Guidelines of the European Data Protection Board

The European Data Protection Board is responsible for the uniform application of the EU's General Data Protection Regulation and the Data Protection Directive applying to police and criminal justice authorities in the European Union.

The European Data Protection Board was established on 25 May 2018. Before the establishment of the European Data Protection Board, the Article 29 Working Party served as the cooperation body for data protection authorities in the EU.

Guidelines of the EDPB

Adopted guidelines

Guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects (Art. 6 1 b)

Recommendation 01/2019 on the draft list of the European Data Protection Supervisor regarding the processing operations subject to the requirement of a data protection impact assessment

Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies

Guidelines 4/2018 on the accreditation of certification bodies

Guidelines 2/2018 on derogations of Article 49

Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43

Guidelines that have gone through a public consultation but not yet adopted

Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)

Guidelines 3/2019 on processing of personal data through video devices

Guidelines and recommendations of the Article 29 Working Party

Guidelines of the European Data Protection Board

Guidelines of the EDPB

Adopted guidelines

Guidelines that have gone through a public consultation but not yet adopted

Guidelines and recommendations of the Article 29 Working Party

Automated individual decision-making and profiling

Identifying the lead supervisory authority

Transparency

Consent

Data portability

Data Protection Officers

Personal data breaches

Impact assessments

Administrative fines

Common topics