Opinion 2/2017 on data processing at work [PDF]

This document looks at day-to-day processing in the workplace.

Guidelines on Consent under Regulation 2016/679 [PDF]

This document reviews how the legal basis of consent  can be utilised and the requirements facing organisations who wish to rely upon it

Guidelines on Data Protection Impact Assessments [PDF]

This document explains the process under which a mandatory DPIA would be required and conducted.

Guidelines on Personal data breach notification under Regulation 2016/679 [PDF]

This document describes the new legal requirement where data breaches, which result in risks to the rights of data subjects, must be reported to the relevant supervisory authority.

Guidelines on transparency under Regulation 2016/679 [PDF]

This document provides practical and interpretative guidance on the new legal obligation when processing data under the GDPR.