Factsheets

The EDPS may decide to start an investigation when we have a strong suspicion of an infringement of data protection rules by an EUI.

The aim of the investigation is to check whether an infringement of the applicable data protection rules, in particular the EUDPR, has occurred and to establish its circumstances.

To find out more about the process of EDPS investigations, consult our Investigation Policy and Investigation Factsheet below.

As part of our work, the EDPS is consulted by EU institutions, bodies, offices and agencies (EUIs), their data protection officers, on their day-to-day activities with an impact on data protection and the processing of individuals’ data. We also process complaints made by individuals about how their personal data has been processed by an EUI.

October is the European Cybersecurity Month.

October is the European Cybersecurity Month.

Read the EDPS infographics on phishing and how to prevent to be a victim of cyberattacks.

The EDPS has an ongoing investigation into Commission’s use of Microsoft Office 365 (M365).
While the ongoing investigation by the EDPS concerns the Commission in its capacity as a controller for its use of M365, the future outcome of this investigation should nevertheless be instructive for other EU institutions (EUIs) procuring of Microsoft products and services under the same inter-institutional licensing agreement with Microsoft.