Accountability is about compliance and demonstration of compliance. It directly references the six principles of data protection defined in Art. 5(1) but indirectly extends to the entire GDPR.

Art. 24 GDPR provides details on how a controller has to achieve compliance and demonstrate it. Art. 25(1) on data protection by design illustrates how compliance (and consequently also its demonstration) must be considered to be a continuous process that spans all life cycles of a processing activity. The codes of conduct and the certification that can help with compliance and its certification are described in Art. 40 and 42 GDPR, respectively.

Articles particularly pertinent to the demonstration of compliance are 30 records of processing and 35 data protection impact assessment.