GDPR eller den allmänna dataskyddsförordningen skapar en harmoniserad uppsättning regler som är tillämpliga på all behandling av personuppgifter som utförs av organisationer (offentliga eller privata, oavsett storlek) som är etablerade i Europeiska ekonomiska samarbetsområdet (EES) eller riktar sig till enskilda personer i EU. Det primära syftet med GDPR är att säkerställa att personuppgifter har samma höga skyddsnivå överallt inom EES, öka rättssäkerheten för både enskilda och organisationer som behandlar personuppgifter och erbjuda en hög skyddsnivå för enskilda personer.

Förordningen trädde i kraft den 24 maj 2016 och gäller sedan den 25 maj 2018.

Controllers should formally submit their EU-wide certification criteria to:

1. the competent data protection authority (DPA) in the EEA country where the scheme owners have their headquarters;
2. the competent data protection authority (DPA) in the EEA country where a certification body operating the certification mechanism have their headquarters, considering the member state in which the most certificates are likely to be issued.

På samma ämne:

• How can my processing operations or my organisation become GDPR certified?
• My organisation would like to become a certification body, how can we become accredited?

Under the GDPR, certification is conducted by national certification bodies or by the competent national data protection authorities (Art. 42(5) GDPR).

For further information, we recommend contacting the relevant national DPA for your organisation. You can find a overview of all EEA DPAshere.

You can find further information regarding certification in the EDPB guidelines on the topic:Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the Regulation - version adopted after public consultation

På samma ämne:

• How can I apply for the European Data Protection Seal?
• My organisation would like to become a certification body, how can we become accredited?

All individuals residing in the European Economic Area (EEA) have the right to the protection of their personal data.

More specifically, under the GDPR, you have several rights

• Right to be informed
• Right of access
• Right to rectification
• Right to restriction of processing
• Right to data portability
• Right to object
• Right not be subject to a decision based solely on automated processing.

For more information on your rights, please consult our leafletThe GDPR and your rights or theEDPB Data Protection Guide for small business.

Certification bodies are accredited by the national data protection authorities (DPA) or by the national accreditation body (named in accordance with Regulation 17065/2012). For further information regarding certification bodies, we recommend contacting the national DPA in your country. You can find an overview of all EEA DPAshere.

You can find further information regarding accreditation of certification bodies here:Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679)

På samma ämne:

• How can my processing operations or my organisation become GDPR certified?
• How can I apply for the European Data Protection Seal?

EDPB publicerar regelbundet pressmeddelanden, nyhetsartiklar, bloggar och annat innehåll på sin webbplats och sina kanaler för sociala medier (Twitter: @EU_EDPB;LinkedIn: European Data Protection Board) för att hålla dataskyddsintresserade och allmänheten uppdaterad om sitt arbete.

EDPB:s webbplats har också två RSS-flöden som ni kan prenumerera på för automatiska uppdateringar avEDPB:s nyheter och EDPB:s senastepublikationer.

The archived documents adopted by the Article 29 Working Party (1997-2016) are available on the website of the European Commission here:WP29 archive.

Should you experience any difficulty accessing WP29 documents, we recommend contacting the European Commission's DG Justice. The European Commission provided the Secretariat for the Article 29 Working Party and was responsible for all its publications. 

You can contact them by filling out the followingform

På samma ämne:

• Is the guidance adopted by the Article 29 Working Party (WP29) still relevant today?

Once a public consultation is closed, all contributions to the public consultation are reviewed and, where necessary, the guidelines may be adapted. Once this process has been completed, the guidelines will be up for final adoption at a subsequent EDPB plenary.

På samma ämne:

• The deadline for submitting comments to a public consultation has expired, can I still submit comments?
• I submitted feedback to a public consultation, but I cannot see my comments on the public consultation page. How do I know that my feedback was received by the EDPB?

All comments submitted are screened and reviewed manually before being displayed on our website. There should have been a visual confirmation after submitting your comments on our website.

In any case, please allow for some time before your comments are published.

På samma ämne:

• The deadline for submitting comments to a public consultation has expired, can I still submit comments?
• What happens after a public consultation is closed?

Unfortunately, the EDPB cannot consider late contributions as part of the public consultation.

På samma ämne:

• What happens after a public consultation is closed?
• I submitted feedback to a public consultation, but I cannot see my comments on the public consultation page. How do I know that my feedback was received by the EDPB?