Print

News & Events

DPO News and events

22
Jun
2021

Trainings on Regulation (EU) 2018/1725 for EUI's controllers

New thematic online trainings in light of Regulation (EU) 2018/1725 for EUI's controllers at the European School of Administration (EUSA), Brussels:
You may enrol on EU learn.

17 March:  Which are the data protection implications on the use of social media and ICT / remote working tools by the EUIs?
22 June:    Conditions and Safeguards in international transfers

4
Jun
2021

49th Virtual Meeting of the Data Protection Officers and the EDPS

49th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Blogpost by EDPS Director Leonardo Cervera Navas.

Agenda
Verfügbare Sprachen: Englisch
Workshop data breach notification guidelines
Verfügbare Sprachen: Englisch
Workshop data breaches notifications summary
Verfügbare Sprachen: Englisch
Presentation: software alternatives
Verfügbare Sprachen: Englisch
Presentation: International Transfers and Cloud Services
Verfügbare Sprachen: Englisch
Data Protection Impact Assessment (DPIA), Part 1
Verfügbare Sprachen: Englisch
Data Protection Impact Assessment (DPIA), Part 2
Verfügbare Sprachen: Englisch
Workshop on EDPS-DPOs cooperation
Verfügbare Sprachen: Englisch
Conclusions
Verfügbare Sprachen: Englisch
28
Apr
2021

Remote audit on Article 25

Regarding the remote audit on Article 25 (case 2021-0165) launched on 13 April 2021, WORD version of Annex 4 and Annex 5 of the Announcement Letter are available below.

Fundamental rights, enshrined in the Charter of Fundamental Rights of the European Union (‘Charter’), constitute the core values of the European Union. The conditions for possible limitations on the exercise of fundamental rights are of utmost importance, because they determine the extent to which the rights can effectively be enjoyed. Article 52(1) of the Charter states that any limitation on the exercise of the right to personal data protection (Article 8 of the Charter) must be necessary for an objective of general interest or to protect the rights and freedoms of others. In matters relating to the operation of the Union institutions and bodies (`EUIs´), Article 25 of Regulation (EU) 1725/2018 (`Regulation´) states that Internal Rules may restrict the application of data subjects´ rights, when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society to safeguard a certain number of legally protected interests. 

 

This remote audit aims at understanding how EUIs have taken into account the recommendations issued by the EDPS when drafting their Internal Rules. It further looks into the application of these Internal Rules in practice by examining actual cases of EUIs restricting data subjects´ rights. In assessing compliance, the EDPS takes into account in particular the EDPS Guidance on Article 25 of the Regulation of June 2020 (‘EDPS Guidance’).

The decision to carry out a remote audit on these topics was determined by taking into account the following points:

  • The fact that decisions under Article 25 of the Regulation restrict fundamental rights, i.e. represent a high impact on data subjects;
  • The high number EUIs concerned gives a horizontal view on a topic that has proven to be contentious, in particular in complaints relating to access requests under Article 17 of the Regulation.

Like any audit, this audit has been a learning exercise for the EDPS, which may in turn lead the EDPS to update existing guidance in due time. Against this background, this general report is published with a view to reporting on the overall results of the audit and providing guidance to all EUIs on best practices identified during the exercise.

 

Annex 4
Verfügbare Sprachen: Englisch
Annex 5
Verfügbare Sprachen: Englisch
Audit Report
Verfügbare Sprachen: Englisch
21
Dec
2020

48th Virtual Meeting of the Data Protection Officers and the EDPS

48th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Agenda
Verfügbare Sprachen: Englisch
S&E priorities
Verfügbare Sprachen: Englisch
EDPS strategy
Verfügbare Sprachen: Englisch
EDPB supplementary measures
Verfügbare Sprachen: Englisch
Technology, challenges
Verfügbare Sprachen: Englisch
8
May
2020

47th Virtual Meeting of the Data Protection Officers and the EDPS

47th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Agenda
Verfügbare Sprachen: Englisch
Public Communication
Verfügbare Sprachen: Englisch
Use of social media by EU institutions and bodies
Verfügbare Sprachen: Englisch
Monitoring social media - risks
Verfügbare Sprachen: Englisch
Use of social media - technical aspects mitigating measures, privacy friendly social networks
Verfügbare Sprachen: Englisch
Registers - best practices findings when inspecting
Verfügbare Sprachen: Englisch
Microsoft findings and recommendations
Verfügbare Sprachen: Englisch
Covid-19 and data protection
Verfügbare Sprachen: Englisch