Regulation (EU) 2018/1725 lays down the data protection obligations for the EU institutions and bodies when they process personal data and develop new policies.
The Regulation repeals Regulation (EC) 45/2001, and, in line with GDPR, adopts a principle-based approach.
The new legal instrument ensures that EU institutions and bodies provide transparent and easily accessible information on how personal data is used, as well as foresee clear mechanisms for individuals to exercise their rights; it also reconfirms, clarifies and enhances the role of data protection officers within each EU institution and of the EDPS.