GDPR Useful Resources

GDPR Useful Resources Tarti1gnouffe 2019-01-09T07:33:58+00:00

This is a list of useful resources I used in my own compliance journey or to translate GDPR-related documents.

Last updated: January 9, 2018

General Information

The General Data Protection Regulation (official regulation)
The Article29 Working Party Guidelines
The GDPR – Structured View

National Data Protection Laws

For the national data protection laws that are applicable to you, see your relevant Data Protection Authority’s website
IAPP Resource Center – EU Member State GDPR Implementation Laws and Drafts

Register Templates of Processing Activities

Setting Up Your Security Plan and Drafting Your Security Policy

Useful resources for freelancers
NIST Official Website
ISO/IEC 27000 Family – Information Security Management Systems
PCMag – Security Solution Comparison

Useful Information to Guide You Through Your Privacy Policy and Information You Need to Display When You Collect Personal Data

The General Data Protection Regulation (Art. 12, 13, and 14)
The Article 29 Working Party Guidelines on Transparency under Regulation 2016/679 (wp260 rev.01 – guidelines explaining GDPR, Art. 12, 13, and 14)

Reviewing Your Cookie Banner and Your Cookie Policy

General Information About Cookies
The EU Internet Handbook (general information about cookies with links to the current ePrivacy directive and cookie policy templates)
The ePrivacy Directive
The Proposal for the ePrivacy Regulation
The European Commission’s Cookie Policy Templates

Reviewing Your Legal Bases to Process Personal Data

The General Data Protection Regulation (Art. 6)
The WP29 Guidelines on Consent

Drafting Your Data Processing Agreements

Check regularly for any available template on your relevant Data Protection Authority’s website
CNIL (French DPA) – General Data Protection Regulation – Guide for Processors
DLA Piper’s Example Data Protection Addendum

Working with Partners Based in Non-EEA Countries

The General Data Protection Regulation (official regulation) (GDPR, Art. 44 to 50)
List of National Data Protection Authorities
Adequacy of the Protection of Personal Data in Non-EU Countries
The EU-US Privacy Shield
Standard Contractual Clauses
FAQ Related to the Standard Contractual Clauses

Violation Notification

Refer to the relevant EU Data Protection Authority.

This website uses cookies to improve your online experience and to compile anonymized statistics on visits. You can either accept or decline cookies. For more information, please review our Cookie Policy and our Privacy Policy.