Dossier for "data protection by design" (Demo)

The sheer number of legal provisions makes it difficult to keep track. This is why we added the "Dossier" function for key terms, which displays the most important sources for various terminology. It ensures you can gain a quick and knowledgeable overview of the entire legal situation.

This free "demo" version of the dossier only provides an excerpt featuring the first two articles and recitals. If you purchase the PrivazyPlan®, every aspect will be covered.

Dossiers are currently available for the following terms:

AdvertisingAnonymisationAutomated Decision In Individual CasesCompensationComplaintComplianceConsentCopy (for Data Subject)CorrectionCross-Border ProcessingData MinimisationData Portabilitydata protection by designData Protection GuaranteeData Protection Impact AssessmentData Protection OfficerDeletionDisclosureEncryptionEstablishmentExtensive ProcessingFilesFineGroup Of UndertakingsIdentificationLegitimate Interests (Controller)Legitimate Interests (Data Subject)Limitation Of ProcessingObjectionObligationOpening ClausePermissionPersonal Data BreachPrivileged PurposesProcessing On BehalfProcessing On Behalf (Controller)Processing On Behalf (Processor)Professional secrecyProfilingProhibitionProofPseudonymisationPublication Of Personal DataPurpose (Binding)Purpose (Change)Records of processing activitiesReporting to supervisory authorityRepresentativesRevocationRisk For Rights And FreedomsShared ResponsibilityStrategieTask in Public InterestTechnical And Organisational MeasuresTransfer To Third CountriesTransmissionTransparency

The dossier for "data protection by design" has 4 matches:

Article 25 (1) - Data protection by design and by default

1. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.

Article 47 (2) d - Binding corporate rules

2. The binding corporate rules referred to in paragraph 1 shall specify at least:
(d) the application of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design and by default, legal basis for processing, processing of special categories of personal data, measures to ensure data security, and the requirements in respect of onward transfers to bodies not bound by the binding corporate rules;


The match number 3 is available, if you buy the PrivazyPlan®.


The match number 4 is available, if you buy the PrivazyPlan®.


Hinweis: Bitte beachten Sie, dass die Auswahl der Trefferstellen ganz subjektiv nach unserem fachlichen Ermessen erfolgte. Wir haben uns speziell auf jene Bestimmungen konzentriert, die die nicht-öffentlichen Stellen betreffen. Für Korrekturen und Anregungen sind wir dankbar.
nach obento top

Would you like to implement the EU General Data Protection Regulation step-by-step? Do you want clear explanations of specific issues and well-thought-out checklists? Do you want to ensure you are data-protection-compliant? If so the PrivazyPlan® is just what you are looking for.

© SecureDataService, Nicholas Vollmer, St.-Johannes-Str. 112, 41849 Wassenberg, Germany, +49 2432 93 44 20 - 0, info@privazyplan.eu (siehe Impressum / Datenschutz) (04.04.2023)