Endorsed WP29 Guidelines

During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines:

  1. Guidelines on consent under Regulation 2016/679, WP259 rev.01
    superseded by Guidelines 05/2020 on consent under Regulation 2016/679
  2. Guidelines on transparency under Regulation 2016/679, WP260 rev.01
  3. Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679, WP251rev.01
  4. Guidelines on Personal data breach notification under Regulation 2016/679, WP250 rev.01 superseded by Guidelines 9/2022 on personal data breach notification under GDPR
  5. Guidelines on the right to data portability under Regulation 2016/679, WP242 rev.01
  6. Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is "likely to result in a high risk" for the purposes of Regulation 2016/679, WP248 rev.01
  7. Guidelines on Data Protection Officers ('DPO'), WP243 rev.01
  8. Guidelines for identifying a controller or processor's lead supervisory authority, WP244 rev.01 superseded by Guidelines 8/2022 on identifying a controller or processor’s lead supervisory authority
  9. Position Paper on the derogations from the obligation to maintain records of processing activities pursuant to Article 30(5) GDPR
  10. Working Document Setting Forth a Co-Operation Procedure for the approval of “Binding Corporate Rules” for controllers and processors under the GDPR, WP 263 rev.01
  11. Recommendation on the Standard Application for Approval of Controller Binding Corporate Rules for the Transfer of Personal Data, WP 264 superseded by Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR)
  12. Recommendation on the Standard Application form for Approval of Processor Binding Corporate Rules for the Transfer of Personal Data, WP 265
  13. Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules, WP 256 rev.01 superseded by Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR)
  14. Working Document setting up a table with the elements and principles to be found in Processor Binding Corporate Rules, WP 257 rev.01
  15. Adequacy Referential, WP 254 rev.01
  16. Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679, WP 253