What is the General Data Protection Regulation (GDPR) of EU?!

The General Data Protection Regulation (GDPR) of European Union shall apply from 25th of May 2018.

The GDPR requires actions from all organizations. You need to map and document all kind of processing of personal data and consider also the security while processing. Processing of personal data is usually done with computers but the regulation shall apply also to manual processing and paper documents, that contain personal data.

According to GDPR, you always have to be able to show authorities how the GDPR is handled in your organization. Whenever there might be a data breach, you have to inform the authorities without delay. 

Supervisory authority may impose fines and penalties if infringements of the regulation occurs.

General Data Protection Regulation of EU

GDPR sets rights for EU citizens for their personal data and sets requirements for organizations that process that data.

Subject-matter and objectives

Chapter 1 / Article 1

Material scope

Chapter 1 / Article 2

Territorial scope

Chapter 1 / Article 3

Definitions

Chapter 1 / Article 4

Lawfulness of processing

Chapter 2 / Article 6

Conditions for consent

Chapter 2 / Article 7

Right of access by the data subject

Chapter 3 / Article 15

Right to rectification

Chapter 3 / Article 16

Right to restriction of processing

Chapter 3 / Article 18

Right to data portability

Chapter 3 / Article 20

Right to object

Chapter 3 / Article 21

Restrictions

Chapter 3 / Article 23

Responsibility of the controller

Chapter 4 / Article 24

Joint controllers

Chapter 4 / Article 26

Processor

Chapter 4 / Article 28

Records of processing activities

Chapter 4 / Article 30

Security of processing

Chapter 4 / Article 32

Data protection impact assessment

Chapter 4 / Article 35

Prior consultation

Chapter 4 / Article 36

Tasks of the data protection officer

Chapter 4 / Article 39

Codes of conduct

Chapter 4 / Article 40

Certification

Chapter 4 / Article 42

Certification bodies

Chapter 4 / Article 43

General principle for transfers

Chapter 5 / Article 44

Binding corporate rules

Chapter 5 / Article 47

Derogations for specific situations

Chapter 5 / Article 49

Supervisory authority

Chapter 6 / Article 51

Independence

Chapter 6 / Article 52

Competence

Chapter 6 / Article 55

Tasks

Chapter 6 / Article 57

Powers

Luku 6 / Artikla 58

Activity reports

Chapter 6 / Article 59

Mutual assistance

Chapter 7 / Article 61

Consistency mechanism

Chapter 7 / Article 63

Opinion of the Board

Chapter 7 / Article 64

Dispute resolution by the Board

Chapter 7 / Article 65

Urgency procedure

Chapter 7 / Article 66

Exchange of information

Chapter 7 / Article 67

European Data Protection Board

Chapter 7 / Article 68

Independence

Chapter 7 / Article 69

Tasks of the Board

Chapter 7 / Article 70

Reports

Chapter 7 / Article 71

Procedure

Chapter 7 / Article 72

Chair

Chapter 7 / Article 73

Tasks of the Chair

Chapter 7 / Article 74

Secretariat

Chapter 7 / Article 75

Confidentiality

Chapter 7 / Article 76

Representation of data subjects

Chapter 8 / Article 80

Suspension of proceedings

Chapter 8 / Article 81

Right to compensation and liability

Chapter 8 / Article 82

Penalties

Chapter 8 / Article 84

Obligations of secrecy

Chapter 9 / Article 90

Siirretyn säädösvallan käyttäminen

Chapter 10 / Article 92

Committee procedure

Chapter 10 / Article 93

Repeal of Directive 95/46/EC

Chapter 11 / Article 94

Relationship with Directive 2002/58/EC

Chapter 11 / Article 95

Commission reports

Chapter 11 / Article 97

Entry into force and application

Chapter 11 / Article 99

}