General concepts -- Jurisdiction -- Scope -- Consent and using data -- Privacy policies, information notices -- An individual's right to be forgotten -- An individual's right to access their information -- An individuals' right to receive information in a portable format -- An individuals' right to fix their information -- Document retention -- Record keeping -- Governance -- Data security -- Data breaches -- Transferring data outside of the European Economic Area -- Service providers -- Fines -- Finding further guidance -- Specific situations -- Appendix A. Text of the GDPR -- Appendix B. Data protection authorities -- Appendix C. Countries recognized by the European Union as having an "adequate" level of data privacy and security laws -- Appendix D. Article 29 working party guidance.
This resource is supported by the Institute of Museum and Library Services under the provisions of the Library Services and Technology Act as administered by State Library of Iowa.