Data protection case law Court of Justice

List of categories


- Charter of fundamental rights of the EU

- Article 7 - Respect for private and family life
- Article 8 - Protection of personal data
- Article 11 - Freedom of expression and information
- Article 47 - Right to an effective remedy and to a fair trial
- Article 52 - Scope of guaranteed rights

- General data protection law

- Chapter I - General Provisions
  - Material Scope - General
  - Material scope - Activity outside the scope of Union law exemption
  - Material Scope - Criminal offence and public security exemption
  - Material Scope - Household exemption
  - Territorial Scope
  - Definitions - Personal Data
  - Definitions - Processing
  - Definitions - Data Controller
  - Definitions - Data Processor
  - Definitions - Recipient
  - Definitions - Filing System
  - Definitions - Main Establishment
- Chapter II - Principles
  - Lawfulness, fairness and transparency
  - Purpose limitation
  - Data minimisation
  - Accuracy
  - Storage limitation
  - Integrity and confidentiality
  - Accountability
  - Lawfulness - Consent
  - Lawfulness - Consent of children
  - Lawfulness - Contractual necessity
  - Lawfulness - Legal obligation
  - Lawfulness - Protection of a vital interest
  - Lawfulness - Performance of a task of public interest or official authority
  - Lawfulness - Legitimate interest
  - Further processing
  - Lawfulness - Special categories of personal data
  - Lawfulness - Processing of personal data relating to criminal convictions and offences
  - Processing which does not require identification
- Chapter III - Rights of the data subject
  - Transparent information, communication and modalities for the exercise of the rights of the data subject
  - Information to be provided in case of direct collection
  - Information to be provided in case of indirect collection
  - Right of access
  - Right to rectification
  - Right to erasure
  - Right to restriction of processing
  - Notification obligation to recipients
  - Right to data portability
  - Right to object
  - Automated individual decision-making, including profiling
  - Restrictions
- Chapter IV - Controller and processor
  - Responsibility of the controller
  - Data protection by design
  - Data protection by default
  - Joint controllers
  - Permanent representative
  - Data processor agreement
  - Processing under the authority of the controller or processor
  - Records of processing activities
  - Security of processing
  - Notification of personal data breach
  - Data protection impact assessment
  - Prior consultation
  - Data protection officer
  - Codes of conduct
  - Certification
  - Obligation to notify the supervisory authority
- Chapter V - International data transfer
  - General principle for transfers
  - Adequacy decision
  - Appropriate safeguards - EU Model Clauses
  - Appropriate safeguards - Binding Corporate Rules
  - Appropriate safeguards - Code of conduct
  - Derogations
- Chapter VI - Independent supervisory authorities
  - Independent status
  - Competence
  - Tasks
  - Powers
- Chapter VII - Cooperation and consistency
  - Cooperation
  - Consistency
  - European Data Protection Board
- Chapter VIII - Remedies, liability and penalties
  - Right to lodge a complaint with a supervisory authority
  - Right to an effective remedy against a supervisory authority
  - Right to an effective judicial remedy against a controller or processor
  - Representation of data subjects
  - Suspension of proceedings
  - Right to compensation and liability
  - Administrative fines
  - Penalties
- Chapter IX - Provisions relating to specific processing operations
  - Processing and freedom of expression and information
  - Processing and public access to official documents
  - Processing of the national identification number
  - Processing in the context of employment
  - Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes

- E-privacy Directive

- Material scope
- Electronic communications
  - Security of Processing
  - Confidentiality of electronic communications
  - Traffic data
  - Location data
  - Directories of subscribers
  - Data retention and access of national authorities
  - Application of certain general data protection provisions
- Direct marketing
- Cookies
- National regulatory authorities
- Directories of subscribers

- Data Retention Directive


- NIS Directive


- Law Enforcement Directive

Disclaimer