GDPR — Table of Contents
GDPR — General Data Protection Regulation
All 99 articles in 11 chapters
Chapter 1 — General provisions
Chapter 2 — Principles
- Art. 5Principles relating to processing of personal data
- Art. 6Lawfulness of processing
- Art. 7Conditions for consent
- Art. 8Conditions applicable to child's consent in relation to information society services
- Art. 9Processing of special categories of personal data
- Art. 10Processing of personal data relating to criminal convictions and offences
- Art. 11Processing which does not require identification
Chapter 3 — Rights of the data subject
- Art. 12Transparent information, communication and modalities for the exercise of the rights of the data subject
- Art. 13Information to be provided where personal data are collected from the data subject
- Art. 14Information to be provided where personal data have not been obtained from the data subject
- Art. 15Right of access by the data subject
- Art. 16Right to rectification
- Art. 17Right to erasure (right to be forgotten)
- Art. 18Right to restriction of processing
- Art. 19Notification obligation regarding rectification or erasure of personal data or restriction of processing
- Art. 20Right to data portability
- Art. 21Right to object
- Art. 22Automated individual decision-making, including profiling
- Art. 23Restrictions
Chapter 4 — Controller and processor
- Art. 24Responsibility of the controller
- Art. 25Data protection by design and by default
- Art. 26Joint controllers
- Art. 27Representatives of controllers or processors not established in the Union
- Art. 28Processor
- Art. 29Processing under the authority of the controller or processor
- Art. 30Records of processing activities
- Art. 31Cooperation with the supervisory authority
- Art. 32Security of processing
- Art. 33Notification of a personal data breach to the supervisory authority
- Art. 34Communication of a personal data breach to the data subject
- Art. 35Data protection impact assessment
- Art. 36Prior consultation
- Art. 37Designation of the data protection officer
- Art. 38Position of the data protection officer
- Art. 39Tasks of the data protection officer
- Art. 40Codes of conduct
- Art. 41Monitoring of approved codes of conduct
- Art. 42Certification
- Art. 43Certification bodies
Chapter 5 — Transfers of personal data to third countries or international organisations
- Art. 44General principle for transfers
- Art. 45Transfers on the basis of an adequacy decision
- Art. 46Transfers subject to appropriate safeguards
- Art. 47Binding corporate rules
- Art. 48Transfers or disclosures not authorised by Union law
- Art. 49Derogations for specific situations
- Art. 50International cooperation for the protection of personal data
Chapter 6 — Independent supervisory authorities
Chapter 7 — Cooperation and consistency
- Art. 60Cooperation between the lead supervisory authority and the other supervisory authorities concerned
- Art. 61Mutual assistance
- Art. 62Joint operations of supervisory authorities
- Art. 63Consistency mechanism
- Art. 64Opinion of the Board
- Art. 65Dispute resolution by the Board
- Art. 66Urgency procedure
- Art. 67Exchange of information
- Art. 68European Data Protection Board
- Art. 69Independence
- Art. 70Tasks of the Board
- Art. 71Reports
- Art. 72Procedure
- Art. 73Chair
- Art. 74Tasks of the Chair
- Art. 75Secretariat
- Art. 76Confidentiality
Chapter 8 — Remedies, liability and penalties
- Art. 77Right to lodge a complaint with a supervisory authority
- Art. 78Right to an effective judicial remedy against a supervisory authority
- Art. 79Right to an effective judicial remedy against a controller or processor
- Art. 80Representation of data subjects
- Art. 81Suspension of proceedings
- Art. 82Right to compensation and liability
- Art. 83General conditions for imposing administrative fines
- Art. 84Penalties
Chapter 9 — Provisions relating to specific processing situations
- Art. 85Processing and freedom of expression and information
- Art. 86Processing and public access to official documents
- Art. 87Processing of the national identification number
- Art. 88Processing in the context of employment
- Art. 89Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
- Art. 90Obligations of secrecy
- Art. 91Existing data protection rules of churches and religious associations
Chapter 10 — Delegated acts and implementing acts
Chapter 11 — Final provisions
Source: EUR-Lex CELEX 02016R0679-20160504