PART 5The Information Commissioner
Consensual audits
129Consensual audits
1
The Commissioner’s functions under Article 58(1) of the GDPR and paragraph 1 of Schedule 13 include power, with the consent of a controller or processor, to carry out an assessment of whether the controller or processor is complying with good practice in the processing of personal data.
2
The Commissioner must inform the controller or processor of the results of such an assessment.
3
In this section, “good practice in the processing of personal data” has the same meaning as in section 128.