European Data Protection Supervisor
European Data Protection Supervisor

Opinions Prior Check

Opinions Prior Check

Some of the procedures that EU institutions put in place pose risks to the data protection rights and freedoms of individuals.

EU institutions are obliged by the Regulation to notify us before putting in place these risky procedures or data processing operations. They are not required to notify us each time the processing takes place.

Article 27(1) of Regulation (EC) No 45/2001 outlines the types of processing that should be notified to us:

  • The processing of certain special categories of data such as health data in pre-recruitment medical exams;
  • The processing intended to evaluate persons such as in staff appraisals, recruitment and selection of staff or contractors under procurement procedures or external experts;
  • Processing which excludes persons from a right, benefit or contract such as blacklisting for project funding;
  • When data is collected for one purpose and potentially used for another without any legal justification (legal basis) for doing so such as linking databases that serve different purposes.

Where an EU institution is unsure whether to notify us, their data protection officer can consult us for advice to confirm.
Once we have received a notification, we issue recommendations as required, to help the EU institutions make the procedure comply with the data protection rules. Our follow up work includes verifying that our recommendations have been implemented by the institution.

In general, our prior checking Opinions are public, but we may delete sensitive elements where necessary, relating to security for example.

On average we receive around 130 such notifications per year.

Filters

Pages

10/07/2018
10
Jul
2018

Updated notifications for staff appraisal and reclassification - EACEA

Prior-checking Opinion regarding the updated notifications for staff appraisal and reclassification at EACEA (EDPS case 2017-1061 and 2017-1062)

03/07/2018
3
Jul
2018

Reimbursement of medical expenses of Local Agents in EU Delegations – EEAS

Prior-checking Opinion regarding the reimbursement of medical expenses under the Complimentary Sickness Insurance Scheme for Local Agents in EU Delegations (EDPS case 2017-0986)

06/06/2018
6
Jun
2018

Recruitment Procedures - EMSA

Prior-check Opinion on the recruitment procedures at EMSA (Case 2015-0439)

23/05/2018
23
May
2018

Processing of Health Data - EIOPA

Prior-checking Opinion regarding the processing of health data at the European Insurance and Occupational Pension Authority (EIOPA) (EDPS case 2017-0284)

25/04/2018
25
Apr
2018

Conduct of investigations - Council

Prior Checking Opinion regarding the conduct of investigations by the Security Office of the General Secretariat of the Council of the European Union (Case 2017-0216)

10/04/2018
10
Apr
2018

Selection of confidential counsellors and informal anti-harassment procedures – EIOPA

Prior-checking Opinion on selection of confidential counsellors and informal anti-harassment procedures at EIOPA (EDPS case 2017-0916)

04/04/2018
4
Apr
2018

EEAS’ processing of personal data for repatriation of EU expatriate staff on medical grounds

Prior-checking Opinion regarding the EEAS’ processing of personal data for repatriation of EU expatriate staff on medical grounds (Case 2016-0778)

22/03/2018
22
Mar
2018

Internal procedures and guidelines on whistleblowing - EMCDDA

Prior-check Opinion on European Monitoring Centre for Drugs and Drug Addiction's (EMCDDA) internal procedures and guidelines on whistleblowing (Case 2016-1083)

21/03/2018
21
Mar
2018

"Data Processing for Social Media Monitoring" at the European Central Bank (ECB) - ECB

Priorcheck Opinion on "Data Processing for Social Media Monitoring" at the European Central Bank (ECB) (Case 2017-1052)

21/03/2018
21
Mar
2018

Whistleblowing procedure in the REA and the relevant internal fraud issues - Case 2014-0178

Prior-check Opinion on “Whistleblowing procedure in the REA and the relevant internal fraud issues” (Case 2014-0178)

21/03/2018
21
Mar
2018

Whistleblowing Rules- FRA

Prior-check Opinion on FRA’s whistleblowing rules (Case 2016-0737)

15/03/2018
15
Mar
2018

Whistleblowing procedure - ECHA

Prior-check Opinion on the ECHA’s whistleblowing procedure (Case 2015-1029)

15/03/2018
15
Mar
2018

Whistleblowing Procedure - EDPS

Prior-check Opinion on the Whistleblowing Procedure at the EDPS (Case 2017-0493)

13/03/2018
13
Mar
2018

Selection, Recruitment and Administrative Management - EEAS

Prior check Opinion on Selection, Recruitment and Administrative Management for Junior Professionals in EU Delegations (JPDs) (Case 2016-0772)

13/03/2018
13
Mar
2018

OHC Pregnancy Self-Assessment Data - EIB

Prior-checking Opinion regarding OHC Pregnancy Self-Assessment Data at EIB (Case 2016-0614)

08/03/2018
8
Mar
2018

Processing of Personal Data - SRB

Prior-checking Opinion regarding ‘The processing of personal data in management of all leave entitlements, processing of received requests for reimbursement of annual medical check-ups, received pre-employment medical exams/clearances’ at the Single Resolution Board (SRB) (Case 2017-0853)

02/03/2018
2
Mar
2018

Recruitment of staff - SRB

Prior-checking Opinion regarding ‘Recruitment of staff: Temporary agents (TAs), Seconded National Experts (SNEs) and trainees’ at Single Resolution Board (SRB) (Case 2017-0851)

12/02/2018
12
Feb
2018

Selection and administrative management of Blue Book Trainees - EEAS

Prior check Opinion on selection and administrative management of Blue Book Trainees in EEAS Headquarters and EU Delegations (case 2016-0771)

26/01/2018
26
Jan
2018

First-aid intervention registers - Council

Summary of Case 2017-0969:

The Council established a network of first-aiders on the basis of the Staff Regulations and the rules in the area of well-being at work. Under Belgian law in that field, the employer keeps a register in which the employee who carries out a first-aid intervention must indicate particular information concerning his intervention. The Council decided to implement a staff first-aid intervention register (first-aider record book) and a register of first-aid intervention for the medical service for instances where the medical service intervenes (on site and/or after transport of the casualty to its premises). The data subjects must be duly informed about the protection of personal data. In the light of the sensitive nature of those data and the urgent nature of the work of the first-aider, it is also essential that appropriate measures be implemented in order to guarantee the security of the personal data contained in the first-aider record book.

17/01/2018
17
Jan
2018

Administrative inquiries and disciplinary proceedings - EIT

Prior-check Opinion on "administrative inquiries and disciplinary proceedings" at European Institute of Technology & Innovation (EIT) (Case 2016-1165)

Pages