🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays
Call us on +(33)4 28 70 91 81
Log in

Article 24 of the GDPR: Responsibility of the data controller

Home GDPR articles decrypted Article 24 of the GDPR: Responsibility of the data controller

Article 24 of the GDPR enshrines the principle of responsibility (accountability) from the data controller. It requires any organization processing personal data to implement appropriate measures to ensure GDPR compliance.

Article 24 of the GDPR explained

The controller must implement appropriate technical and organizational measures, as defined by the GDPR, in order to ensure and be able to demonstrate that the processing is carried out in accordance with the Regulation. These measures must be adjusted according to:

  • The nature, scope, context and purposes of the processing;
  • Risks to the rights and freedoms of individuals.

These measures include in particular internal policies and the implementation of effective guarantees.

Why is this article important for your GDPR compliance?

This principle is at the heart of the GDPR: the data controller must be proactive, document its actions and be able to justify its compliance at any time. This involves a rigorous approach to the management of personal data and anticipation of risks.

How to comply with Article 24 of the GDPR?

  • Set one up data protection policy formalized.
  • Hold one processing register up to date.
  • Regularly assess treatment risks (PIA if necessary).
  • Raise awareness among your teams and document all compliance actions taken.

Examples of application of Article 24 of the GDPR

  • A company draws up an internal GDPR charter and has each employee sign it.
  • A GDPR manager maintains a documented record of all data processing.
  • An association carries out an impact analysis before launching a donation campaign with the collection of sensitive information.

Related Resources

Accelerate your compliance in just a few clicks

With our all-in-one solution, you can accelerate and ensure compliance easily:

  • Automate your compliance with our GDPR software
  • Supported or outsourced by our DPO experts
  • Raise awareness among your teams with our GDPR training e-learning

Request a demo with an expert

Assess your situation in 15 minutes with our free, no-obligation GDPR self-diagnosis.

GDPR: Self-assess now

Other articles
on the same subject