Home

EUDatenschutzG

EUDatenschutzG is a term used in German-language discourse to refer to the European Union's data protection framework, primarily the General Data Protection Regulation. The official core instrument is Regulation (EU) 2016/679, commonly called the EU-Datenschutz-Grundverordnung (EU-DSGVO); there is no separate EU-wide law officially named "EUDatenschutzG."

It applies to the processing of personal data of individuals in the EU and to data processed

Data subjects have rights such as access, rectification, erasure (the right to be forgotten), restriction of

Transfers to third countries require adequate protection or appropriate safeguards, such as standard contractual clauses. Enforcement

GDPR is a directly applicable regulation in member states, with national legislation like Germany's BDSG implementing

outside
the
EU
when
tied
to
offering
goods
or
services
to,
or
monitoring
behavior
of,
individuals
in
the
EU.
Its
core
principles
include
lawfulness,
fairness,
transparency;
purpose
limitation;
data
minimization;
accuracy;
storage
limitation;
integrity
and
confidentiality;
and
accountability.
processing,
data
portability,
objection,
and
rights
related
to
automated
decision-making.
Controllers
and
processors
must
implement
data
protection
by
design
and
by
default,
maintain
records
of
processing
activities,
conduct
data
protection
impact
assessments
for
high-risk
processing,
and
report
certain
data
breaches
to
authorities
and
affected
individuals.
In
many
cases,
consent,
contract
performance,
or
legitimate
interests
provide
lawful
bases
for
processing.
rests
with
national
data
protection
authorities
and
the
European
Data
Protection
Board;
penalties
can
be
substantial,
including
fines
up
to
€20
million
or
4%
of
global
annual
turnover.
supplementary
provisions.
The
term
EUDatenschutzG
thus
serves
as
a
shorthand
for
the
EU-wide
data
protection
regime
rather
than
a
separate
act.