GDPR in practice
The General Data Protection Regulation (GDPR) offers several instruments that help organisations comply with the law.
On this page
Some of these instruments are obligatory. For example, in some situations, an organisation has to appoint a Data Protection Officer (DPO), carry out a data protection impact assessment (DPIA), apply for a prior consultation or apply for a permit. Other instruments are voluntary, such as a drawing up a GDPR Code of Conduct or applying for a GDPR certificate.
- You can find information about and for DPOs on the special page DPO information.
- You can find information about the other above-mentioned instruments through the overwiew directly below.
Related themes and topics
Basic GDPR
GDPR basics
The most important law that has the protection of personal data as its subject is the General Data Protection Regulation (GDPR).
Basic GDPR
Privacy rights under the GDPR
People have a number of rights if organisations use their personal data. These can be found in the General Data Protection Regulation (GDPR). We call these rights ‘privacy rights’.