Recommendation 01/2019 on the draft list of the European Data Protection Supervisor regarding the processing operations subject to the requirement of a data protection impact assessment.
(Article 39.4 of Regulation (EU) 2018/1725)
Adopted on 10 July 2019
18. The Board invites the European Data Protection Supervisor to make the following changes to its list: Regarding sensitive data: the Board recommendsthe European Data Protection Supervisor to amend its list by modifying the wording “or otherwise considered sensitive” and use the exact wording of the DPIA guidelines; Regarding data processed on a large scale: the Board recommends to the European Data
Protection Supervisor to amend its list by using a different counterexample ; Regarding datasets matched or combined from different data processing operations: the Board recommends to the European Data Protection Supervisor to amend its list by using a different example ; Regarding vulnerable data subjects: the Board recommends to the European Data Protection Supervisor to amend its list by using a different counterexample ;