Please enable JavaScript.
Coggle requires JavaScript to display documents.
The DPO Centre Consultancy/Outsourced Service - Coggle Diagram
The DPO Centre
Consultancy/Outsourced
Service
EU GDPR
(adopted 2016 - effective 2018)
UK GDPR
All businesses
Duties of data
controllers or processors
(DPIAs & DSAs)
pseudonymisation
ROPA
(article 30)
security of personal data
(article 32)
Data Protection Officer
(articles 37-39)
Controllers & processors
(articles 24 - 43)
DPIAs
(article 35)
Transfers of personal data to third countries
(articles 44 - 50)
Supervisory authorities
(articles 51 - 59)
Rights of data subjects
(DSARs)
Articles 12 -23
right of access (article 15)
rectification (article 16)
erasure ('right to be forgotten) (article 17)
restriction of processing (article 18 & 19)
rectification or erasure (article 19)
data portability (article 20)
not been obtained from the data subject (article 14)
collected from data subject (article 13)
transparency (article 12)
automated decision-making (AI) (article 22)
right to object (article 21)
restrictions (article 23)
Cooperation among member states
(articles 60 - 76)
Articles 6 & 9
legal basis
9.2 (i) Public health
9.2 (j) archiving purposes (scientific/historical)
9.2 (e) made public by the data subject
9.2 (b) employement and social security
9.2 (f) legal claims / courts judicial capacity
6.1 (f) & 9.2 (d) legitimate interest
6.1(a) & 9.2 (a) consent (article 7 & 8)
6.1 (e) & 9.2 (g) & 9.2 (h) public interest/public duty/authority/health
6.1(b) contractual obligations
6.1 (d) & 9.2 (c) vital interests
6.1(c) legal obligations
Remedies, liability & penalties
(articles 77 - 84)
7 principles
(Article 5)
Accuracy
Storage limitation
Data minimisation
Integrity and confidentiality (security)
Purpose limitation
Accountability
Lawfulness, fairness and transparency
Liability or penalties for breach of rights (
Personal
- 10m euros / 2% -
Sensitive
- 20m euros / 4%)
Miscellaneous final provisions
(article 94 - 99)
Provisions relating to specific processing situations
(articles 85 - 91)
Delegated acts and implementing acts
(article 92 - 93)
Background
Offices
London
Amsterdam
Dublin
Toronto
Ipswich
Services
Outsourced DPO Services
Data Protection for Life Sciences
GDPR Representation
Data Protection Consultancy
DSAR Response Service
AI Explainability
Data Protection Training
Data Protection Advice Line
Sectors
medical & healthcare
software & technology
finance & insurance
retail & ecommerce
education & schools
charities & not-for-profits
Core values
Respect
Adapt
Deliver
Help organisations to navidate data protection legistlation
900 Organisations & sectors
around the world
August 2020
appointed a non-executive board of directors
Tried and tested
documentation
Primary & Secondary DPO
Founded in
2017
by Rob Masson
Canadian, US, UK &
Pan-European expertise