Shows the GDPR articles where this template may be used
Article Ref | Title | Template Section | Section Description |
---|---|---|---|
5.1.a | Principles - Lawfulness, fairness and transparency | All | All sections describes how the company shall collect, handle and store personal data to meet the data protection standards |
5.1.c | Principles – Data Minimisation | Data Minimization | Limit the collection of personal information to what is directly relevant and necessary to accomplish a specified purpose |
5.1.d | Principles – Data Accuracy | Data Accuracy | Covers policies that ensure that personal data is kept accurate, complete and up to date. |
5.1.e | Principles – Storage Limitation | Data Retention | Records management considerations for meeting regulatory and archival requirements |
5.1.f | Principles – Integrity and Confidentiality | Integrity and Confidentiality | Limiting data access and maintaining consistency, accuracy and trustworthiness of data over its entire lifecycle |
11.1 | Data Pseudonymization | Integrity and Confidentiality | Limiting data access and maintaining consistency, accuracy and trustworthiness of data over its entire lifecycle |
19.1 | Notification of Right of Access | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
24.1 | Technical and Organizational Measures | All | All sections describes how the company shall collect, handle and store personal data to meet the data protection standards |
24.2 | Data Protection Policies | All | All sections describes how the company shall collect, handle and store personal data to meet the data protection standards |
27.1 | Appointment of a Representative | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
30.1 | Records of Processing Activities by the Controller | ROPA | The maintenance of the detailed descriptions of an organization's data processing practices |
30.2 | Record of Processing Activities by the Processor | ROPA | The maintenance of the detailed descriptions of an organization's data processing practices |
30.3 | Format of Records of Processing Activities | ROPA | The maintenance of the detailed descriptions of an organization's data processing practices |
31 | Cooperation with Authorities | Supervisory Authorities | Independent public authorities that supervise the application of general data protection laws |
32.2 | Security Risk Assessments | Scope | Defines the various functions and methods with which an organisation processes personal data |
32.4 | Security Access Measures | Unauthorised Processing | Ensures that persondal data is processed by authorised persons and the penalty for default thereof |
37.1 | Requirement for a Data Protection Officer | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
37.6 | Contracting a Data Protection Officer | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
38.1 | DPO Involvement in Data Protection Issues | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
44.1 | International Data Transfers | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
45.1 | Data Transfer on Basis of Adequacy Decision | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
46.1 | Data Transfers on Basis of Appropriate Safeguards | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
49.1 | Data Transfers on Basis of Legal Considerations | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |