Directives-Decisions
General Privacy
Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR)
Data Retention
Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with provision of publicly available electronic communications services or of public communications networks
Anti-Spam
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (ePrivacy Directive)
Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC, Directive 2002/58/EC, and Regulation (EC) No. 2006/2004 (Telecoms Package)
Telecommunications
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (ePrivacy Directive)
Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC, Directive 2002/58/EC, and Regulation (EC) No. 2006/2004 (Telecoms Package)
Cyber Crime
Directive 2013/40/EU of the European Parliament and of the Council of August 12, 2013 on attacks against information systems
Replaces Council Framework Decision 2005/22/JHA
Model Contracts
Standard Contractual Clauses
The New Standard Contractual Clauses - Questions and Answers
Binding Corporate Rules
BCR Overview
Key Documents
Approved BCRs
Transfers to Third Countries - Adequacy Decisions
Adequacy decisions (europa.eu)