| Principle of lawfulness, fairness and transparency
(In role Controller)
(In role Processor)
|
| Purpose limitation principle
(In role Controller)
(In role Processor)
|
| Data minimization principle
(In role Controller)
(In role Processor)
|
| Principle of accuracy
(In role Controller)
(In role Processor)
|
| Storage limitation principle
(In role Controller)
(In role Processor)
|
| Principle of integrity and confidentiality
(In role Controller)
(In role Processor)
|
| Principle of accountability
(In role Controller)
|
| Processing for a purpose other than that for which the personal data have been collected originally
(In role Controller)
|
| Obligation to demonstrate the consent for processing the personal data
(In role Controller)
|
| Obligations of the controller on context of the child when processing the personal data
(In role Controller)
|
| Prohibition of processing the special categories of personal data
(In role Controller)
(In role Processor)
|
| Reasons for derogating the exercise of the Articles 15 – 20
(In role Controller)
|
| Measures of the controller in terms of providing the information to data subjects
(In role Controller)
|
| Facilitating the data subject rights
(In role Controller)
|
| Providing the information on action taken on a request under Articles 15 to 22 to the data subject
(In role Controller)
|
| Obligations of the controller in case when the data subject request is unadopted
(In role Controller)
|
| Information provided to the data subject when personal data has been acquired from a data subject
(In role Controller)
|
| Additional information provided to the data subject when personal data has been acquired from a data subject
(In role Controller)
|
| Information provided to the data subject when controller intends to further process the personal data for a purpose other than that for which the personal data were collected
(In role Controller)
|
| Information provided where personal data have not been obtained from the data subject
(In role Controller)
|
| Some additional information provided where personal data have not been obtained from the data subject
(In role Controller)
|
| Principles of providing the information in terms of the Article 14, paragraph 1 and 2 of the regulation
(In role Controller)
|
| Providing the information where the controller intends to process the personal data for a purpose other than that for which the personal data were obtained
(In role Controller)
|
| Obligation to provide a copy of the personal data which are being processed
(In role Controller)
|
| Obligations of the controller after the right to be forgotten has been applied
(In role Controller)
|
| Information duty of the controller in context of the personal data processing limitation
(In role Controller)
|
| Information obligation of the controller towards the recipients
(In role Controller)
|
| Right of the data subject to object the processing of personal data
(In role Controller)
|
| Prohibition of the personal data processing after the Article 21, paragraph 2 has been applied
(In role Controller)
|
| Obligation of the controller to inform the data subject about the to object
(In role Controller)
|
| Proceedings of the controller in case of the Article 22, paragraph 2, points a) – c) application
(In role Controller)
|
| Responsibilities of the controller relating to the personal data processing
(In role Controller)
|
| Implementation of an appropriate data protection policies by the controller
(In role Controller)
|
| Implementation of the appropriate technical and organisational measures
(In role Controller)
|
| Processing of the personal data “by default”
(In role Controller)
|
| Personal data processing by the joint controllers
(In role Controller)
(In role Joint Controller)
|
| Respective roles and relationships of the joint controllers vis-à-vis the data subjects
(In role Controller)
(In role Joint Controller)
|
| Designating the place of activity of the controller, that is settled outside the EU
(Delegated Representative of the Controller)
|
| Guaranties of the processor for implementing the adequate protective measurements
(In role Controller)
|
| Conditions for engaging the other processor to the data processing
(In role Processor)
|
| Designation of the identical scope of the responsibilities for the other processor
(In role Processor)
|
| Contract or any other legal document in terms of the Article 28, paragraphs 3 and 4
(In role Controller)
(In role Processor)
|
| Consequences of misconducting the purposes and instruments in the process of personal data processing by the processor
(In role Processor)
|
| Obligation of the processor to comply with the instructions of the controller
(In role Processor)
|
| Mandatory scope of the processing activities record
(In role Controller)
(Delegated Representative of the Controller)
|
| A record of all the processing activities categories, that are carried on behalf of a controller
(In role Processor)
(Delegated Representative of the Processor)
|
| Form of the records according to Article 30, paragraphs 1 and 2
(In role Controller)
(In role Processor)
|
| Making the records available to the supervisory authority if needed
(In role Controller)
(In role Processor)
(Delegated Representative of the Controller)
(Delegated Representative of the Processor)
|
| Cooperation with the supervisory authority
(In role Controller)
(In role Processor)
(Delegated Representative of the Controller)
(Delegated Representative of the Processor)
|
| Implementation of the appropriate technical and organisational measures
(In role Controller)
(In role Processor)
|
| Ensuring the activities compliance of any natural person, acting under the authority of controller or processor
(In role Controller)
(In role Processor)
|
| Period for declaring the personal data breach
(In role Controller)
|
| Notification the data breach to the controller
(In role Processor)
|
| The minimal content of the personal data breach notification
(In role Controller)
|
| Documentary measures relating to the personal data breach
(In role Controller)
|
| Communication the personal data breach to the data subject
(In role Controller)
|
| Personal data processing that require the DPIA – general provision
(In role Controller)
|
| Cooperation between the controller and data protection officer
(In role Controller)
|
| Gathering the opinions of data subjects or their representatives
(In role Controller)
|
| Situation where the DPIA might be necessary
(In role Controller)
|
| Situations that require the prior consultations with the supervisory authority
(In role Controller)
|
| Information provided for the supervisory authority by the controller
(In role Controller)
|
| Compulsory designation of the data protection officer (DPO)
(In role Controller)
(In role Processor)
|
| Publishing the data of the designated data protection officer
(In role Controller)
(In role Processor)
|
| Responsibility of the controller and processor in context of the Data protection officer
(In role Controller)
(In role Processor)
|
| Providing the support for the data protection officer
(In role Controller)
(In role Processor)
|
| Organizational status of the Data protection officer
(In role Controller)
(In role Processor)
|
| The Data protection officer and it´s other tasks and duties
(In role Controller)
(In role Processor)
|
| Providing the information and access, that are essential for the certification procedure
(In role Controller)
(In role Processor)
|
| Documentation of the assessment and suitable safeguards
(In role Controller)
(In role Processor)
|
| Obligations of the controller (or processor) after the decision has been published
(In role Controller)
(In role Processor)
|
| Joint liability in context of the personal data processing
(In role Controller)
(In role Processor)
|
| Appropriate safeguards related to the rights and freedoms of the data subject
(In role Controller)
(In role Processor)
|
