We provide an outline of what information should be documented by a controller, under Article 33(5), in order to enable a supervisory authority to verify the controller’s compliance with Article 33. This is set out by reference to each of the subsections of Article 33.
Read More