EU - General Data Protection Regulation (GDPR) of 2016


Below is an outline for EU - General Data Protection Regulation (GDPR), 2016. If you’re a member, then you can log into the Library and view it in your browser using the email address you signed up with. PS. Only members can successfully log in.

  • Click HERE to log into the library (Members only).
  • Folder: Caribbean > Data Protection Laws

If you are having issues logging in, please check the following help guide, HERE.



General provisions
Subject-matter and objectives
Material scope
Territorial scope
Principles relating to processing of personal data
Lawfulness of processing
Conditions for consent
Conditions applicable to child's consent in relation to information society services
Processing of special categories of personal data
Processing of personal data relating to criminal convictions and offences
Processing which does not require identification

Rights of the data subject
Transparency and modalities
Transparent information, communication and modalities for the exercise of the rights of the data subject
Information and access to personal data
Information to be provided where personal data are collected from the data subject
Information to be provided where personal data have not been obtained from the data subject
Right of access by the data subject
Rectification and erasure
Right to rectification
Right to erasure ('right to be forgotten')
Right to restriction of processing
Notification obligation regarding rectification or erasure of personal data or restriction of processing
Right to data portability

Right to object and automated individual decision-making
Right to object
Automated individual decision-making, including profiling


Controller and processor
General obligations
Responsibility of the controller
Data protection by design and by default
Joint controllers
Representatives of controllers or processors not established in the Union
Processing under the Authority of the controller or processor
Records of processing activities
Cooperating with the supervisory authority
Security of personal data
Security of processing
Notification of a personal data breach to the supervisory authority
Communication of a personal data breach to the data subject
Data protection impact assessment and prior consultation
Data protection impact assessment
Prior consultation
Data protection officer
Designation of the data protection officer
Position of the data protection officer
Tasks of the data protection officer
Codes of conduct and certification
Codes of conduct
Monitoring of approved codes of conduct
Certification bodies

Transfers of personal data to third countries or international organizations
General principle for transfer
Transfers on the basis of an adequacy decision
Transfers subject to appropriate safeguards
Binding corporate rules
Transfers or disclosures not authorised by Union law
Derogations for specific situations
International cooperation for the protection of personal data

Independent supervisory authorities
Independent status
Supervisory authority
General conditions for the members of the supervisory authority
Rules on the establishment of the supervisory authority
Competence, tasks and powers
Competence of the lead supervisory authority
Activity reports

Cooperation and consistency
Cooperation between the lead supervisory authority and the other supervisory authorities concerned
Mutual assistance
Joint operations of supervisory authorities
Consistency mechanism
Opinion of the board
Dispute resolution by the board
Urgency procedure
Exchange of information
European data protection board
Tasks of the Board
Tasks of the Chair

Remedies, liability and penalties
Right to lodge a complaint with a supervisory authority
Right to an effective judicial remedy against a supervisory authority
Right to an effective judicial remedy against a controller or processor
Representation of data subjects
Suspension of proceedings
Right to compensation and liability
General conditions for imposing administrative fines

Provisions relating to specific processing situations
Processing and freedom of expression and information
Processing and public access to official documents
Processing of the national identification numbers
Processing in the context of employment
Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
Obligations of secrecy
Existing data protection rules of churches and religious associations

Delegated acts and implementing acts
Exercise of the delegation
Committee procedure

Final provisions
Repeal of Directive 95/46/EC
Relationship with Directive 2002/58/EC
Relationship with previously concluded Agreements
Commission reports
Review of other Union legal acts on data protection
Entry into force and application



Next steps:

This article was contributed by Jason Jacobs from Guyana. Jason is a member of the Caribbean CSPA. 


Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.