The Spanish data protection authority – AEPD – has published a Model Data Protection Impact Assessment ‘DPIA) Report for the Private Sector. it includes the factors that must be taken into account by the private sector in order to perform a DPIA, including the description of the data processing activity, its purpose and legal basis, as well as risk mitigating measures.
EDPB guidelines on processing personal data through blockchains
These guidelines aim to clarify how data protection laws, particularly the GDPR, apply to blockchain systems.