Regulations

The Supervisory Body derives its statutory and normative framework from the European and national legislation and regulations.

1. National Regulations

Sebastian Pichler Baqh53Vqutc Unsplash

2. European Regulations

(a) European Union

  • The Charter of Fundamental Rights of the European Union (articles 7 and 8).
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC - General Data Protection Regulation - GDPR. This European legislation governs the rights and obligations of both data processors (the parties responsible for the processing) and of data subjects (the persons whose data are processed). Find out more about the GDPR
  • Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA – The Police and Criminal Justice Authorities Directive. This Directive constitutes the European framework for the processing of data by, in particular, the police services.

(b) Council of Europa

Regulation 3246979 1280

3. International Directives

(a) ISO Standards

The ISO standards can be downloaded from the organisation’s website against payment.

  • ISO/IEC 27001 Information technology - Security techniques - Information security management systems - Requirements.
  • ISO/IEC 27002 Information technology - Security techniques - Code of practice for information security controls.
  • ISO/IEC 29100 Information technology - Security techniques - Privacy framework.
  • ISO/IEC 27701 Information technology - Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines.

(b) References textes adopted by the United Nations