Search

Recital 84

1 In order to enhance compliance with this Regulation where processing operations are likely to result in a high risk to the rights and freedoms of natural persons, the controller should be responsible for the carrying-out of a data protection impact assessment to evaluate, in particular, the origin, nature, particularity and severity of that risk. 2 The outcome of the assessment should be taken into account when determining the appropriate measures to be taken in order to demonstrate that the processing of personal data complies with this Regulation. 3 Where a data-protection impact assessment indicates that processing operations involve a high risk which the controller cannot mitigate by appropriate measures in terms of available technology and costs of implementation, a consultation of the supervisory authority should take place prior to the processing.


This recital of the General Data Protection Regulation clarifies article 35 GDPR (Data protection impact assessment).*

The reference between articles and recitals is based on the professional assessment of activeMind.legal.

Contact us!

Assistance with data protection?

Subscribe to our free newsletter! 

Secure the knowledge of our experts!

Subscribe to our free newsletter: