EU General Data Protection Regulation
Handreichung für kleine Unternehmen und Vereine
The BayLDA offers small businesses and clubs handouts regarding the basic requirements of the General Data Protection Regulation. These papers are available under https://www.lda.bayern.de/en/small-businesses.html and can be downloaded.
In July 2017, the German Data Protection Conference (Datenschutzkonferenz, abbr. DSK) started to publish guidelines on the Genral Data Protection Regulation (GDPR). In these short papers, further interpretations on some essential topics and articles of the GDPR are presented. The opinions of the German DPAs are for the present and may differ from the interpretation by the European Data Protection Committee.
The short papers of the BayLDA, which have been published regularly since June 2016, can also be downloaded on this page.
DSK papers regarding the GDPR:
Records of processing activities
Processing of personal data for advertising purposes
Data transfer to third countries
Data Protection Impact Assessment
Right to access
Information requirements for third party and direct collection
Right to be forgotten
Data Protection Officer (DPO)
Processing in the context of employment
Special categories of personal data
Preparation for GDPR:
Model for data processing contracts
Questionnaire regarding the preparation for the GDPR
Online tool for self assessment
Article 29 Working Party
BayLDA papers regarding the GDPR:
Publication regarding Art. 32 GDPR - Security of processing
Art. 42 GDPR - Certification
Video Surveillance - Replaced by DSK paper No. 15
Right to erasure - Replaced by DSK paper No. 11
Records of processing activities - Replaced by DSK paper No. 1
Special categories of personal data - Art. 9 GDPR
Sanctions - Replaced by DSK paper No. 2
Data Breach Notification - Art. 33 and 34 GDPR
Consents regarding to the GDPR
Processing in the GDPR - Replaced by DSK paper No. 13
International Data Transfers - Replaced by DSK paper No. 4
Processing of personal data for advertising - Replaced by DSK paper No. 3
One stop shop
Right of access by the data subject - Replaced by DSK paper No. 6
Code of Conduct - Art. 40 GDPR
Privacy Impact Assessment (PIA) - Replaced by DSK paper No. 5
Data Protection Officer (DPO) - Art. 37 to 39 GDPR - Replaced by DSK paper No. 12
Employment data protection - Replaced by DSK paper No. 14
GDPR published in the Official Journal of the European Union
Now it is there, the General Data Protection Regulation (GDPR). It was released today in the Official Journal of the European Union and comes 20 days after publication into effect, that means on 25th May 2016. After a transitional period of two years, the GDPR will be applicable on 25th May 2018.
Below you can navigate directly to the page of the Official Journal of the European Union to read all details of the official documents in the different languages.
Final version of the EU-GDPR in German available
The European Council has published the revised versions of the Data Protection Regulation (GDPR) in the official languages. According to the current plan, the approval of the reform package in the plenary of the European Parliament is going to take place on April 27, 2016 (after appropriate prior involvement in the LIBE committee on 20./21.4.2016). After the drawing on May 11, 2016, the text would be published in the Official Journal. The GDPR will then be applicable approximately early June 2018 (after the 2-year transitional period). The German text can be downloaded below.
Trilog results published in German
On 16 December 2015 via the so-called Trilogue proceeding the relevant legislative bodies, the European Parliament, the European Council and the European Commission reached an agreement on a final text of the General Data Protection Regulation. This text needs to be translated into 22 official languages and consolidated and structured. By the meeting of the Ministers of Justice and Ministers of the Interior on the 21st of April the text will be formally adopted and sent to the European Parliament for approval. The new rules will be published via the Official Journal of the European Union and become applicable two years thereafter.
The official german translation of the not yet consolidated text can be downloaded here.
The General Data Protection Regulation is about to being published: Enhanced synopsis of the BayLDA
On the 25th of January 2012, the European Commission published the "Proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)".
The relevant legislative bodies, the European Parliament and the Council of the European Council did agree with the European Commission via the so-called Trilogue proceeding on a final draft in December 2015. This text needs to be translated into 22 official languages, before it can be published via the Official Journal of the European Union. After publication, there will be a two-year transition period before the regulation will take effect. Now, the BayLDA enhanced the existing synopsis. This synopsis should give you an update on the current state of play, as well as documenting the starting and the end point of the Trilogue proceeding. After publication of the official German version of the General Data Protection Regulation, we plan to incorporate it as well by once again enhancing the synopsis.
The enhanced synopsis can be downloaded via this website.