I share the continuation of the article I published in collaboration with EIP International Business School in which we talked about the DPA and when it should be performed.
In this case, we analyze the criteria provided by the WP29 in its Guidelines on Data Protection Impact Assessment.
Hope you find it useful!
(You can access the content of the article at the following link: What is a Data protection Impact Assessment and when should it be done (II)?)