My favourites

Chapter IV – Controller and processor (Art. 24-43)

Art. 24 GDPR - Responsibility of the controller arrow_right_alt

Art. 25 GDPR - Data protection by design and by default arrow_right_alt

Art. 26 GDPR - Joint controllers arrow_right_alt

Art. 27 GDPR - Representatives of controllers or processors not established in the Union arrow_right_alt

Art. 28 GDPR - Processor arrow_right_alt

Art. 29 GDPR - Processing under the authority of the controller or processor arrow_right_alt

The processor and any person acting under the authority of the controller or of the processor, who has access to personal data, shall not process those data except on instructions from the controller, unless required to do so by Union or Member State law.

Art. 30 GDPR - Records of processing activities arrow_right_alt

Art. 31 GDPR - Cooperation with the supervisory authority arrow_right_alt

Art. 32 GDPR - Security of processing arrow_right_alt

Art. 33 GDPR - Notification of a personal data breach to the supervisory authority arrow_right_alt

Art. 34 GDPR - Communication of a personal data breach to the data subject arrow_right_alt

Art. 35 GDPR - Data protection impact assessment arrow_right_alt

Art. 36 GDPR - Prior consultation arrow_right_alt

Art. 37 GDPR - Designation of the data protection officer arrow_right_alt

Art. 38 GDPR - Position of the data protection officer arrow_right_alt

Art. 39 GDPR - Tasks of the data protection officer arrow_right_alt

Art. 40 GDPR - Codes of conduct arrow_right_alt

Art. 41 GDPR - Monitoring of approved codes of conduct arrow_right_alt

Art. 42 GDPR - Certification arrow_right_alt

Art. 43 GDPR - Certification bodies arrow_right_alt