Codes of Conduct and Monitoring Bodies under the GDPR

Guidelines 01/2019 on Codes of Conduct and Monitoring Bodies under the GDPR

Section 1
INTRODUCTION
Section 1.1
Scope of these guidelines
Section 2
DEFINITIONS
Section 3
WHAT ARE CODES?
Section 4
WHAT ARE THE BENEFITS OF CODES?
Section 5
ADMISSIBILITY OF A DRAFT CODE
Section 5.1
Explanatory statement and supporting documentation
Section 5.2
Representative
Section 5.3
Processing Scope
Section 5.4
Territorial Scope
Section 5.5
Submission to a CompSA
Section 5.6
Oversight of mechanisms
Section 5.7
Monitoring body
Section 5.8
Consultation
Section 5.9
National legislation
Section 5.10
Language
Section 5.11
Checklist
Section 6
CRITERIA FOR APPROVING CODES
Section 6.1
Meets a particular need
Section 6.2
Facilitates the effective application of the GDPR
Section 6.3
Specifies the application of the GDPR
Section 6.4
Provides sufficient safeguards
Section 6.5
Provides mechanisms which will allow for effective oversight
Section 7
SUBMISSION, ADMISSIBILITY AND APPROVAL (NATIONAL CODE)
Section 7.1
Submission
Section 7.2
Admissibility of a Code
Section 7.3
Approval
Section 8
SUBMISSION, ADMISSIBILITY AND APPROVAL (TRANSNATIONAL CODE)
Section 8.1
Submission
Section 8.2
Admissibility of a Code
Section 8.3
Cooperation
Section 8.4
Refusal
Section 8.5
Preparation for submission to the Board
Section 8.6
The Board
Section 8.7
Approval
Section 9
ENGAGEMENT
Section 10
THE ROLE OF THE COMMISSION
Section 11
MONITORING OF A CODE
Section 12
ACCREDITATION REQUIREMENTS FOR MONITORING BODIES
Section 12.1
Independence
Section 12.2
Conflict of interest
Section 12.3
Expertise
Section 12.4
Established procedures and structures
Section 12.5
Transparent complaints handling
Section 12.6
Communication with the competent supervisory authority
Section 12.7
Review Mechanisms
Section 12.8
Legal status
Section 13
APPROVED CODES
Section 14
REVOCATION OF A MONITORING BODY
Section 15
PUBLIC SECTOR CODES
Section Appendix 1
Distinction between national and transnational codes
Section Appendix 2
Choosing a COMPSA
Section Appendix 3
Checklist for submission
Section Appendix 4
TRANSNATIONAL CODE Flow Chart

author avatar
Privacy Professor

Professor mr drs Romeo F. Kadir MA MSc LLM LLM (Adv) EMBA EMoC

At present Romeo Kadir serves as the President of the Global Association of Data Protection Professionals Europe (GADPPRO). GADPPRO is a thought leader self-regulatory association of data protection professionals based in the European Union, active around the globe and the first European Association of data protection professionals open for members outside the EU. Please visit www.gadppro.org for more information.

First appointed Data Protection Officer (DPO) ever in the Netherlands (European Union) at a semi-public entity. Seasoned European Privacy and Data Protection Expert (22+ years of practical experience in EU Privacy and Data Protection Law, Business Management, Compliance and Ethics).

Studied European and International Law, Political Sciences and Business Administration. Romeo Kadir is EIPACC EADPP Professor European Privacy & Data Protection Law at Universitas Padjadjaran UNpad (Indonesia) and Honorary Visiting Research Fellow with O.P. Jindal Global University (New Delhi), Senior Associate Fellow with Vidhi Centre for Legal Policy (New Delhi), Lecturer Science Honours Academy and Lecturer at the International Molengraaff Institute, Utrecht University (UU, Netherlands). In 2010 he was founder of the first European Data Protection Academy focusing on privacy-only executive education.

Present Occupations in European Data Protection Law

Member of the International Bar Association (IBA)
Member of the International Board of Experts with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
Member of the International Strategic Board with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
Member of the Swiss-Chinese Law Association (SCLA)

Former Occupations in European Data Protection Law

President European Institute for Privacy, Audit, Compliance & Certification (EIPACC)
Co-Founder/Vice-President European Association for Data Protection Professionals (EADPP)
Chair EADPP Certification Committee Data Protection Professionals,
Chair EADPP Academic Board
Chair EADPP Expert Committee on Cybersecurity
Chair EADPP Expert Committee on Artificial Intelligence (AI)
President Supervisory Board of the Dutch Privacy Complaints Office (NPKI)
Rapporteur to UN Monitoring Commission Human Rights on behalf of the Dutch Privacy Foundation (SPN)

Publications

'Handbook DPO - A Practical Guide', Privacy Publishing Group (2017)
Editor-in-Chief of ‘Data Protection Dictionary’, authored, edited and coordinated ‘Handbook for the Data Protection Officer – A practical Guide’, ‘The Ultimate GDPR Business Guide – Six Volumes’ and other relevant books in the field of privacy and data protection (www.dataprotectionbooks.com)

www.romeokadir.eu

You may also like

Children Safety Encryption www.privacad.com
Apple’s New Step to Protect Child Abuse via Encryption Feature
20 August, 2021
DNA Technology and Privacy www.privacad.com
DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
19 August, 2021
www.privacad.com
India accuses Twitter of not complying with new IT rules
18 August, 2021