Part 3 Law enforcement processing (ss. 29-81)

Chapter 1 Scope and definitions (ss. 29-33)
Scope (s. 29)
In force
29. Processing to which this Part applies
Definitions (ss. 30-33)
In force
30. Meaning of "competent authority"
In force
31. "The law enforcement purposes"
In force
32. Meaning of "controller" and "processor"
In force
33. Other definitions
Chapter 2 Principles (ss. 34-42)
In force
34. Overview and general duty of controller
In force
35. The first data protection principle
In force
36. The second data protection principle
In force
37. The third data protection principle
In force
38. The fourth data protection principle
In force
39. The fifth data protection principle
In force
40. The sixth data protection principle
In force
41. Safeguards: archiving
In force
42. Safeguards: sensitive processing
Chapter 3 Rights of the data subject (ss. 43-54)
Overview and scope (s. 43)
In force
43. Overview and scope
Information: controller's general duties (s. 44)
In force
44. Information: controller's general duties
Data subject's right of access (s. 45)
In force
45. Right of access by the data subject
Data subject's rights to rectification or erasure etc (ss. 46-48)
In force
46. Right to rectification
In force
47. Right to erasure or restriction of processing
In force
48. Rights under section 46 or 47: supplementary
Automated individual decision-making (ss. 49-50)
In force
49. Right not to be subject to automated decision-making
In force
50. Automated decision-making authorised by law: safeguards
Supplementary (ss. 51-54)
In force
51. Exercise of rights through the Commissioner
In force
52. Form of provision of information etc
In force
53. Manifestly unfounded or excessive requests by the data subject
In force
54. Meaning of "applicable time period"
Chapter 4 Controller and processor (ss. 55-71)
In force
55. Overview and scope
General obligations (ss. 56-65)
In force
56. General obligations of the controller
In force
57. Data protection by design and default
In force
58. Joint controllers
In force
59. Processors
In force
60. Processing under the authority of the controller or processor
In force
61. Records of processing activities
In force
62. Logging
In force
63. Co-operation with the Commissioner
In force
64. Data protection impact assessment
In force
65. Prior consultation with the Commissioner
Obligations relating to security (s. 66)
In force
66. Security of processing
Obligations relating to personal data breaches (ss. 67-68)
In force
67. Notification of a personal data breach to the Commissioner
In force
68. Communication of a personal data breach to the data subject
Data protection officers (ss. 69-71)
In force
69. Designation of a data protection officer
In force
70. Position of data protection officer
In force
71. Tasks of data protection officer
Chapter 5 Transfers of personal data to third countries etc (ss. 72-78)
Overview and interpretation (s. 72)
In force
72. Overview and interpretation
General principles for transfers (ss. 73-76)
In force
73. General principles for transfers of personal data
In force
74. Transfers on the basis of an adequacy decision
In force
74A. Transfers based on adequacy regulations
In force
74B. Transfers based on adequacy regulations: review etc
In force
75. Transfers on the basis of appropriate safeguards
In force
76. Transfers on the basis of special circumstances
Transfers to particular recipients (s. 77)
In force
77. Transfers of personal data to persons other than relevant authorities
Subsequent transfers (s. 78)
In force
78. Subsequent transfers
Chapter 6 Supplementary (ss. 79-81)
In force
79. National security: certificate
In force
80. Special processing restrictions
In force
81. Reporting of infringements