Print

News & Events

DPO News and events

4
Jun
2021

49th Virtual Meeting of the Data Protection Officers and the EDPS

49th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Blogpost by EDPS Director Leonardo Cervera Navas.

Agenda
Verfügbare Sprachen: Englisch
Workshop data breach notification guidelines
Verfügbare Sprachen: Englisch
Workshop data breaches notifications summary
Verfügbare Sprachen: Englisch
Presentation: software alternatives
Verfügbare Sprachen: Englisch
Presentation: International Transfers and Cloud Services
Verfügbare Sprachen: Englisch
Data Protection Impact Assessment (DPIA), Part 1
Verfügbare Sprachen: Englisch
Data Protection Impact Assessment (DPIA), Part 2
Verfügbare Sprachen: Englisch
Workshop on EDPS-DPOs cooperation
Verfügbare Sprachen: Englisch
Conclusions
Verfügbare Sprachen: Englisch
28
Apr
2021

Remote audit on Article 25

Regarding the remote audit on Article 25 (case 2021-0165) launched on 13 April 2021, WORD version of Annex 4 and Annex 5 of the Announcement Letter are available below.

Fundamental rights, enshrined in the Charter of Fundamental Rights of the European Union (‘Charter’), constitute the core values of the European Union. The conditions for possible limitations on the exercise of fundamental rights are of utmost importance, because they determine the extent to which the rights can effectively be enjoyed. Article 52(1) of the Charter states that any limitation on the exercise of the right to personal data protection (Article 8 of the Charter) must be necessary for an objective of general interest or to protect the rights and freedoms of others. In matters relating to the operation of the Union institutions and bodies (`EUIs´), Article 25 of Regulation (EU) 1725/2018 (`Regulation´) states that Internal Rules may restrict the application of data subjects´ rights, when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society to safeguard a certain number of legally protected interests. 

 

This remote audit aims at understanding how EUIs have taken into account the recommendations issued by the EDPS when drafting their Internal Rules. It further looks into the application of these Internal Rules in practice by examining actual cases of EUIs restricting data subjects´ rights. In assessing compliance, the EDPS takes into account in particular the EDPS Guidance on Article 25 of the Regulation of June 2020 (‘EDPS Guidance’).

The decision to carry out a remote audit on these topics was determined by taking into account the following points:

  • The fact that decisions under Article 25 of the Regulation restrict fundamental rights, i.e. represent a high impact on data subjects;
  • The high number EUIs concerned gives a horizontal view on a topic that has proven to be contentious, in particular in complaints relating to access requests under Article 17 of the Regulation.

Like any audit, this audit has been a learning exercise for the EDPS, which may in turn lead the EDPS to update existing guidance in due time. Against this background, this general report is published with a view to reporting on the overall results of the audit and providing guidance to all EUIs on best practices identified during the exercise.

 

Annex 4
Verfügbare Sprachen: Englisch
Annex 5
Verfügbare Sprachen: Englisch
Audit Report
Verfügbare Sprachen: Englisch
21
Dec
2020

48th Virtual Meeting of the Data Protection Officers and the EDPS

48th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Agenda
Verfügbare Sprachen: Englisch
S&E priorities
Verfügbare Sprachen: Englisch
EDPS strategy
Verfügbare Sprachen: Englisch
EDPB supplementary measures
Verfügbare Sprachen: Englisch
Technology, challenges
Verfügbare Sprachen: Englisch
8
May
2020

47th Virtual Meeting of the Data Protection Officers and the EDPS

47th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Agenda
Verfügbare Sprachen: Englisch
Public Communication
Verfügbare Sprachen: Englisch
Use of social media by EU institutions and bodies
Verfügbare Sprachen: Englisch
Monitoring social media - risks
Verfügbare Sprachen: Englisch
Use of social media - technical aspects mitigating measures, privacy friendly social networks
Verfügbare Sprachen: Englisch
Registers - best practices findings when inspecting
Verfügbare Sprachen: Englisch
Microsoft findings and recommendations
Verfügbare Sprachen: Englisch
Covid-19 and data protection
Verfügbare Sprachen: Englisch
18
Feb
2020

Trainings on Regulation (EU) 2018/1725 for EUI's controllers

New thematic trainings in light of Regulation (EU) 2018/1725 for EUI's controllers at the European School of Administration (EUSA), Brussels:

You may enrol on EU learn.

  • 18 February: controllers-processors / joint controllership
  • 26 February: events management
  • 4 March: controllers-processors / joint controllership (EUSA in Luxembourg!)
  • 10 March: controllers-processors / joint controllership
  • 1 July: Data protection in procurement and outsourcing processing of personal data
  • 14 September: Arrangements with processors and how to use in practice SCCs for processors adopted by the EDPS
  • 20 October: Transfers of data, in particular international transfers
  • 18 November: International transfers