- 1fundamental rights, Charter of Fundamental Rights, Article 16(1) (TFEU)
- 2fundamental rights, fundamental freedoms, single market, national economy
- 3harmonisation, fundamental rights, fundamental freedoms, free movement of data
- 4harmonisation, principle of proportionality, Charter of Fundamental Rights, right to appeal and a fair trial
- 5single market, free movement of data, cooperation, member states
- 6globalisation, exchange of data, technology, level of data protection
- 7legal framework, foundation of trust, single market, control of data
- 8clarification of rules, limitation of provisions, domestic law, coherence
- 9legal uncertainty, risks, level of protection, member states
- 10level of protection, public authority, fundamental rights and freedoms, special categories of personal data
- 11data subject rights, member states, sanctions, monitoring
- 12Article 16(2) TFEU, free movement of data, European Parliament, council
- 13single market, transparency, supervisory authorities, legal certainty
- 14nationality, place of residence, legal person
- 15technological neutrality, filesystem, processing, files
- 16exception, beyond the scope of EU law, common foreign policy, common security policy
- 17Regulation (EC) No 45/2001, union institutions, bodies, offices and agencies, adaptations of Regulation (EC) No 45/2001
- 18exception, exclusively personal activities, exclusively household activities
- 19domestic law, criminal prosecution, execution of sentence, protection against threats to public safety
- 20separate supervision for the judiciary, courts, judicial authorities, independence of the judiciary
- 21application of Directive 2000/31/EC, intermediary service providers, single market, free movement of services
- 22principle of an establishment, application of the GDPR, irrelevance of processing location
- 23lex loci solutionis, offer to EU citizens, irrelevance of processing location, irrelevance of establishment
- 24irrelevance of processing location, EU data subjects, monitoring of the behaviour, profiling
- 25application of the GDPR outside of the EU, diplomatic mission, consular office
- 26pseudonymous data, personal data, technical development, anonymous data
- 27exception, data of deceased persons, domestic law
- 28pseudonymisation, risk, data protection obligations, controller and processor
- 29pseudonymisation, controller, segregated storage, identifiability
- 30profiling, online identifiers, combination of unique identifiers, identifiability
- 31exception, tax authorities, customs authorities, independent administrative authorities
- 32consent, clear affirmative action, voluntariness, formal requirements
- 33constent, research purposes, ethical standards
- 34genetic data, genetic characteristics, analysis
- 35health data, health care services, Directive 2011/24/EU
- 36main establishment, controller, central administration, objective criteria
- 37enterprise group, control of the processing, controlling enterprise, controlled enterprise
- 38children, risks, guarantees, special protection
- 39data protection principles, data processing
- 40lawfulness, data processing, steps prior to entering into a contract
- 41legal basis, legislative measures, Court of Justice of the European Union, European Court of Human Rights
- 42proof of consent, Directive 93/13/EEC, content of the consent, voluntariness
- 43freely given consent, clear imbalance, examples of invalid consent
- 44legal basis, performance of a contract, contract formation
- 45processing operations based on a legal obligation, processing for the performance of public intrests or excercise of public authority, conditions governing the lawfulness of processing
- 46processing for vital interests of the data subject, rationale of public interest , existential interests of the data subject
- 47legitimate interest of the controller, the interests and fundamental rights of the data subject, reasonable expectations of the data subject, direct advertising
- 48enterprise group, legitimate interest, transfer
- 49legitimate interest, network and information security
- 50change of purpose, compatibility of the purposes, further processing
- 51processing of special categories of personal data, photos, exceptions
- 52exceptions, archiving purposes, employment law, maintenance of health and health risk monitoring
- 53special categories of personal data, processing for health-related purposes, management of health and social care services and systems
- 54special categories of personal data, public health (EC) No 1338/2008, processing without consent
- 55processing of personal data, processing of personal data by public authorities for constitutional purposes or purposes of international law, religious associations, public interest
- 56operation of the democratic system, collection of data on political affiliation by political parties, elections, purposes of public interest
- 57identification of a natural person, digital identification
- 58principle of transparency, information provided in electronic form, worthiness of protection of children
- 59modalities, exercise of the rights of the data subject, electronic applications
- 60the data subject be informed, notification of profiling activities, consequences of withholding data, pictograms in electronic form
- 61time of collection, collection from a third party, notice on further processing
- 62furstration of the duty for provide information
- 63right to information, information requirements
- 64identity verification of the data subject, retain data for the sole purpose potential requests
- 65right of rectification, right to be forgotten, revocation of consent, lawful retention of the personal data
- 66right to be forgotten, consideration of the technology available, appropriate measures
- 67restriction of processing, methods
- 68right to receive the data, data portability, data transmitted directly from one controller to another
- 69right to object, demonstration of a compelling legitimate interest
- 70direct advertising, profiling, right to object, explicit notification
- 71automated processing, profiling, explicit consent, profiling based on special categories of personal data
- 72profiling, policy guideline of the European Data Protection Board
- 73restrictions of certain rights and principles, Charter and European Convention for the Protection of Human Rights and Fundamental Freedoms
- 74responsibility, liability, evidence
- 75risks, rights and freedoms, likelihood and severity the damage
- 76likelihood and severity the damage, risk, objective assessment
- 77guidance on the implementation of appropriate measures, identification of the risk, guidelines of the board
- 78technical and organisational measures, data protection by design, data protection by default, state of the art
- 79protection of the rights and freedoms, responsibility and liability, monitoring and other measures of the supervisory authorities, clear allocation of the responsibilities
- 80establishment in the union, representative
- 81commissioned data processing, processing activities, security of the processing, technical and organisational measures, DPA
- 82record of processing activities, cooperation with the supervisory authority, demonstrability, audits
- 83security of the processing, technical and organisational measures, risk assessment, encryption
- 84risk evaluation, data protection impact assessment, rights and freedoms of natural persons, high risk
- 85data protection violation, discrimination, identity theft, reporting obligation
- 86notification, data subject, high risk, rights and freedoms of natural persons
- 87notification, high risk, severity of the violation
- 88notification, data subject, detailed, identity fraud
- 89notification, reporting obligation, elimination, rights and freedoms of natural persons
- 90data protection impact assessement, measures
- 91data protection impact assessement, physician, patients
- 92data protection impact assessement, authorities, processing platform, economical aspects
- 93data protection impact assessement, authorities, public bodies, processing operation
- 94consultation of the supervisory authority, safeguards, risk mitigation, high risk
- 95commissioned data processing, obligation to support of the processor, data protection impact assessement, consultation of the supervisory authority
- 96consultation of the supervisory authority, legislation, legislative preparations, regulatory measures
- 97data protection officer, expert knowledge, independence, core activities
- 98associations, organisations, micro-enterprises, codes of conduct
- 99consultation, stakeholders, statement, data subject
- 100certification, certification procedure, data protection certification, transparency
- 101international data transfers, international organisation, cooperation
- 102international agreement, level of protection
- 103appropriate level of protection, uniform application of law, international organisation
- 104adequacy decision, constitutionality, human rights, national defence
- 105international commitments, International agreements, international organisation
- 106level of protection, adequacy decisions, periodic review
- 107appropriate level of data protection, Commission, international organisation
- 108appropriate safeguards, adequacy decision, binding corporate rules
- 109standard data protection clauses, fundamental rights, fundamental freedoms
- 110binding corporate rules, BCR, international data transfer
- 111international data transfer, explicit consent, enforcement of legal claims, legitimate interest
- 112international data transfer, exception, public interest
- 113compelling legitimate interests, transfer, country of final destination
- 114Commission decision, adequacy, third country, current level of data protection
- 115third countries, administrative authorities, agreement
- 116supervisory authorities, preventative powers, remedial powers, cross-border cooperation
- 117supervisory authorities, member states, powers
- 118supervision, supervisory authorities, control mechanisms
- 119supervisory authorities, member state
- 120supervisory authorities
- 121independence of the supervisory authorities, members of the supervisory authorities act with integrity
- 122tasks and powers of the supervisory authorities
- 123monitoring of the application of the GDPR by the supervisory authorities, cooperation of Commission and supervisory authorities
- 124processing in several member states
- 125leading supervisory authority
- 126joint decisions of the supervisory authorities
- 127information to the lead supervisory authorities, procedure concerning national data processing
- 128responsibility regarding processing in the public interest
- 129identical authority of supervisory authorities in all member states, tasks of the supervisory authorities
- 130cooperation of the authorities when a complaint has been lodged
- 131amicable settlement with the controller
- 132public relation activities by supervisory authorities, specific measures for awareness-raising
- 133mutual assistance of the supervisory authorities , mutual assistance between authorities
- 134joint operations of the supervisory authorities, participation
- 135coherency mechanism, mutual assistance of the supervisory authorities
- 136opinions of the Data Protection Board, disputes between supervisory authorities
- 137provisional measures, urgent need to act, protection of the rights and freedoms of data subjects
- 138mutual assistance of the supervisory authorities, application of the coherency mechanism
- 139European Data Protection Board, entity
- 140assistance for the European Data Protection Board, Secretariat of the Protection Supervisor
- 141submission of complaints, lodge a judicial remedy
- 142support of a data subject with the submission of a complaint, class action lawsuits, Representative of the data subject
- 143judicial remedies, annulment of decisions of the boar
- 144dependent and related court proceedings, prevention of contradictory court rulings
- 145plaintiff, choice of court
- 146damages, relief from liability, recourse proceedings
- 147specific rules on jurisdiction, judicial remedy
- 148appropriate measures and penalties, reprimand and disproportionate burden, fines
- 149infringements of national rules, criminal sanctions
- 150criteria for establishing administrative fines, harmonisation of administrative penalties, administrative fines imposed on persons
- 151adaptation of administrative fines, Denmark and Estonia
- 152serious infringements, sanctions, harmonisation
- 153rules governing freedom of expression and information, journalistic, academic, artistic or literary purposes
- 154general public and public interest, principle of public access to official documents
- 155specific provisions for data processing in context of an employment relationship, collective agreements, works council agreement
- 156processing for purposes in the public interest, appropriate safeguards, rights and freedoms of the data subjec
- 157register, correlation of information, research results
- 158archiving purposes, deceased persons, public interest
- 159scientific research purposes, technological development and studies, public interest
- 160historical research purposes, deceased persons, genealogy
- 161clinical studies, research purposes, Science, Regulation (EU) No 536/2014
- 162statistical purposes, aggregation, rights and freedoms, confidentiality
- 163statistical purposes, union authorities, member states, Article 338(2) TFEU, Regulation (EG) Nr. 223/2009
- 164supervisory authorities, powers, national provisions, obligation to confidentiality
- 165Article 17 TFEU, status of churches and religious associations or communities
- 166Article 290 TFEU, delegated legislative acts, Commission
- 167Commission, implementing powers, Regulation (EU) No 182/2011
- 168standard contractual clauses, inspection procedure, third country, implementing acts
- 169implementing acts, adequate level of protection
- 170proportionality, principle of subsidiarity, equivalent level of protection
- 171repeal of Directive 95/46/EC, transitional provisions
- 172European Data Protection Supervisor: consultation and opinion
- 173coherence with Directive 2002/58/EC, adaptation of Directive 2002/58/EC
