EU General Data Protection Regulation

In July 2017, the German Data Protection Conference (Datenschutzkonferenz, abbr. DSK) started to publish guidelines on the Genral Data Protection Regulation (GDPR). In these short papers, further interpretations on some essential topics and articles of the GDPR are presented. The opinions of the German DPAs are for the present and may differ from the interpretation by the European Data Protection Committee.

The short papers of the BayLDA, which have been published regularly since June 2016, can also be downloaded on this page.

BayLDA papers regarding the GDPR:

Publication regarding Art. 32 GDPR - Security of processing

Art. 42 GDPR - Certification

Video Surveillance - current and future state

Right to erasure (right to be forgotten) - Art. 17 GDPR

Records of processing activities - Art. 30 GDPR

Special categories of personal data - Art. 9 GDPR

Sanctions in the GDPR

Data Breach Notification - Art. 33 and 34 GDPR

Consents regarding to the GDPR

Processing in the GDPR

International Data Transfers

Processing of personal data for advertising

One stop shop

Mutual assistance

Child's consent

Right of access by the data subject

Code of Conduct - Art. 40 GDPR

Privacy Impact Assessment (PIA) - Art. 35 GDPR

Data Protection Officer (DPO) - Art. 37 to 39 GDPR

Employment data protection regarding the GDPR and the new BDSG



Previous articles


Ansbach, 04.05.2016

GDPR published in the Official Journal of the European Union

Now it is there, the General Data Protection Regulation (GDPR). It was released today in the Official Journal of the European Union and comes 20 days after publication into effect, that means on 25th May 2016. After a transitional period of two years, the GDPR will be applicable on 25th May 2018.
Below you can navigate directly to the page of the Official Journal of the European Union to read all details of the official documents in the different languages.


Ansbach, 11.04.2016

Final version of the EU-GDPR in German available

The European Council has published the revised versions of the Data Protection Regulation (GDPR) in the official languages. According to the current plan, the approval of the reform package in the plenary of the European Parliament is going to take place on April 27, 2016 (after appropriate prior involvement in the LIBE committee on 20./21.4.2016). After the drawing on May 11, 2016, the text would be published in the Official Journal. The GDPR will then be applicable approximately early June 2018 (after the 2-year transitional period). The German text can be downloaded below.


Ansbach, 05.02.2016

Trilog results published in German

On 16 December 2015 via the so-called Trilogue proceeding the relevant legislative bodies, the European Parliament, the European Council and the European Commission reached an agreement on a final text of the General Data Protection Regulation. This text needs to be translated into 22 official languages and consolidated and structured. By the meeting of the Ministers of Justice and Ministers of the Interior on the 21st of April the text will be formally adopted and sent to the European Parliament for approval. The new rules will be published via the Official Journal of the European Union and become applicable two years thereafter.

The official german translation of the not yet consolidated text can be downloaded here.


Ansbach, 05.01.2016

The General Data Protection Regulation is about to being published: Enhanced synopsis of the BayLDA

On the 25th of January 2012, the European Commission published the "Proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)".

The relevant legislative bodies, the European Parliament and the Council of the European Council did agree with the European Commission via the so-called Trilogue proceeding on a final draft in December 2015. This text needs to be translated into 22 official languages, before it can be published via the Official Journal of the European Union. After publication, there will be a two-year transition period before the regulation will take effect. Now, the BayLDA enhanced the existing synopsis. This synopsis should give you an update on the current state of play, as well as documenting the starting and the end point of the Trilogue proceeding. After publication of the official German version of the General Data Protection Regulation, we plan to incorporate it as well by once again enhancing the synopsis.

The enhanced synopsis can be downloaded via this website.