Skip navigation

Jump to Content
Jump to Navigation
Jump to Supplementary list
Jump to Footer

Brexit and UK data protection
GDPR compliance
Data protection comparison
About us
- Newsletter
- Contact

About
Newsletter
Jobs
Contact

Brexit and UK data protection
GDPR compliance
Data protection comparison
About us
- Newsletter
- Contact

Home » Legislation » FDPA » § 77

§ 77 Confidential reporting of violations

The controller shall ensure that it is able to receive confidential reports of violations of data protection law which have occurred in its area of responsibility.

Post navigation

§ 78 General requirements

Part 1 – Common provisions (§ 1 - 21)

Chapter 1 – Scope and definitions

§ 1 Scope of the Act
§ 2 Definitions

Chapter 2 – Legal basis for processing personal data

§ 3 Processing of personal data by public bodies
§ 4 Video surveillance of publicly accessible spaces

Chapter 3 – Data protection officers of public bodies

§ 5 Designation
§ 6 Position
§ 7 Tasks

Chapter 4 – Federal Commissioner for Data Protection and Freedom of Information

§ 8 Establishment
§ 9 Competence
§ 10 Independence
§ 11 Appointment and term of office
§ 12 Official relationship
§ 13 Rights and obligations
§ 14 Tasks
§ 15 Activity reports
§ 16 Powers

Chapter 5 – Representation on the European Data Protection Board, single contact point, cooperation among the federal supervisory authorities and those of the Länder concerning European Union matters

§ 17 Representation on the European Data Protection Board, single contact point
§ 18 Procedures for cooperation among the federal and Länder supervisory authorities
§ 19 Responsibilities

Chapter 6 – Legal remedies

§ 20 Judicial remedy
§ 21 Application of the supervisory authority for a court decision if it believes that an adequacy decision by the European Commission violates the law

Part 2 – Implementing provisions for processing for purposes in accordance with Article 2 of Regulation (EU) 2016/679 (§ 22 - 44)

Chapter 1 – Legal basis for processing personal data

Sub-chapter 1 – Processing of special categories of personal data and processing for other purposes

§ 22 Processing of special categories of personal data
§ 23 Processing for other purposes by public bodies
§ 24 Processing for other purposes by private bodies
§ 25 Transfer of data by public bodies

Sub-chapter 2 – Special processing situations

§ 26 Data processing for employment-related purposes
§ 27 Data processing for purposes of scientific or historical research and for statistical purposes
§ 28 Data processing for archiving purposes in the public interest
§ 29 Rights of the data subject and powers of the supervisory authorities in the case of secrecy obligations
§ 30 Consumer loans
§ 31 Protection of commercial transactions in the case of scoring and credit reports

Chapter 2 – Rights of the data subject

§ 32 Information to be provided where personal data are collected from the data subject
§ 33 Information to be provided where personal data have not been obtained from the data subject
§ 34 Right of access by the data subject
§ 35 Right to erasure
§ 36 Right to object
§ 37 Automated individual decision-making, including profiling

Chapter 3 – Obligations of controllers and processors

§ 38 Data protection officers of private bodies
§ 39 Accreditation

Chapter 4 – Supervisory authorities for data processing by private bodies

§ 40 Supervisory authorities of the Länder

Chapter 5 – Penalties

§ 41 Application of provisions concerning criminal proceedings and proceedings to impose administrative fines
§ 42 Penal provisions
§ 43 Provisions on administrative fines

Chapter 6 – Legal remedies

§ 44 Proceedings against a controller or processor

Part 3 – Implementing provisions for processing for purposes in accordance with Article 1 (1) of Directive (EU) 2016/680 (§ 23 - 84)

Chapter 1 – Scope, definitions and general principles for processing personal data

§ 45 Scope
§ 46 Definitions
§ 47 General principles for processing personal data

Chapter 2 – Legal basis for processing personal data

§ 48 Processing of special categories of personal data
§ 49 Processing for other purposes
§ 50 Processing for archiving, scientific and statistical purposes
§ 51 Consent
§ 52 Processing on instructions from the controller
§ 53 Confidentiality
§ 54 Automated individual decision

Chapter 3 – Rights of the data subject

§ 55 General information on data processing
§ 56 Notification of data subjects
§ 57 Right of access
§ 58 Right to rectification and erasure and to restriction of processing
§ 59 Modalities for exercising the rights of the data subject
§ 60 Right to lodge a complaint with the Federal Commissioner
§ 61 Legal remedies against decisions of the Federal Commissioner or if he or she fails to take action

Chapter 4 – Obligations of controllers and processors

§ 62 Processing carried out on behalf of a controller
§ 63 Joint controllers
§ 64 Requirements for the security of data processing
§ 65 Notifying the Federal Commissioner of a personal data breach
§ 66 Notifying data subjects affected by a personal data breach
§ 67 Conducting a data protection impact assessment
§ 68 Cooperation with the Federal Commissioner
§ 69 Prior consultation of the Federal Commissioner
§ 70 Records of processing activities
§ 71 Data protection by design and by default
§ 72 Distinction between different categories of data subjects
§ 73 Distinction between facts and personal assessments
§ 74 Procedures for data transfers
§ 75 Rectification and erasure of personal data and restriction of processing
§ 76 Logging
§ 77 Confidential reporting of violations

Chapter 5 – Transfers of data to third countries and to international organizations

§ 78 General requirements
§ 79 Data transfers with appropriate safeguards
§ 80 Data transfers without appropriate safeguards
§ 81 Other data transfers to recipients in third countries

Chapter 6 – Cooperation among supervisory authorities

§ 82 Mutual assistance

Chapter 7 – Liability and penalties

§ 83 Compensation
§ 84 Penal provisions

Part 4 – Special provisions for processing in the context of activities outside the scope of Regulation (EU) 2016/679 und Directive (EU) 2016/680 (§ 85 - 86)

§ 85 Processing of personal data in the context of activities outside the scope of Regulation (EU) 2016/679 and Directive (EU) 2016/680

Offices

London Office
activeMind.legal UK Ltd.
20 Little Britain
London, EC1A7DH
Registered #11814518
Phone: +44 (0) 203 478 1400

Munich Office
activeMind.legal
Rechtsanwaltsgesellschaft m. b. H
Potsdamer Straße 3
80802 München, Germany
Phone: +49 (0) 89 / 919 29 49 00

Berlin Office
activeMind.legal
Rechtsanwaltsgesellschaft m. b. H
Kurfürstendamm 56
10707 Berlin, Germany
Phone: +49 (0) 30 / 770 19 10 70

Services

UK data protection support
EU representative according to the GDPR

Topics

Brexit and data protection in the UK
GDPR compliance for your business
Comparison of the GDPR and the data protection laws of EU Member States

Free content

Guides and articles
Templates and checklists
Data protection generators
Newsletter

Legislation

EU General Data Protection Regulation (full text)
German Federal Data Protection Act (full text)

Search

Search for:

About

About us
Contact
Career portal
Privacy Statement
Imprint

Certificates

© 2016 - 2020 activeMind.legal - powered by neudenken & KLEINWERKSTATT