(94) 當資料保護影響評估指出某處理在缺乏保護措施、安全措施及 機制以降低風險時可能導致對當事人之權利與自由有高風險，且控管 者同意該風險無法在可及技術及執行成本下以合理措施降低時，應於 處理活動開始前向監管機關諮詢。此種高風險可能肇因於某類型之處 理及處理之程度與頻率，也可能導致損害之實現與對當事人之權利與自由之干擾。監管機關應於特定期限內回應諮詢之請求。然而，監管 機關於一定期限內之不作為不應損及監管機關依照本規則所定之任 務與權力所為之任何介入。作為諮詢過程之一部分，為待決資料處理 所執行之資料保護影響評估結果得提交予監管機關，尤其是預定用以 降低對當事人權利與自由之風險的措施。
(94) Where a data protection impact assessment indicates that the processing would, in the absence of safeguards, security measures and mechanisms to mitigate the risk, result in a high risk to the rights and freedoms of natural persons and the controller is of the opinion that the risk cannot be mitigated by reasonable means in terms of available technologies and costs of implementation, the supervisory authority should be consulted prior to the start of processing activities.
Such high risk is likely to result from certain types of processing and the extent and frequency of processing, which may result also in a realisation of damage or interference with the rights and freedoms of the natural person.
The supervisory authority should respond to the request for consultation within a specified period.
However, the absence of a reaction of the supervisory authority within that period should be without prejudice to any intervention of the supervisory authority in accordance with its tasks and powers laid down in this Regulation, including the power to prohibit processing operations.
As part of that consultation process, the outcome of a data protection impact assessment carried out with regard to the processing at issue may be submitted to the supervisory authority, in particular the measures envisaged to mitigate the risk to the rights and freedoms of natural persons.
The latest consolidated version of the Regulation with corrections by Corrigendum, OJ L 127, 23.5.2018, p. 2 ((EU) 2016/679). Source: EUR-lex.