Den generelle forordning om databeskyttelse: Retningslinjer, henstillinger, bedste praksis

• Guidelines 08/2020 on the targeting of social media users - version for public consultation

• Guidelines 07/2020 on the concepts of controller and processor in the GDPR - version for public consultation

• Guidelines 06/2020 on the interplay of the Second Payment Services Directive and the GDPR - version for public consultation

• Guidelines 05/2020 on consent under Regulation 2016/679

• Guidelines 04/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak

• Guidelines 03/2020 on the processing of data concerning health for the purpose of scientific research in the context of the COVID-19 outbreak
• Guidelines 2/2020 on articles 46 (2) (a) and 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies - version for public consultation
• Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications - version for public consultation
• Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR (part 1) - version adopted after public consultation
• Guidelines 4/2019 on Article 25 Data Protection by Design and by Default - version for public consultation
• Guidelines 3/2019 on processing of personal data through video devices - Adopted after public consultation
• Recommendation 01/2019 on the draft list of the European Data Protection Supervisor regarding the processing operations subject to the requirement of a data protection impact assessment (Article 39.4 of Regulation (EU) 2018/1725)
• Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects - version adopted after public consultation
• Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679 - version adopted after public consultation
• Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679) - version adopted after public consultation
• Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) - version adopted after public consultation
• Guidelines 2/2018 on derogations of Article 49 under Regulation 2016/679
• Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the Regulation - version adopted after public consultation

Endorsement of GDPR WP29 Documents

During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines:

1. Guidelines on consent under Regulation 2016/679, WP259 rev.01
   Superseded by Guidelines 05/2020 on consent under Regulation 2016/679
2. Guidelines on transparency under Regulation 2016/679, WP260 rev.01
3. Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679, WP251rev.01
4. Guidelines on Personal data breach notification under Regulation 2016/679, WP250 rev.01
5. Guidelines on the right to data portability under Regulation 2016/679, WP242 rev.01
6. Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is "likely to result in a high risk" for the purposes of Regulation 2016/679, WP248 rev.01
7. Guidelines on Data Protection Officers ('DPO'), WP243 rev.01
8. Guidelines for identifying a controller or processor's lead supervisory authority, WP244 rev.01
9. Position Paper on the derogations from the obligation to maintain records of processing activities pursuant to Article 30(5) GDPR
10. Working Document Setting Forth a Co-Operation Procedure for the approval of “Binding Corporate Rules” for controllers and processors under the GDPR, WP 263 rev.01
11. Recommendation on the Standard Application for Approval of Controller Binding Corporate Rules for the Transfer of Personal Data, WP 264
12. Recommendation on the Standard Application form for Approval of Processor Binding Corporate Rules for the Transfer of Personal Data, WP 265
13. Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules, WP 256 rev.01
14. Working Document setting up a table with the elements and principles to be found in Processor Binding Corporate Rules, WP 257 rev.01
15. Adequacy Referential, WP 254 rev.01
16. Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679, WP 253