VeraSafe
  • GDPR Articles
  • GDPR Recitals
  • VeraSafe GDPR Consulting

RECITALS

  • RECITAL 1 – Data protection as a fundamental right
  • RECITAL 2 – Respect of the fundamental rights and freedoms
  • RECITAL 3 – Directive 95/46/EC harmonisation
  • RECITAL 4 – Data protection in balance with other fundamental rights
  • RECITAL 5 – Cooperation between Member States to exchange personal data
  • RECITAL 6 – Ensuring a high level of data protection despite the increased exchange of data
  • RECITAL 7 – The framework is based on control and certainty
  • RECITAL 8 – Adoption into national law
  • RECITAL 9 – Different standards of protection by the Directive 95/46/EC
  • RECITAL 10 – Harmonised level of data protection despite national scope
  • RECITAL 11 – Harmonisation of the powers and sanctions
  • RECITAL 12 – Authorization of the European Parliament and the Council
  • RECITAL 13 – Taking account of micro, small and medium-sized enterprises
  • RECITAL 14 – Not applicable to legal persons
  • RECITAL 15 – Technology neutrality
  • RECITAL 16 – Not applicable to activities regarding national and common security
  • RECITAL 17 – Adaptation of Regulation (EC) No 45/2001
  • RECITAL 18 – Not applicable to personal or household activities
  • RECITAL 19 – Not applicable to criminal prosecution
  • RECITAL 20 – Respecting the independence of the judiciary
  • RECITAL 21 – Liability rules of intermediary service providers shall remain unaffected
  • RECITAL 22 – Processing by an establishment
  • RECITAL 23 – Applicable to processors not established in the Union if data subjects within the Union are targeted
  • RECITAL 24 – Applicable to processors not established in the Union if data subjects within the Union are profiled
  • RECITAL 25 – Applicable to processors due to international law
  • RECITAL 26 – Not applicable to anonymous data
  • RECITAL 27 – Not applicable to data of deceased persons
  • RECITAL 28 – Introduction of pseudonymisation
  • RECITAL 29 – Pseudonymisation at the same controller
  • RECITAL 30 – Online identifiers for profiling and identification
  • RECITAL 31 – Not applicable to public authorities in connection with their official tasks
  • RECITAL 32 – Conditions for consent
  • RECITAL 33 – Consent to certain areas of scientific research
  • RECITAL 34 – Genetic data
  • RECITAL 35 – Health data
  • RECITAL 36 – Determination of the main establishment
  • RECITAL 37 – Enterprise group
  • RECITAL 38 – Special protection of children’s personal data
  • RECITAL 39 – Principles of data processing
  • RECITAL 40 – Lawfulness of data processing
  • RECITAL 41 – Legal basis or legislative measures
  • RECITAL 42 – Burden of proof and requirements for consent
  • RECITAL 43 – Freely given consent
  • RECITAL 44 – Performance of a contract
  • RECITAL 45 – Fulfillment of legal obligations
  • RECITAL 46 – Vital interests of the data subject
  • RECITAL 47 – Overriding legitimate interest
  • RECITAL 48 – Overriding legitimate interest within group of undertakings
  • RECITAL 49 – Network and information security as overriding legitimate interest
  • RECITAL 50 – Further processing of personal data
  • RECITAL 51 – Protecting sensitive personal data
  • RECITAL 52 – Exceptions to the prohibition on processing special categories of personal data
  • RECITAL 53 – Processing of sensitive data in health and social sector
  • RECITAL 54 – Processing of sensitive data in public health sector
  • RECITAL 55 – Public interest in processing by official authorities for objectives of recognized religious communities
  • RECITAL 56 – Processing personal data on people’s political opinions by parties
  • RECITAL 57 – Additional data for identification purposes
  • RECITAL 58 – The principle of transparency
  • RECITAL 59 – Procedures for the exercise of the rights of the data subjects
  • RECITAL 60 – Information obligation
  • RECITAL 61 – Time of information
  • RECITAL 62 – Exceptions to the obligation to provide information
  • RECITAL 63 – Right of access
  • RECITAL 64 – Identity verification
  • RECITAL 65 – Right of rectification and erasure
  • RECITAL 66 – Right to be forgotten
  • RECITAL 67 – Restriction of processing
  • RECITAL 68 – Right of data portability
  • RECITAL 69 – Right to object
  • RECITAL 70 – Right to object to direct marketing
  • RECITAL 71 – Profiling
  • RECITAL 72 – Guidance of the European Data Protection Board regarding profiling
  • RECITAL 73 – Restrictions of rights and principles
  • RECITAL 74 – Responsibility and liability of the controller
  • RECITAL 75 – Risks to the rights and freedoms of natural persons
  • RECITAL 76 – Risk assessment
  • RECITAL 77 – Risk assessment guidelines
  • RECITAL 78 – Appropriate technical and organisational measures
  • RECITAL 79 – Allocation of the responsibilities
  • RECITAL 80 – Designation of a representative
  • RECITAL 81 – The use of processors
  • RECITAL 82 – Record of processing activities
  • RECITAL 83 – Security of processing
  • RECITAL 84 – Risk evaluation and impact assessment
  • RECITAL 85 – Notification obligation of breaches to the supervisory authority
  • RECITAL 86 – Notification of data subjects in case of data breaches
  • RECITAL 87 – Promptness of reporting / notification
  • RECITAL 88 – Format and procedures of the notification
  • RECITAL 89 – Elimination of the general reporting requirement
  • RECITAL 90 – Data protection impact assessement
  • RECITAL 91 – Necessity of a data protection impact assessment
  • RECITAL 92 – Broader data protection impact assessment
  • RECITAL 93 – Data protection impact assessment at authorities
  • RECITAL 94 – Consultation of the supervisory authority
  • RECITAL 95 – Support by the processor
  • RECITAL 96 – Consultation of the supervisory authority in the course of a legislative process
  • RECITAL 97 – Data protection officer
  • RECITAL 98 – Preparation of codes of conduct by organisations and associations
  • RECITAL 99 – Consultation of stakeholders and data subjects in the development of codes of conduct
  • RECITAL 100 – Certification
  • RECITAL 101 – General principles for international data transfers
  • RECITAL 102 – International agreements for an appropriate level of data protection
  • RECITAL 103 – Appropriate level of data protection based on an adequacy decision
  • RECITAL 104 – Criteria for an adequacy decision
  • RECITAL 105 – Consideration of international agreements for an adequacy decision
  • RECITAL 106 – Monitoring and periodic review of the level of data protection
  • RECITAL 107 – Amendment, revocation and suspension of adequacy decisions
  • RECITAL 108 – Appropriate safeguards
  • RECITAL 109 – Standard data protection clauses
  • RECITAL 110 – Binding corporate rules
  • RECITAL 111 – Exceptions for certain cases of international transfers
  • RECITAL 112 – Data transfers due to important reasons of public interest
  • RECITAL 113 – Transfers qualified as not repetitive and that only concern a limited number of data subjects
  • RECITAL 114 – Safeguarding of enforceability of rights and obligations in the absence of an adequacy decision
  • RECITAL 115 – Rules in third countries contrary to the Regulation
  • RECITAL 116 – Cooperation among supervisory authorities
  • RECITAL 117 – Establishment of supervisory authorities
  • RECITAL 118 – Monitoring of the supervisory authorities
  • RECITAL 119 – Organisation of several supervisory authorities of a Member State
  • RECITAL 120 – Features of supervisory authorities
  • RECITAL 121 – Independence of the supervisory authorities
  • RECITAL 122 – Responsibility of the supervisory authorities
  • RECITAL 123 – Cooperation of the supervisory authorities with each other and with the Commission
  • RECITAL 124 – Lead authority regarding processing in several Member States
  • RECITAL 125 – Competences of the lead authority
  • RECITAL 126 – Joint decisions
  • RECITAL 127 – Information of the supervisory authority regarding local processing
  • RECITAL 128 – Responsibility regarding processing in the public interest
  • RECITAL 129 – Tasks and powers of the supervisory authorities
  • RECITAL 130 – Consideration of the authority with which the complaint has been lodged
  • RECITAL 131 – Attempt of an amicable settlement
  • RECITAL 132 – Awareness-raising activities and specific measures
  • RECITAL 133 – Mutual assistance and provisional measures
  • RECITAL 134 – Participation in joint operations
  • RECITAL 135 – Consistency mechanism
  • RECITAL 136 – Binding decisions and opinions of the Board
  • RECITAL 137 – Provisional measures
  • RECITAL 138 – Urgency procedure
  • RECITAL 139 – European Data Protection Board
  • RECITAL 140 – Secretariat and staff of the Board
  • RECITAL 141 – Right to lodge a complaint
  • RECITAL 142 – The right of data subjects to mandate a not-for-profit body, organisation or association
  • RECITAL 143 – Judicial remedies
  • RECITAL 144 – Related proceedings
  • RECITAL 145 – Choice of venue
  • RECITAL 146 – Indemnity
  • RECITAL 147 – Jurisdiction
  • RECITAL 148 – Penalties
  • RECITAL 149 – Penalties for infringements of national rules
  • RECITAL 150 – Administrative fines
  • RECITAL 151 – Administrative fines in Denmark and Estonia
  • RECITAL 152 – Power of sanction of the Member States
  • RECITAL 153 – Processing of personal data solely for journalistic purposes or for the purposes of academic, artistic or literary expression
  • RECITAL 154 – Principle of public access to official documents
  • RECITAL 155 – Processing in the employment context
  • RECITAL 156 – Processing for archiving, scientific or historical research or statistical purposes
  • RECITAL 157 – Information from registries and scientific research
  • RECITAL 158 – Processing for archiving purposes
  • RECITAL 159 – Processing for scientific research purposes
  • RECITAL 160 – Processing for historical research purposes
  • RECITAL 161 – Consenting to the participation in clinical trials
  • RECITAL 162 – Processing for statistical purposes
  • RECITAL 163 – Production of European and national statistics
  • RECITAL 164 – Professional or other equivalent secrecy obligations
  • RECITAL 165 – No prejudice of the status of churches and religious associations
  • RECITAL 166 – Delegated acts of the Commission
  • RECITAL 167 – Implementing powers of the Commission
  • RECITAL 168 – Implementing acts on standard contractual clauses
  • RECITAL 169 – Immediately applicable implementing acts
  • RECITAL 170 – Principle of subsidiarity and principle of proportionality
  • RECITAL 171 – Repeal of Directive 95/46/EC and transitional provisions
  • RECITAL 172 – Consultation of the European Data Protection Supervisor
  • RECITAL 173 – Relationship to Directive 2002/58/EC

Recital 118 Monitoring of the supervisory authorities*

The independence of supervisory authorities should not mean that the supervisory authorities cannot be subject to control or monitoring mechanisms regarding their financial expenditure or to judicial review.

* This title is an unofficial description.

Relevant EU GDPR Articles

  • Article 51 – Supervisory authority
  • Article 52 – Independence
← Recital 117
Recital 119 →
All recitals

Share this page:

  • share 
  • tweet 
  • share 
  • email 

Need help with GDPR Compliance?
Contact VeraSafe’s Data Protection Experts Today

VeraSafe can help assess your compliance, and operationalize your GDPR compliance, including:

  • Data Mapping / Discovery
  • Gap Analysis
  • Privacy Policies
Contact VeraSafe
Privacy Policy