European Data Protection Supervisor
European Data Protection Supervisor

Administrative Measures

Administrative Measures

In line with the principle of accountability, EU institutions with the support of their DPOs are primarily responsible for complying with their data protection obligations.

To support them, the EDPS provides guidance on how to be compliant and we make sure that the rules are applied as they should be; our approach is to trust and verify.

When complex or novel issues arise, we will offer advice as necessary to guide and navigate through the complexities to ensure compliance.

Article 57(1)(g) of Regulation (EU) 2018/1725 outlines that EU institutions and DPOs can consult the EDPS for advice when drawing up measures or internal (administrative) rules that involve the processing of personal information, if they are complex or may pose risks to the rights and freedoms of individuals.

In any case, the EU institutions are obliged to inform or consult the EDPS when they adopt administrative rules that involve the processing of personal data (Article 41 of the Regulation (EU) 2018/1725) regardless of the level of risk.

We have issued a policy paper to guide EU institutions and bodies as to when they must consult us.

Our Opinions on administrative consultations have covered a diverse range of subjects such as the publication of personal data on the internet, the use of email in the workplace, the transfers of personal data to non-EU countries and the billing of individual users for non‑work related phone calls.

Not all of our replies to consultations are made public; those that we believe are useful for other institutions and the persons affected are published on this website.

In addition, some of the measures we are consulted on are sensitive and must therefore be treated confidentially.


Filters

Pages

25/11/2009
25
Nov
2009

Definition of Controller

Letter regarding a consultation on the definition of controller

13/11/2009
13
Nov
2009

Implementing rules concerning Regulation (EC) n° 45/2001

Comments of the EDPS concerning the Preliminar draft decision of the Executive Committee of the EACEA adopting implementing rules concerning Regulation  (EC) n° 45/2001 (Case 2009-656)

10/11/2009
10
Nov
2009

Implementing rules at ETF

Analysis of the EDPS on a consultation on the draft implementing rules of the European Training Foundation (ETF)

01/10/2009
1
Oct
2009

Right of access

Letter regarding a consultation related to the right of access (Article 13 of Regulation 45/2001)

23/09/2009
23
Sep
2009

Special ID cards issued by a Member State

Letter regarding a consultation on special ID cards issued by the Ministry of Foreign Affairs for non Portuguese staff

17/07/2009
17
Jul
2009

Pandemic procedure at ECB

Analysis of the EDPS on a consultation on processing of personal data in the frame of pandemic procedure at ECB (2009-456)

02/07/2009
2
Jul
2009

Transfers of personal data to third countries

Transfers of personal data to third countries: 'adequacy' of signatories to Council of Europe Convention 108

05/06/2009
5
Jun
2009

Examen médical pour les assistants parlementaires

Lettre en réponse à une consultation sur l'examen médical préalable à l'embauche des assistants parlementaires

08/05/2009
8
May
2009

Implementing rules at Cedefop

Analysis of the EDPS on a consultation related to the draft implementing rules of Cedefop

08/05/2009
8
May
2009

Implementing rules at Eurofound

Analysis of the EDPS on a consultation related to the draft implementing rules of Eurofound

06/05/2009
6
May
2009

Personal data transfers by OLAF

Analysis of the EDPS on a consultation on questions concerning the treatment of personal data transfers by OLAF

03/11/2008
3
Nov
2008

New model medical certificate

Consultation on the new model medical certificate (introduction in all the institution)

11/09/2008
11
Sep
2008

Access to public documents containing personal data

Analysis of the EDPS on a consultation related to a request for access to public documents containing personal data

16/07/2008
16
Jul
2008

Surveys related to sensitive data

Letter regarding a consultation related to surveys related to sensitive data

16/06/2008
16
Jun
2008

Formation eHEST

Lettre relative à la formation eHEST ("Computer Based Hostile Environment Security Training") au Conseil

10/03/2008
10
Mar
2008

Request of medical file by National Court

Letter regarding a consultation on a request of medical file by National Court

06/02/2008
6
Feb
2008

Dispositions d'application du règlement 45/2001 à la Cour de justice

Lettre concernant le projet de décision du comité administratif de la Cour de justice portant adoption de dispositions d'application du règlement (CE) 45/2001 (Dossier 2007-658)

09/01/2008
9
Jan
2008

Administrative inquiries and disciplinary proceedings

Letter to the President of the College of Chiefs of Administration relating to administrative inquiries and disciplinary proceedings (Case 2006-75)

26/11/2007
26
Nov
2007
07/05/2007
7
May
2007

Common Conservation List (CCL)

Comments on the draft Common Conservation List (CCL)

Pages