EDPS Letter Consultation on agreement for payroll services for local employees in a third country
Regulation (EU) 2018/1725 lays down the data protection obligations for the EU institutions and bodies when they process personal data and develop new policies.
The Regulation repeals Regulation (EC) 45/2001, and, in line with GDPR, adopts a principle-based approach.
The new legal instrument ensures that EU institutions and bodies provide transparent and easily accessible information on how personal data is used, as well as foresee clear mechanisms for individuals to exercise their rights; it also reconfirms, clarifies and enhances the role of data protection officers within each EU institution and of the EDPS.
The EDPS has published guidance to EU institutions and bodies (“EUIs”) regarding the records of processing operations. The EDPS had previously clarified that making the register “publicly available” means publication on the internet. While initially May 2020, i.e. two years after the entry into force of the GDPR, had initially been announced by the EDPS as target date for implementation of this obligation, the EDPS noticed upon entry into force of Regulation 2018/1725, that the new Regulation contained no grace period regarding this obligation.
These comments refer to CEDEFOP’s draft implementing rules concerning restrictions on certain rights of data subjects (pursuant to Article 25 of Regulation (EU) 2018/1725).
2019 could be described as a year of transition, across Europe and the world. With new legislation on data protection in the EU now in place, the greatest challenge moving into 2020 and beyond is to ensure that this legislation produces the promised results. Awareness of the issues surrounding data protection and privacy, and the importance of protecting these fundamental rights, is at an all-time high and this momentum cannot be allowed to decline.
This Annual Report provides an insight into all EDPS activities in 2019, which was the last year of a five-year EDPS mandate. EDPS activities therefore focused on consolidating the achievements of previous years, assessing the progress made and starting to define priorities for the future.
HTML version: EN
These comments refer to the draft internal rules of the Executive Agencies EACEA, ERCEA, REA, INEA and EASME, concerning restrictions of certain rights of data subjects in relation to processing of personal data in the framework of their functioning.