Dossier for "data protection by design" (Demo)

The sheer number of legal provisions makes it difficult to keep track. This is why we added the "Dossier" function for key terms, which displays the most important sources for various terminology. It ensures you can gain a quick and knowledgeable overview of the entire legal situation.

This free "demo" version of the dossier only provides an excerpt featuring the first two articles and recitals. If you purchase the PrivazyPlan®, every aspect will be covered.

Dossiers are currently available for the following terms:

Advertising, Anonymisation, Automated Decision In Individual Cases, Compensation, Complaint, Compliance, Consent, Copy (for Data Subject), Correction, Cross-Border Processing, Data Minimisation, Data Portability, data protection by design, Data Protection Guarantee, Data Protection Impact Assessment, Data Protection Officer, Deletion, Disclosure, Encryption, Establishment, Extensive Processing, Files, Fine, Group Of Undertakings, Identification, Legitimate Interests (Controller), Legitimate Interests (Data Subject), Limitation Of Processing, Objection, Obligation, Opening Clause, Permission, Personal Data Breach, Privileged Purposes, Processing On Behalf, Processing On Behalf (Controller), Processing On Behalf (Processor), Professional secrecy, Profiling, Prohibition, Proof, Pseudonymisation, Publication Of Personal Data, Purpose (Binding), Purpose (Change), Records of processing activities, Reporting to supervisory authority, Representatives, Revocation, Risk For Rights And Freedoms, Shared Responsibility, Strategie, Task in Public Interest, Technical And Organisational Measures, Transfer To Third Countries, Transmission, Transparency

The dossier for "data protection by design" has 4 matches:

Article 25 (1) - Data protection by design and by default

1. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.

Article 47 (2) d - Binding corporate rules

2. The binding corporate rules referred to in paragraph 1 shall specify at least:
(d) the application of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design and by default, legal basis for processing, processing of special categories of personal data, measures to ensure data security, and the requirements in respect of onward transfers to bodies not bound by the binding corporate rules;


The match number 3 is available, if you buy the PrivazyPlan®.


The match number 4 is available, if you buy the PrivazyPlan®.


Hinweis: Bitte beachten Sie, dass die Auswahl der Trefferstellen ganz subjektiv nach unserem fachlichen Ermessen erfolgte. Wir haben uns speziell auf jene Bestimmungen konzentriert, die die nicht-öffentlichen Stellen betreffen. Für Korrekturen und Anregungen sind wir dankbar.
nach obento top


Would you like to implement the EU General Data Protection Regulation step-by-step? Do you want clear explanations of specific issues and well-thought-out checklists? Do you want to ensure you are data-protection-compliant? If so the PrivazyPlan® is just what you are looking for.

© SecureDataService, Nicholas Vollmer, Priorstr. 63, D-41189 Mönchengladbach, Germany, +49 2166 96523-38, info@privazyplan.eu (siehe Impressum / Datenschutz) (05.09.2018)