GDPR Compliance Guide

GDPR Articles

GDPR Compliance Guide
Recitals
Articles
Chapter 1
General Provisions (Art. 1 – 4)
Chapter 2
Principles (Art. 5 – 11)
Chapter 3
Rights of the data subject (Art. 12 – 23)
Chapter 4
Controller and processor (Art. 24 – 43)
Chapter 5
Transfers of personal data to third countries or international organizations (Art. 44 – 50)
Chapter 6
Independent supervisory authorities (Art. 51 – 59)
Chapter 7
Cooperation and consistency (Art. 60 – 76)
Chapter 8
Remedies, liability and penalties (Art. 77 – 84)
Chapter 9
Provisions relating to specific processing situations (Art. 85 – 91)
Chapter 10
Delegated acts and implementing acts (Art. 92 – 93)
Chapter 11
Final provisions (Art. 94 – 99)

Chapter 9   >   Article 90

Article 90: Obligations of secrecy

  1. Member States may adopt specific rules to set out the powers of the supervisory authorities laid down in points (e) and (f) of Article 58(1) in relation to controllers or processors that are subject, under Union or Member State law or rules established by national competent bodies, to an obligation of professional secrecy or other equivalent obligations of secrecy where this is necessary and proportionate to reconcile the right of the protection of personal data with the obligation of secrecy. Those rules shall apply only with regard to personal data which the controller or processor has received as a result of or has obtained in an activity covered by that obligation of secrecy.

  2. Each Member State shall notify to the Commission the rules adopted pursuant to paragraph 1, by 25 May 2018 and, without delay, any subsequent amendment affecting them.

Relevant Recitals: 164

GDPR Articles

Article 89: Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes

GDPR Articles

Article 91: Existing data protection rules of churches and religious associations