Print

News & Events

DPO News and events

2
Aug
2021

Trainings on Regulation (EU) 2018/1725 for EUI's controllers

 

New thematic online trainings in light of Regulation (EU) 2018/1725 for EUI's controllers at the European School of Administration (EUSA), Brussels:

You may enroll directly in EU Learn or by contracting the EDPS and EUSA.

14 September: Conditions and Safeguards in International Transfers to Private Entities

9 November: Personal Data Breaches in EUIs: practical recommendations for notification and mitigation  

6 December: Exact topic to be confirmed  

22
Jun
2021

Trainings on Regulation (EU) 2018/1725 for EUI's controllers

New thematic online trainings in light of Regulation (EU) 2018/1725 for EUI's controllers at the European School of Administration (EUSA), Brussels:
You may enrol on EU learn.

17 March:  Which are the data protection implications on the use of social media and ICT / remote working tools by the EUIs?
22 June:    Conditions and Safeguards in international transfers

4
Jun
2021

49th Virtual Meeting of the Data Protection Officers and the EDPS

49th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Blogpost by EDPS Director Leonardo Cervera Navas.

Agenda
Available languages: English
Workshop data breach notification guidelines
Available languages: English
Workshop data breaches notifications summary
Available languages: English
Presentation: software alternatives
Available languages: English
Presentation: International Transfers and Cloud Services
Available languages: English
Data Protection Impact Assessment (DPIA), Part 1
Available languages: English
Data Protection Impact Assessment (DPIA), Part 2
Available languages: English
Workshop on EDPS-DPOs cooperation
Available languages: English
Conclusions
Available languages: English
28
Apr
2021

Remote audit on Article 25

Regarding the remote audit on Article 25 (case 2021-0165) launched on 13 April 2021, WORD version of Annex 4 and Annex 5 of the Announcement Letter are available below.

Fundamental rights, enshrined in the Charter of Fundamental Rights of the European Union (‘Charter’), constitute the core values of the European Union. The conditions for possible limitations on the exercise of fundamental rights are of utmost importance, because they determine the extent to which the rights can effectively be enjoyed. Article 52(1) of the Charter states that any limitation on the exercise of the right to personal data protection (Article 8 of the Charter) must be necessary for an objective of general interest or to protect the rights and freedoms of others. In matters relating to the operation of the Union institutions and bodies (`EUIs´), Article 25 of Regulation (EU) 1725/2018 (`Regulation´) states that Internal Rules may restrict the application of data subjects´ rights, when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society to safeguard a certain number of legally protected interests. 

 

This remote audit aims at understanding how EUIs have taken into account the recommendations issued by the EDPS when drafting their Internal Rules. It further looks into the application of these Internal Rules in practice by examining actual cases of EUIs restricting data subjects´ rights. In assessing compliance, the EDPS takes into account in particular the EDPS Guidance on Article 25 of the Regulation of June 2020 (‘EDPS Guidance’).

The decision to carry out a remote audit on these topics was determined by taking into account the following points:

  • The fact that decisions under Article 25 of the Regulation restrict fundamental rights, i.e. represent a high impact on data subjects;
  • The high number EUIs concerned gives a horizontal view on a topic that has proven to be contentious, in particular in complaints relating to access requests under Article 17 of the Regulation.

Like any audit, this audit has been a learning exercise for the EDPS, which may in turn lead the EDPS to update existing guidance in due time. Against this background, this general report is published with a view to reporting on the overall results of the audit and providing guidance to all EUIs on best practices identified during the exercise.

 

Annex 4
Available languages: English
Annex 5
Available languages: English
Audit Report
Available languages: English
21
Dec
2020

48th Virtual Meeting of the Data Protection Officers and the EDPS

48th Meeting of the Data Protection Officers of the EU institutions and the European Data Protection Supervisor, virtual meeting.

Agenda
Available languages: English
S&E priorities
Available languages: English
EDPS strategy
Available languages: English
EDPB supplementary measures
Available languages: English
Technology, challenges
Available languages: English