Data processing includes the performance of some particularly sensitive actions in terms of data protection. This part of the Guidelines includes information on how to share data or databases, access existing databases held by third parties, send data to third countries or document data processing in the way foreseen by the applicable regulations.
In order to ensure that the controller is indeed able to reconcile all the interests involved, it is important to use some tools to this end. This section of the Guidelines is intended to help the controller understand how to draft a Data Management Plan, or how to perform a DPIA or a balancing test.