Amendment LIBE #2099

Article 34 – Paragraph 1

1. The controller or the processor as the case may be shall , if they have not recruited a data protection officer for their organisation or obtained or adequate and valid certification for the processing of high-risk data, obtain an authorisation from the supervisory authority prior to the processing of personal data, in order to ensure the compliance of the intended processing with this Regulation and in particular to mitigate the risks involved for the data subjects where a controller or processor adopts contractual clauses as provided for in point (d) of Article 42(2) or does not provide for the appropriate safeguards in a legally binding instrument as referred to in Article 42(5) for the transfer of personal data to a third country or an international organisation.

Current Data Privacy Rating is : weaker    Agustín Díaz de Mera García Consuegra Spain EPP


comments powered by Disqus