EU General Data Protection Regulation

In July 2017, the German Data Protection Conference (Datenschutzkonferenz, abbr. DSK) started to publish guidelines on the Genral Data Protection Regulation (GDPR). In these short papers, further interpretations on some essential topics and articles of the GDPR are presented. The opinions of the German DPAs are for the present and may differ from the interpretation by the European Data Protection Committee.

The short papers of the BayLDA, which have been published regularly since June 2016, can also be downloaded on this page.

BayLDA papers regarding the GDPR:

Publication regarding Art. 32 GDPR - Security of processing

Art. 42 GDPR - Certification

Video Surveillance - Replaced by DSK paper No. 15

Right to erasure - Replaced by DSK paper No. 11

Records of processing activities - Replaced by DSK paper No. 1

Special categories of personal data - Art. 9 GDPR

Sanctions - Replaced by DSK paper No. 2

Data Breach Notification - Art. 33 and 34 GDPR

Consents regarding to the GDPR

Processing in the GDPR - Replaced by DSK paper No. 13


International Data Transfers - Replaced by DSK paper No. 4

Processing of personal data for advertising - Replaced by DSK paper No. 3

One stop shop

Mutual assistance

Child's consent

Right of access by the data subject - Replaced by DSK paper No. 6

Code of Conduct - Art. 40 GDPR

Privacy Impact Assessment (PIA) - Replaced by DSK paper No. 5

Data Protection Officer (DPO) - Art. 37 to 39 GDPR - Replaced by DSK paper No. 12

Employment data protection - Replaced by DSK paper No. 14



Previous articles


Ansbach, 04.05.2016

GDPR published in the Official Journal of the European Union

Now it is there, the General Data Protection Regulation (GDPR). It was released today in the Official Journal of the European Union and comes 20 days after publication into effect, that means on 25th May 2016. After a transitional period of two years, the GDPR will be applicable on 25th May 2018.
Below you can navigate directly to the page of the Official Journal of the European Union to read all details of the official documents in the different languages.


Ansbach, 11.04.2016

Final version of the EU-GDPR in German available

The European Council has published the revised versions of the Data Protection Regulation (GDPR) in the official languages. According to the current plan, the approval of the reform package in the plenary of the European Parliament is going to take place on April 27, 2016 (after appropriate prior involvement in the LIBE committee on 20./21.4.2016). After the drawing on May 11, 2016, the text would be published in the Official Journal. The GDPR will then be applicable approximately early June 2018 (after the 2-year transitional period). The German text can be downloaded below.


Ansbach, 05.02.2016

Trilog results published in German

On 16 December 2015 via the so-called Trilogue proceeding the relevant legislative bodies, the European Parliament, the European Council and the European Commission reached an agreement on a final text of the General Data Protection Regulation. This text needs to be translated into 22 official languages and consolidated and structured. By the meeting of the Ministers of Justice and Ministers of the Interior on the 21st of April the text will be formally adopted and sent to the European Parliament for approval. The new rules will be published via the Official Journal of the European Union and become applicable two years thereafter.

The official german translation of the not yet consolidated text can be downloaded here.


Ansbach, 05.01.2016

The General Data Protection Regulation is about to being published: Enhanced synopsis of the BayLDA

On the 25th of January 2012, the European Commission published the "Proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)".

The relevant legislative bodies, the European Parliament and the Council of the European Council did agree with the European Commission via the so-called Trilogue proceeding on a final draft in December 2015. This text needs to be translated into 22 official languages, before it can be published via the Official Journal of the European Union. After publication, there will be a two-year transition period before the regulation will take effect. Now, the BayLDA enhanced the existing synopsis. This synopsis should give you an update on the current state of play, as well as documenting the starting and the end point of the Trilogue proceeding. After publication of the official German version of the General Data Protection Regulation, we plan to incorporate it as well by once again enhancing the synopsis.

The enhanced synopsis can be downloaded via this website.