This Handbook is designed to enable privacy professionals and legal functions within an organisation to quickly identify the issues that are of primary importance to that organisation, and determine how best to address those issues.

EU data protection law affects all organisations in the EU (and some organisations outside the EU—see Chapter 4). Many organisations that had few or no compliance responsibilities under the Directive have new or increased obligations under the GDPR. Because the GDPR applies across a very wide range of topics and across all business sectors, it is important for organisations to consider the topics that the GDPR covers, and the practical impact that each topic has on their respective operations.

Foreword

Chapter 1: Introduction

Chapter 2: Complying with the GDPR

Chapter 3: Subject matter and scope

Chapter 4: Territorial application

Chapter 5: Key definitions

Chapter 6: Data Protection Principles

Chapter 7: Lawful basis for processing

Chapter 8: Consent

Chapter 9: Rights of data subjects

Chapter 10: Obligations of controllers

Chapter 11: Obligations of processors

Chapter 12: Impact Assessments, DPOs and Codes of Conduct

Chapter 14: Data Protection Authorities

Chapter 13: Cross-Border Data Transfers

Chapter 15: Cooperation and consistency

Chapter 16: Remedies and sanctions

Chapter 17: Issues subject to national law

Chapter 18: Relationships with other laws

Chapter 19: Glossary

Our Global Data, Privacy & Cyber Security Practice

Access the handbook

Post By Nix (1,192 Posts)