| TIP: GDPR Data Controller Compliance Profile

GDPR Data Controller Compliance Profile, v1.0

Profile of requirements from the General Data Protection Regulation (GDPR) (EU) 2016/679 for the role of a Data Controller.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/gdpr-data-controller-compliance-profile/1.0/

Publication Date

2025-05-15

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

GDPR, Data Protection, Privacy, Data Privacy, Data Controller

Legal Notice

This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TD_LawfulFairandTransparentProcessingofPersonalData and TD_PurposeLimitationforCollectedPersonalData and TD_DataMinimizationforProcessingPurposes and TD_AccuracyandTimelyRectificationofPersonalData and TD_StorageLimitationBasedonProcessingNecessity and TD_SecurityandProtectionofPersonalData and TD_AccountabilityforCompliancewithProcessingPrinciples and TD_ConsentBasedProcessingofPersonalData and TD_ContractualNecessityasLegalBasis and TD_LegalObligationasLegalBasis and TD_VitalInterestsasLegalBasis and TD_PublicInterestorOfficialAuthorityasLegalBasis and TD_LegitimateInterestsasLegalBasis and TD_DemonstrabilityofConsent and TD_ClarityandAccessibilityofConsentRequests and TD_RighttoWithdrawConsent and TD_FreelyGivenConsent and TD_AgeBasedLimitationonProcessingChildrensData and TD_VerificationofParentalConsent and TD_RelianceonExplicitConsentforSpecialCategoryData and TD_RelianceonEmploymentandSocialProtectionObligations and TD_RelianceonVitalInterestsExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonNonProfitOrganizationsExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonPublicDisclosurebyDataSubjectExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonLegalClaimsExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonSubstantialPublicInterestExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonHealthcareandHealthManagementExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonPublicInterestinPublicHealthExceptionforProcessingSpecialCategoriesofPersonalData and TD_RelianceonArchivingResearchandStatisticsExceptionforProcessingSpecialCategoriesofPersonalData and TD_ProcessingofCriminalConvictionandRelatedData and TD_TransparentCommunicationwithDataSubjects and TD_FacilitationofDataSubjectRights and TD_TimelyResponsetoDataSubjectRequests and TD_DutytoInformWhenRefusingRequests and TD_ChargingFeesforRequests and TD_ProvidingBasicRequiredInformationUponDataCollection and TD_ProvidingAdditionalRequiredInformationUponDataCollection and TD_ProvidingBasicRequiredInformationUponIndirectDataCollection and TD_ProvidingAdditionalRequiredInformationUponIndirectDataCollection and TD_ProvidingTimelyInformationUponIndirectCollection and TD_FulfillmentofDataSubjectRightofAccess and TD_ProvidingaCopyofPersonalDatauponRequest and TD_FulfillmentoftheRighttoRectificationofPersonalData and TD_FulfillmentoftheRighttoErasureofPersonalData and TD_CommunicationofErasureRequesttoOtherControllers and TD_FulfillmentoftheRighttoRestrictionofProcessing and TD_PermittedProcessingDuringRestriction and TD_NotificationofRecipientsandDisclosureofRecipientInformationUponRequest and TD_ProvisionofPersonalDatainPortableFormat and TD_TransmissionofPersonalDatatoAnotherController and TD_FulfillmentoftheRighttoObjecttoLegitimateInterestorPublicTaskProcessing and TD_FulfillmentoftheRighttoObjecttoDirectMarketing and TD_DisclosureoftheRighttoObjecttoDirectMarketing and TD_ProhibitionofSolelyAutomatedDecisionMakingwithLegalorSimilarlySignificantEffects and TD_PermissibleConditionsforSolelyAutomatedDecisionMaking and TD_ImplementationofSafeguardsforSolelyAutomatedDecisions and TD_EstablishmentandDemonstrationofGDPRComplianceMeasures and TD_AdoptionofInternalPoliciesforGDPRCompliance and TD_ImplementationofDataProtectionbyDesign and TD_ImplementationofDataProtectionbyDefault and TD_EstablishmentofTransparentJointControllerArrangements and TD_DisclosureoftheEssenceofJointControllerArrangement and TD_AppointmentofEURepresentativebyNonEUEntities and TD_AvailabilityoftheEURepresentativetoSupervisoryAuthoritiesandDataSubjects and TD_EngagementofProcessorsProvidingSufficientGuarantees and TD_UseofSubProcessorsOnlywithWrittenAuthorization and TD_ExecutionofProcessingContractwithRequiredProvisions and TD_RestrictionofProcessingtoDocumentedInstructions and TD_MaintenanceofRecordsofProcessingActivitiesbytheDataController and TD_CooperationwiththeSupervisoryAuthority and TD_ImplementationofAppropriateSecurityMeasures and TD_NotificationofPersonalDataBreachtotheSupervisoryAuthority and TD_CommunicationofHighRiskPersonalDataBreachtotheDataSubject and TD_PerformanceofaDPIAPriortoHighRiskProcessing and TD_ConsultationoftheDataProtectionOfficerintheDPIAProcess and TD_MinimumContentRequirementsforaDPIA and TD_PriorConsultationwiththeSupervisoryAuthorityWhenNecessary and TD_PriorConsultationwiththeSupervisoryAuthorityBasedonDPIAOutcome and TD_SubmissionofDPIAandSupportingInformationDuringConsultation and TD_DesignationofaDataProtectionOfficerUnderSpecifiedConditions and TD_DesignationoftheDataProtectionOfficerBasedonExpertiseandProfessionalQualities and TD_PublicCommunicationandSupervisoryAuthorityNotificationoftheDataProtectionOfficer and TD_InvolvementoftheDataProtectionOfficerinAllDataProtectionMatters and TD_SupportfortheDataProtectionOfficersTasks and TD_SafeguardsfortheIndependenceandNonPenalizationoftheDataProtectionOfficer and TD_DefinitionandSupportofDataProtectionOfficerResponsibilities and TD_AdherencetoApprovedCodesofConductwithMonitoring and TD_CompliancewithAccreditedMonitoringBodyforCodesofConduct and TD_CooperationwithCertificationBodies and TD_CompliancewithGDPRRequirementsforInternationalDataTransfers and TD_RelianceonAdequacyDecisionsforDataTransfers and TD_ImplementationofAppropriateSafeguardsforInternationalTransfers and TD_UseofApprovedBindingCorporateRulesforGroupTransfers and TD_RestrictiononThirdCountryAccessWithoutEULegalAuthorization and TD_UseofDerogationsforInternationalDataTransfersWithoutSafeguards and TD_LiabilityforGDPRViolationsCausingDamage and TD_AccountabilityforCompliancewiththeGDPRSubjecttoFines

References (97)

TD Lawful, Fair, and Transparent Processing of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(a).
ID	TD_LawfulFairandTransparentProcessingofPersonalData
Provider Reference

TD Purpose Limitation for Collected Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(b).
ID	TD_PurposeLimitationforCollectedPersonalData
Provider Reference

TD Data Minimization for Processing Purposes, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(c).
ID	TD_DataMinimizationforProcessingPurposes
Provider Reference

TD Accuracy and Timely Rectification of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(d).
ID	TD_AccuracyandTimelyRectificationofPersonalData
Provider Reference

TD Storage Limitation Based on Processing Necessity, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(e).
ID	TD_StorageLimitationBasedonProcessingNecessity
Provider Reference

TD Security and Protection of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(f).
ID	TD_SecurityandProtectionofPersonalData
Provider Reference

TD Accountability for Compliance with Processing Principles, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(2).
ID	TD_AccountabilityforCompliancewithProcessingPrinciples
Provider Reference

TD Consent-Based Processing of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 6(1)(a).
ID	TD_ConsentBasedProcessingofPersonalData
Provider Reference

TD Contractual Necessity as Legal Basis, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 6(1)(b).
ID	TD_ContractualNecessityasLegalBasis
Provider Reference

TD Legal Obligation as Legal Basis, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 6(1)(c).
ID	TD_LegalObligationasLegalBasis
Provider Reference

TD Vital Interests as Legal Basis, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 6(1)(d).
ID	TD_VitalInterestsasLegalBasis
Provider Reference

TD Public Interest or Official Authority as Legal Basis, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 6(1)(e).
ID	TD_PublicInterestorOfficialAuthorityasLegalBasis
Provider Reference

TD Legitimate Interests as Legal Basis, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 6(1)(f).
ID	TD_LegitimateInterestsasLegalBasis
Provider Reference

TD Demonstrability of Consent, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 7(1).
ID	TD_DemonstrabilityofConsent
Provider Reference

TD Clarity and Accessibility of Consent Requests, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 7(2).
ID	TD_ClarityandAccessibilityofConsentRequests
Provider Reference

TD Right to Withdraw Consent, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 7(3).
ID	TD_RighttoWithdrawConsent
Provider Reference

TD Freely Given Consent, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 7(4).
ID	TD_FreelyGivenConsent
Provider Reference

TD Age-Based Limitation on Processing Children's Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 8(1).
ID	TD_AgeBasedLimitationonProcessingChildrensData
Provider Reference

TD Verification of Parental Consent, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 8(2).
ID	TD_VerificationofParentalConsent
Provider Reference

TD Reliance on Explicit Consent for Special Category Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(a).
ID	TD_RelianceonExplicitConsentforSpecialCategoryData
Provider Reference

TD Reliance on Employment and Social Protection Obligations, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(b).
ID	TD_RelianceonEmploymentandSocialProtectionObligations
Provider Reference

TD Reliance on Vital Interests Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(c).
ID	TD_RelianceonVitalInterestsExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Non-Profit Organizations Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(d).
ID	TD_RelianceonNonProfitOrganizationsExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Public Disclosure by Data Subject Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(e).
ID	TD_RelianceonPublicDisclosurebyDataSubjectExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Legal Claims Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(f).
ID	TD_RelianceonLegalClaimsExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Substantial Public Interest Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(g).
ID	TD_RelianceonSubstantialPublicInterestExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Healthcare and Health Management Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(h).
ID	TD_RelianceonHealthcareandHealthManagementExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Public Interest in Public Health Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(i).
ID	TD_RelianceonPublicInterestinPublicHealthExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Reliance on Archiving, Research, and Statistics Exception for Processing Special Categories of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 9(2)(j).
ID	TD_RelianceonArchivingResearchandStatisticsExceptionforProcessingSpecialCategoriesofPersonalData
Provider Reference

TD Processing of Criminal Conviction and Related Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 10.
ID	TD_ProcessingofCriminalConvictionandRelatedData
Provider Reference

TD Transparent Communication with Data Subjects, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 12(1).
ID	TD_TransparentCommunicationwithDataSubjects
Provider Reference

TD Facilitation of Data Subject Rights, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 12(2).
ID	TD_FacilitationofDataSubjectRights
Provider Reference

TD Timely Response to Data Subject Requests, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 12(3).
ID	TD_TimelyResponsetoDataSubjectRequests
Provider Reference

TD Duty to Inform When Refusing Requests, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 12(4).
ID	TD_DutytoInformWhenRefusingRequests
Provider Reference

TD Charging Fees for Requests, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 12(5).
ID	TD_ChargingFeesforRequests
Provider Reference

TD Providing Basic Required Information Upon Data Collection, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 13(1).
ID	TD_ProvidingBasicRequiredInformationUponDataCollection
Provider Reference

TD Providing Additional Required Information Upon Data Collection, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 13(2).
ID	TD_ProvidingAdditionalRequiredInformationUponDataCollection
Provider Reference

TD Providing Basic Required Information Upon Indirect Data Collection, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 14(1).
ID	TD_ProvidingBasicRequiredInformationUponIndirectDataCollection
Provider Reference

TD Providing Additional Required Information Upon Indirect Data Collection, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 14(2).
ID	TD_ProvidingAdditionalRequiredInformationUponIndirectDataCollection
Provider Reference

TD Providing Timely Information Upon Indirect Collection, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 14(3).
ID	TD_ProvidingTimelyInformationUponIndirectCollection
Provider Reference

TD Fulfillment of Data Subject Right of Access, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 15(1).
ID	TD_FulfillmentofDataSubjectRightofAccess
Provider Reference

TD Providing a Copy of Personal Data upon Request, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 15(3).
ID	TD_ProvidingaCopyofPersonalDatauponRequest
Provider Reference

TD Fulfillment of the Right to Rectification of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 16.
ID	TD_FulfillmentoftheRighttoRectificationofPersonalData
Provider Reference

TD Fulfillment of the Right to Erasure of Personal Data, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 17(1).
ID	TD_FulfillmentoftheRighttoErasureofPersonalData
Provider Reference

TD Communication of Erasure Request to Other Controllers, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 17(2).
ID	TD_CommunicationofErasureRequesttoOtherControllers
Provider Reference

TD Fulfillment of the Right to Restriction of Processing, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 18(1).
ID	TD_FulfillmentoftheRighttoRestrictionofProcessing
Provider Reference

TD Permitted Processing During Restriction, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 18(2).
ID	TD_PermittedProcessingDuringRestriction
Provider Reference

TD Notification of Recipients and Disclosure of Recipient Information Upon Request, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 19.
ID	TD_NotificationofRecipientsandDisclosureofRecipientInformationUponRequest
Provider Reference

TD Provision of Personal Data in Portable Format, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 20(1).
ID	TD_ProvisionofPersonalDatainPortableFormat
Provider Reference

TD Transmission of Personal Data to Another Controller, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 20(2).
ID	TD_TransmissionofPersonalDatatoAnotherController
Provider Reference

TD Fulfillment of the Right to Object to Legitimate Interest or Public Task Processing, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 21(1).
ID	TD_FulfillmentoftheRighttoObjecttoLegitimateInterestorPublicTaskProcessing
Provider Reference

TD Fulfillment of the Right to Object to Direct Marketing, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 21(2).
ID	TD_FulfillmentoftheRighttoObjecttoDirectMarketing
Provider Reference

TD Disclosure of the Right to Object to Direct Marketing, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 21(4).
ID	TD_DisclosureoftheRighttoObjecttoDirectMarketing
Provider Reference

TD Prohibition of Solely Automated Decision-Making with Legal or Similarly Significant Effects, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 22(1).
ID	TD_ProhibitionofSolelyAutomatedDecisionMakingwithLegalorSimilarlySignificantEffects
Provider Reference

TD Permissible Conditions for Solely Automated Decision-Making, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 22(2).
ID	TD_PermissibleConditionsforSolelyAutomatedDecisionMaking
Provider Reference

TD Implementation of Safeguards for Solely Automated Decisions, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 22(3).
ID	TD_ImplementationofSafeguardsforSolelyAutomatedDecisions
Provider Reference

TD Establishment and Demonstration of GDPR Compliance Measures, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 24(1).
ID	TD_EstablishmentandDemonstrationofGDPRComplianceMeasures
Provider Reference

TD Adoption of Internal Policies for GDPR Compliance, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 24(2).
ID	TD_AdoptionofInternalPoliciesforGDPRCompliance
Provider Reference

TD Implementation of Data Protection by Design, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 25(1).
ID	TD_ImplementationofDataProtectionbyDesign
Provider Reference

TD Implementation of Data Protection by Default, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 25(2).
ID	TD_ImplementationofDataProtectionbyDefault
Provider Reference

TD Establishment of Transparent Joint Controller Arrangements, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 26(1).
ID	TD_EstablishmentofTransparentJointControllerArrangements
Provider Reference

TD Disclosure of the Essence of Joint Controller Arrangement, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 26(2).
ID	TD_DisclosureoftheEssenceofJointControllerArrangement
Provider Reference

TD Appointment of EU Representative by Non-EU Entities, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 27(1).
ID	TD_AppointmentofEURepresentativebyNonEUEntities
Provider Reference

TD Availability of the EU Representative to Supervisory Authorities and Data Subjects, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 27(3).
ID	TD_AvailabilityoftheEURepresentativetoSupervisoryAuthoritiesandDataSubjects
Provider Reference

TD Engagement of Processors Providing Sufficient Guarantees, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 28(1).
ID	TD_EngagementofProcessorsProvidingSufficientGuarantees
Provider Reference

TD Use of Sub-Processors Only with Written Authorization, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 28(2).
ID	TD_UseofSubProcessorsOnlywithWrittenAuthorization
Provider Reference

TD Execution of Processing Contract with Required Provisions, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 28(3).
ID	TD_ExecutionofProcessingContractwithRequiredProvisions
Provider Reference

TD Restriction of Processing to Documented Instructions, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 29.
ID	TD_RestrictionofProcessingtoDocumentedInstructions
Provider Reference

TD Maintenance of Records of Processing Activities by the Data Controller, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 30(1).
ID	TD_MaintenanceofRecordsofProcessingActivitiesbytheDataController
Provider Reference

TD Cooperation with the Supervisory Authority, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 31.
ID	TD_CooperationwiththeSupervisoryAuthority
Provider Reference

TD Implementation of Appropriate Security Measures, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 32(1).
ID	TD_ImplementationofAppropriateSecurityMeasures
Provider Reference

TD Notification of Personal Data Breach to the Supervisory Authority, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 33(1).
ID	TD_NotificationofPersonalDataBreachtotheSupervisoryAuthority
Provider Reference

TD Communication of High-Risk Personal Data Breach to the Data Subject, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 34(1).
ID	TD_CommunicationofHighRiskPersonalDataBreachtotheDataSubject
Provider Reference

TD Performance of a DPIA Prior to High-Risk Processing, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 35(1).
ID	TD_PerformanceofaDPIAPriortoHighRiskProcessing
Provider Reference

TD Consultation of the Data Protection Officer in the DPIA Process, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 35(2).
ID	TD_ConsultationoftheDataProtectionOfficerintheDPIAProcess
Provider Reference

TD Minimum Content Requirements for a DPIA, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 35(7).
ID	TD_MinimumContentRequirementsforaDPIA
Provider Reference

TD Prior Consultation with the Supervisory Authority When Necessary, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 35(9).
ID	TD_PriorConsultationwiththeSupervisoryAuthorityWhenNecessary
Provider Reference

TD Prior Consultation with the Supervisory Authority Based on DPIA Outcome, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 36(1).
ID	TD_PriorConsultationwiththeSupervisoryAuthorityBasedonDPIAOutcome
Provider Reference

TD Submission of DPIA and Supporting Information During Consultation, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 36(3).
ID	TD_SubmissionofDPIAandSupportingInformationDuringConsultation
Provider Reference

TD Designation of a Data Protection Officer Under Specified Conditions, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 37(1).
ID	TD_DesignationofaDataProtectionOfficerUnderSpecifiedConditions
Provider Reference

TD Designation of the Data Protection Officer Based on Expertise and Professional Qualities, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 37(5).
ID	TD_DesignationoftheDataProtectionOfficerBasedonExpertiseandProfessionalQualities
Provider Reference

TD Public Communication and Supervisory Authority Notification of the Data Protection Officer, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 37(7).
ID	TD_PublicCommunicationandSupervisoryAuthorityNotificationoftheDataProtectionOfficer
Provider Reference

TD Involvement of the Data Protection Officer in All Data Protection Matters, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 38(1).
ID	TD_InvolvementoftheDataProtectionOfficerinAllDataProtectionMatters
Provider Reference

TD Support for the Data Protection Officer's Tasks, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 38(2).
ID	TD_SupportfortheDataProtectionOfficersTasks
Provider Reference

TD Safeguards for the Independence and Non-Penalization of the Data Protection Officer, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 38(3).
ID	TD_SafeguardsfortheIndependenceandNonPenalizationoftheDataProtectionOfficer
Provider Reference

TD Definition and Support of Data Protection Officer Responsibilities, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 39(1).
ID	TD_DefinitionandSupportofDataProtectionOfficerResponsibilities
Provider Reference

TD Adherence to Approved Codes of Conduct with Monitoring, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 40(4).
ID	TD_AdherencetoApprovedCodesofConductwithMonitoring
Provider Reference

TD Compliance with Accredited Monitoring Body for Codes of Conduct, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 41(4).
ID	TD_CompliancewithAccreditedMonitoringBodyforCodesofConduct
Provider Reference

TD Cooperation with Certification Bodies, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 42(3).
ID	TD_CooperationwithCertificationBodies
Provider Reference

TD Compliance with GDPR Requirements for International Data Transfers, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 44.
ID	TD_CompliancewithGDPRRequirementsforInternationalDataTransfers
Provider Reference

TD Reliance on Adequacy Decisions for Data Transfers, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 45(1).
ID	TD_RelianceonAdequacyDecisionsforDataTransfers
Provider Reference

TD Implementation of Appropriate Safeguards for International Transfers, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 46(1).
ID	TD_ImplementationofAppropriateSafeguardsforInternationalTransfers
Provider Reference

TD Use of Approved Binding Corporate Rules for Group Transfers, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 47(1).
ID	TD_UseofApprovedBindingCorporateRulesforGroupTransfers
Provider Reference

TD Restriction on Third-Country Access Without EU Legal Authorization, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 48.
ID	TD_RestrictiononThirdCountryAccessWithoutEULegalAuthorization
Provider Reference

TD Use of Derogations for International Data Transfers Without Safeguards, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 49(1).
ID	TD_UseofDerogationsforInternationalDataTransfersWithoutSafeguards
Provider Reference

TD Liability for GDPR Violations Causing Damage, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 82(2)-(3).
ID	TD_LiabilityforGDPRViolationsCausingDamage
Provider Reference

TD Accountability for Compliance with the GDPR, Subject to Fines, v1.0
Description	Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 83(2)-(6).
ID	TD_AccountabilityforCompliancewiththeGDPRSubjecttoFines
Provider Reference

Sources (1)

GDPR	General Data Protection Regulation (GDPR) (EU) 2016/679, as published in the Official Journal of the European Union (OJ L 119, 4.5.2016, p. 1-88).

Also available as XML or JSON