General Data Protection Regulation (GDPR)
Initiative
Official name
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation - GDPR)
Type
Regulation
Level 1
Initiator
EU
Submitted
25.01.2012
Doc. code
2016/679
Summary
Status
Status
Get a subscription to have access to the whole content.
Current version
Final version
Next step
Entry into force and application
Entry into force
Get a subscription to have access to the whole content.
Application date
Get a subscription to have access to the whole content.
Scope
Relevant for
Get a subscription to have access to the whole content.
Associated initiatives
Level 1
Second law on implementation of EU data protection legislation
(binding, Amendment, DE)
Protection of individuals with regard to the processing of personal data by competent authorities
(non-binding, Main version, EU)
Adoption and implementation of the data protection law (DSAnpUG-EU) and federal data protection law (BDSG)
(binding, Main version, DE)
Level 2
Standard contractual clauses (SCCs) for transferring personal data to non-EU countries
(binding, Supplement, EU)
Standard contractual clauses (SCCs) between controllers & processors located in the EU
(binding, EU)
EU-U.S. Data Privacy Framework
(binding, Supplement, Main version, EU)
Level 3 / Other
Guidelines on processing of personal data through video devices
(binding, Supplement, EU)
Guidelines on the processing of personal data in the context of the provision of online services to data subjects
(binding, Supplement, EU)
Guidelines on Codes of Conduct and Monitoring Bodies under GDPR
(non-binding, EU)
Guidelines on the accreditation of certification bodies under GDPR
(non-binding, EU)
Guidelines on the territorial scope of the GDPR
(binding, EU)
Guidelineson derogations of Article 49 under GDPR
(binding, EU)
Guidelines on certification and identifying certification criteria in accordance with Articles 42 and 43 GDPR
(binding, Supplement, EU)
Data Protection by Design and by Default
(binding, Supplement, EU)
Guidelines for transfers of personal data between EEA and non-EEA public authorities and bodies under GDPR
(non-binding, EU)
Guidelines on the interplay of PSD2 and GDPR
(binding, Supplement, EU)
Guidelines on the concepts of controller and processor in the GDPR
(binding, Supplement, EU)
Guidelines on the targeting of social media users
(binding, Supplement, EU)
Statement on the end of the Brexit transition period
(non-binding, EU)
Data protection regarding virtual voice assistants
(non-binding, EU)
Opinion on the protection of personal data in the UK according to GDPR
(non-binding, EU)
Codes of conduct as tools for transfers
(binding, EU)
Restrictions under Article 23 GDPR
(non-binding, Supplement, EU)
Guidelines on data subject rights - Right of access
(binding, EU)
Calculation of administrative fines under the GDPR
(non-binding, EU)
Harmonization of GDPR implementation at EU level
(non-binding, EU)
New EDPB-Recommendations on Controller Binding Corporate Rules (BCR)
(non-binding, EU)
Source: EU, 2016/679, 2016