§ GDPR · Article 26

GDPR Article 26: Obligations, Deadlines & Penalties

Regulation (EU) 2016/679, Article 26 · All obligations · GDPR
At a glance
Article 26 of the GDPR imposes 4 obligations on controller.
§ Obligations

All obligations under Article 26

Obligation 1
Joint controllers shall determine their respective responsibilities for compliance with the Regulation, particularly regarding data subject rights and information duties, by means of an arrangement between them. Regulation (EU) 2016/679, Article 26, Article 26
Obligated entity
controller
Action required
determine
Deadline
Penalty
Exemptions
Where respective responsibilities are determined by Union or Member State law.
Obligation 2
The arrangement between joint controllers may designate a contact point for data subjects. Regulation (EU) 2016/679, Article 26, Article 26
Obligated entity
controller
Action required
designate
Deadline
Penalty
Obligation 3
The arrangement between joint controllers shall duly reflect their respective roles and relationships vis-à-vis the data subjects. Regulation (EU) 2016/679, Article 26, Article 26
Obligated entity
controller
Action required
reflect
Deadline
Penalty
Obligation 4
The essence of the arrangement between joint controllers shall be made available to the data subject. Regulation (EU) 2016/679, Article 26, Article 26
Obligated entity
controller
Action required
make available
Deadline
Penalty
§ Frequently asked

Questions about Article 26

Who must comply with Article 26 of the GDPR? +
controller.
What does Article 26 of the GDPR require? +
determine designate reflect
Need a cross-border briefing on GDPR Article 26?
Search Fontvera ↵
All EU obligation pages  ·  All GDPR articles