Opinion on proposals for amending the Financial Regulation applicable to the general budget of the European Communities and its Implementing Rules (COM(2006) 213 final and SEC(2006) 866 final), OJ C 94, 28.04.2007, p. 12
One of the main points of the proposals is that they foresee the set-up and organisation of a central database common to all institutions and bodies, operated by the Commission, of candidates and tenderers under specific situations of exclusions in case of fraud and allow the exchange of the information contained in the database with authorities at different levels.
Although the EDPS agrees to the principle of a central database in the light of the foreseen purposes of data processing, he underlined that a proactive approach to the rights of the data subjectsshould be respected. Data subjects must be informed beforehand that these data might be made public, and it must be ensured that the data subject's right of access and right to object are respected. Other concerns relate to:
- The need for a precise timeframe regarding the update of the information as well as an adequate security protection of the database.
- The need for specific safeguards in the context of transfers of personal data from the central database and receiving personal data from third countries and international organisations.
Time limits for storage and budgetary control.