There are circumstances under which it may be reasonable and economical for the subject of a data protection impact assessment to be broader than a single project, for example where public authorities or bodies intend to establish a common application or processing platform or where several controllers plan to introduce a common application or processing environment across an industry sector or segment or for a widely used horizontal activity.
GDPR Recital EN
Recital 92
Related across sources
Enforcement Company: Non-compliance with general data processing principles Enforcement Comune di Nave: Insufficient legal basis for data processing Guidance Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Version 2.0 Adopted on 20 October 2020 Guidance Guidelines 01/2021 Guidance Guidelines 05/2020 on consent under Regulation 2016/679 Guidance Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the Regulation