Frequently Asked Questions

The EDPB endorsed WP29 documents are available here.

As regards the other existing WP29 documents, they may remain relevant and helpful insofar as the EDPB has not adopted new documents on the topic and/or they are compatible with the GDPR. This amounts to a case-by-case assessment.

Unfortunately, the EDPB cannot consider late contributions as part of the public consultation.

O RGPD ou o Regulamento Geral sobre a Proteção de Dados cria um conjunto harmonizado de regras aplicáveis a todo o tratamento de dados pessoais por organizações (públicas ou privadas, independentemente da sua dimensão) estabelecidas no Espaço Económico Europeu (EEE) ou dirigidas a pessoas singulares na UE. O principal objetivo do RGPD é garantir que os dados pessoais gozam do mesmo nível elevado de proteção em todo o EEE, aumentando a segurança jurídica tanto para as pessoas singulares como para as organizações que tratam dados e oferecendo um elevado grau de proteção às pessoas singulares.

O regulamento entrou em vigor em 24 de maio de 2016 e é aplicável desde 25 de maio de 2018.

Controllers should formally submit their EU-wide certification criteria to:

1. the competent data protection authority (DPA) in the EEA country where the scheme owners have their headquarters;
2. the competent data protection authority (DPA) in the EEA country where a certification body operating the certification mechanism have their headquarters, considering the member state in which the most certificates are likely to be issued.

Under the GDPR, certification is conducted by national certification bodies or by the competent national data protection authorities (Art. 42(5) GDPR).

For further information, we recommend contacting the relevant national DPA for your organisation. You can find a overview of all EEA DPAs here.

You can find further information regarding certification in the EDPB guidelines on the topic: Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the Regulation - version adopted after public consultation

Certification bodies are accredited by the national data protection authorities (DPA) or by the national accreditation body (named in accordance with Regulation 17065/2012). For further information regarding certification bodies, we recommend contacting the national DPA in your country. You can find an overview of all EEA DPAs here.

You can find further information regarding accreditation of certification bodies here: Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679)

All individuals residing in the European Economic Area (EEA) have the right to the protection of their personal data.

More specifically, under the GDPR, you have several rights

• Right to be informed
• Right of access
• Right to rectification
• Right to restriction of processing
• Right to data portability
• Right to object
• Right not be subject to a decision based solely on automated processing.

For more information on your rights, please consult our leaflet The GDPR and your rights or the EDPB Data Protection Guide for small business.

All comments submitted are screened and reviewed manually before being displayed on our website. There should have been a visual confirmation after submitting your comments on our website.

In any case, please allow for some time before your comments are published.

Once a public consultation is closed, all contributions to the public consultation are reviewed and, where necessary, the guidelines may be adapted. Once this process has been completed, the guidelines will be up for final adoption at a subsequent EDPB plenary.

O CEPD publica regularmente comunicados de imprensa, notícias, blogues e outros conteúdos no sítio Web do CEPD e nos seus canais de redes sociais (Twitter: @EU_EDPB; LinkedIn: Comité Europeu para a Proteção de Dados) para manter a comunidade de proteção de dados e o público em geral atualizados sobre o seu trabalho.

O sítio Web do CEPD dispõe igualmente de dois feeds RSS, que pode subscrever para atualizações automáticas das notícias do CEPD e das mais recentes publicações do CEPD.