Compliance Glossary
117 specialist terms from GDPR, EU AI Act, NIS2, Whistleblower Protection (HinSchG) and Anti-Discrimination (AGG / Pay Transparency) — concisely defined with statutory references and practical examples.
GDPR
37 terms in GDPR
Accountability
Article 37 GDPR — Obligation to Appoint a DPO
Automated Decision-Making (Article 22)
BCR (Binding Corporate Rules)
CCPA vs. GDPR
Certification under Article 42 GDPR
Consent (Articles 6 and 7 GDPR)
Consistency Mechanism (EDPB)
Controller (GDPR)
Data Minimisation
Data Portability (Article 20)
Data Privacy Framework (DPF)
Data Processor
Data Protection Officer (DPO)
Data Protection Officer — when is it required?
Data Subject Rights (Overview)
DPA (Data Processing Agreement)
DPIA (Data Protection Impact Assessment)
DPIA Triggers
Loi Informatique et Libertés (FR)
Personal Data
Personal Data Breach
Prior Consultation Obligation (Article 36)
Privacy by Design
Privacy Notice
Pseudonymisation
Purpose Limitation
Right of Access (Article 15 GDPR)
Right to Erasure (Article 17 GDPR)
ROPA (Records of Processing Activities)
Schrems II
Section 38 BDSG (DPO Obligation)
Special Categories of Personal Data (Article 9)
Storage Limitation
Third Country
TIA (Transfer Impact Assessment)
TOM (Technical and Organisational Measures)
EU AI Act
30 terms in EU AI Act
AI Literacy (Article 4 EU AI Act)
AI System (Article 3 EU AI Act)
Annex II (EU AI Act)
Annex IV (Technical Documentation)
Article 50 EU AI Act — Transparency Obligations
CE Marking (AI Act)
Conformity Assessment (Article 43 EU AI Act)
Data Governance (Article 10 EU AI Act)
Deployer (EU AI Act)
EU AI Office
EU Charter of Fundamental Rights
EU Model Register
FRIA (Fundamental Rights Impact Assessment)
GPAI (General Purpose AI)
GPAI Provider Obligations 2026
High-Impact / Systemic Risk (EU AI Act)
High-Risk AI (Annex III)
Human Oversight (Article 14 EU AI Act)
Logging Obligation (Article 12 EU AI Act)
Market Surveillance (EU AI Act)
Notified Body
Placing on the Market (EU AI Act)
Post-Market Monitoring (Article 72)
Prohibited AI Practice (Article 5 EU AI Act)
Provider (EU AI Act)
Putting into Service
Real-World Testing (Article 60 EU AI Act)
Sandbox (Article 57)
Substantial Modification (EU AI Act)
Technical Documentation (Annex IV)
NIS2 / BSIG
24 terms in NIS2
Asset Inventory
Backup Strategy
BCM (Business Continuity Management) — NIS2
BSI Reporting Portal (24/72/30)
CSIRT (BSI)
Essential Entity (NIS2)
Important Entity (NIS2)
Incident (NIS2)
Incident Response Plan
Incident Response — Article 23 NIS2
ISAE 3402
ISMS (Information Security Management System)
ISO 27001 vs. TISAX
KRITIS (Critical Infrastructure)
MFA (Multi-Factor Authentication)
Near-Miss Incident
NIS2 — Securing the Supply Chain
NIS2UmsuCG (German NIS2 Transposition Act)
Patch Management
Section 30 BSIG
Section 38 BSIG
Significant Incident
Threat Analysis
Zero Trust
Whistleblower (HinSchG)
11 terms in HinSchG
Anonymous Report (HinSchG)
Audit Obligation (HinSchG)
Confidentiality (German Whistleblower Protection Act, HinSchG)
Corporate Group Reporting Office (Hybrid)
HinSchG — Group Reporting Office
HinSchG — International Reporting Office
Internal Reporting Office (Section 12 HinSchG)
Investigation (HinSchG)
Prohibition of Retaliation (Section 36 HinSchG)
Proof of Expertise (Reporting Office)
Whistleblower
Anti-Discrimination / Pay Transparency
14 terms in AGG / Pay
AGG Employer Liability
Complaints Office (Section 13 AGG)
Direct Discrimination
Entgelttransparenzgesetz (German Pay Transparency Act)
EU Pay Transparency Directive (2023/970)
EU Pay Transparency Directive 2023/970
Harassment (Section 3 (3) AGG — German General Equal Treatment Act)
Indirect Discrimination
Job Posting (AGG-compliant)
Joint Pay Assessment
Right of Access (Pay Transparency)
Section 12 AGG (Training Obligation)
Section 22 AGG — Reversal of Burden of Proof
Women's Quota (Section 76 AktG / FüPoG II)
Cross-cutting