Guidelines of the European Data Protection Board
The European Data Protection Board is responsible for the uniform application of the EU's General Data Protection Regulation (EUR-Lex) and the Data Protection Directive (EUR-Lex) applying to police and criminal justice authorities in the European Union.
The European Data Protection Board was established on 25 May 2018. Before the establishment of the European Data Protection Board, the Article 29 Working Party served as the cooperation body for data protection authorities in the EU.
Guidelines of the EDPB
Public consultation on guidelines
Guidelines 01/2021 on Examples regarding Data Breach Notification - version for public consultation (open for feedback until 2 March)
Guidelines 10/2020 on restrictions under Article 23 GDPR (pdf) (open for feedback until 12 February)
Adopted guidelines
Recommendations 02/2020 on the European Essential Guarantees for surveillance measures (pdf)
Guidelines 05/2020 on consent under Regulation 2016/679 (pdf)
Guidelines 4/2019 on Article 25 Data Protection by Design and by Default (pdf)
Guidelines 3/2019 on processing of personal data through video devices (pdf)
Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies (pdf)
Guidelines 4/2018 on the accreditation of certification bodies (pdf)
Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) (pdf)
Guidelines 2/2018 on derogations of Article 49 (pdf)
Guidelines that have gone through a public consultation but not yet adopted
Guidelines 09/2020 on relevant and reasoned objection under Regulation 2016/679 (pdf)
Guidelines 8/2020 on the targeting of social media users (pdf)
Guidelines 07/2020 on the concepts of controller and processor in the GDPR (pdf)
Guidelines and recommendations of the Article 29 Working Party
Automated individual decision-making and profiling
Guidelines on Automated Individual Decision-making and Profiling for the Purposes (pdf)
Identifying the lead supervisory authority
Transparency
Guidelines on Transparency (pdf)
Consent
Data portability
Guidelines on the right to data portability (pdf)
Frequently asked questions: Data portability (pdf)
Data Protection Officers
Guidelines on Data Protection Officers (‘DPOs’) and frequently asked questions about DPOs (pdf)
Personal data breaches
Guidelines on Personal Data Breach Notification (pdf)
Impact assessments
Administrative fines
Guidelines on the application and setting of administrative fines (pdf)