Looking for an external Data Protection Officer?DATUREX GmbH Dresden

GDPR — Table of Contents

AI-generated summary

This provision allows Member States to adopt specific rules adjusting supervisory authority investigative powers in relation to controllers or processors subject to professional secrecy obligations. These rules must be necessary and proportionate to reconcile data protection rights with secrecy obligations and apply only to data received through activities covered by the secrecy obligation.

Art. 90 GDPR

Obligations of secrecy

(1.)Member States may adopt specific rules to set out the powers of the supervisory authorities laid down in points (e) and (f) of Article 58(1) in relation to controllers or processors that are subject, under Union or Member State law or rules established by national competent bodies, to an obligation of professional secrecy or other equivalent obligations of secrecy where this is necessary and proportionate to reconcile the right of the protection of personal data with the obligation of secrecy. Those rules shall apply only with regard to personal data which the controller or processor has received as a result of or has obtained in an activity covered by that obligation of secrecy.

(2.)Each Member State shall notify to the Commission the rules adopted pursuant to paragraph 1, byand, without delay, any subsequent amendment affecting them. 25 May 2018

Source:: EUR-Lex CELEX 02016R0679-20160504
Citation:: OJ L 119, 04.05.2016, p. 1; corrected by OJ L 127, 23.05.2018, p. 2
As of:: 2016-05-04
Retrieved:: 2026-02-25