- Guidelines on consent under Regulation 2016/679 (WP 259 rev.01) → .pdf
- Guidelines on transparency under Regulation 2016/679 (WP 260 rev.01) → .pdf
- Automated individual decision-making and profiling Guidelin (WP 251 rev.01) → .pdf
- Personal data breach notification Guidelines on Personal data breach notification under Regulation 2016/679 (WP 250 rev.01) → .pdf
- The right to data portability Guidelines on the right to data portability under Regulation 2016/679 (WP 242 rev.01)
- Data protection impact assessment Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679 (WP 248 rev.01)
- Data protection officers Guidelines on Data Protection Officers (‘DPO’) (WP 243 rev.01)
- Lead supervisory authority Guidelines for identifying a controller or processor’s lead supervisory authority (WP 244 rev.01)
- Position Paper on the derogations from the obligation to maintain records of processing activities pursuant to Article 30(5) GDPR → .pdf
- Working Document Setting Forth a Co-Operation Procedure for the approval of “Binding Corporate Rules” for controllers and processors under the GDPR (WP 263 rev.01) → .pdf
- Recommendation on the Standard Application for Approval of Controller Binding Corporate Rules for the Transfer of Personal Data (WP 264) → .doc
- Recommendation on the Standard Application form for Approval of Processor Binding Corporate Rules for the Transfer of Personal Data (WP 265) → .pdf
- Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules (WP 256 rev.01) → .pdf
- Working Document setting up a table with the elements and principles to be found in Processor Binding Corporate Rules (WP 257 rev.01) → .pdf
- Adequacy Referential (WP 254 rev.01 ) → .pdf
- Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679 (WP 253)