint's submission process
(In role Supervisory authority)
|
| The free – of -charge principle of performing the supervisory authority tasks
(In role Supervisory authority)
|
| The annual report on the supervisory authority activities
(In role Supervisory authority)
|
| Cooperation between the lead supervisory authority and the respective supervisory authorities
(In role Lead supervisory authority)
(In role Supervisory authority)
|
| Communication in case of the relevant information on the matter to the other supervisory authorities concerned
(In role Lead supervisory authority)
|
| The proceeding of the lead supervisory authority in case of the disagreement with the objection
(In role Lead supervisory authority)
|
| The proceeding of the lead supervisory authority in case of the acceptance of the objection
(In role Lead supervisory authority)
|
| The biding nature of the decision for the other supervisory authorities
(In role Supervisory authority)
|
| The notification obligation of the lead supervisory authority in case of the submitted appeal
(In role Lead supervisory authority)
(In role Supervisory authority)
|
| The notification obligation of the lead supervisory authority in case of the rejection of the submitted appeal
(In role Supervisory authority)
|
| The proceeding of the lead supervisory authority and other supervisory authorities in case of the partial rejection of the submitted appeal
(In role Lead supervisory authority)
(In role Supervisory authority)
|
| Obligations of the controller (or processor) after the decision has been published
(In role Controller)
(In role Lead supervisory authority)
(In role Processor)
|
| Sharing the information between the lead supervisory authority and the respective supervisory authorities
(In role Lead supervisory authority)
(In role Supervisory authority)
|
| Providing the information and cooperation between the supervisory authorities
(In role Supervisory authority)
|
| An appropriate measures required to reply to a request of another supervisory authority
(In role Supervisory authority)
|
| Information that are provided to the requesting supervisory authority by the requested supervisory authority
(In role Requested supervisory authority)
|
| The ways of providing the information by the requested supervisory authorities
(In role Requested supervisory authority)
|
| The basic rules of cooperation between the supervisory authorities
(In role Supervisory authority)
|
| Consistency mechanism
(In role Supervisory authority)
|
| An opinion of the Board
(In role Supervisory authority)
|
| Cooperation between the supervisory authorities, Commission and Board
(In role Supervisory authority)
|
| Restriction in the case of adopting the decision by the supervisory authority
(In role Supervisory authority)
|
| An activity of the supervisory activity after receiving the opinion of the Board
(In role Supervisory authority)
|
| Restrictions in adopting the decision within the period based on the Article 65, paragraph 2 and 3
(In role Supervisory authority)
|
| An activity of the Chair of the Board after the final decision has been accepted
(In role Lead supervisory authority)
(In role Supervisory authority)
|
| Information duty of the supervisory authority after the receiving of complaint
(In role Supervisory authority)
|
| Forwarding the opinion or decision to the respective judicial authorities
(In role Supervisory authority)
|
| Joint liability in context of the personal data processing
(In role Controller)
(In role Processor)
|
| Competency of the supervisory authority and appropriate procedural safeguards
(In role Supervisory authority)
|
| Appropriate safeguards related to the rights and freedoms of the data subject
(In role Controller)
(In role Processor)
|
