This Chapter sets out -
(a) the general obligations of controllers and processors (see sections 102 to 106);
(b) specific obligations of controllers and processors with respect to security (see section 107);
(c) specific obligations of controllers and processors with respect to personal data breaches (see section 108).