European Data Protection Supervisor
European Data Protection Supervisor

Rights of the Individual

Rights of the Individual

One of the aims of the General Data Protection Regulation (GDPR) is to empower individuals and give them control over their personal data. The GDPR has a chapter on the rights of data subjects (individuals) which includes the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right not to be subject to a decision based solely on automated processing.

Filters

Pages

27/06/2017
27
Jun
2017

Probation periods - EIF

Prior-checking Opinion regarding probation periods and the e-probation tool at the European Investment Fund (Case 2015-1107)

During the probation evaluation of a staff member and the adoption of the probation report, the EIF processes personal data of that staff member. To ensure transparency and fairness, information on this processing should be provided to the concerned individuals through a specific data protection notice. This notice should be made available on the Intranet. A link to the notice should also be added to the respective forms, reports and/or to the messages sent to the staff members in the different stages of probation evaluation. The notice should also clearly set out the procedures for granting individuals' rights, including also information on within which time limit a reaction can be expected from the EIF to the requests of the individuals. Staff members should be granted access to all their data kept in their personal file and in the electronic database, even after the end of employment. While letters containing probation decisions would need to be kept throughout the career of a staff member, probation reports may not necessarily remain relevant during the whole career. The retention of probation reports up to five years after the end of a particular appraisal procedure would be considered appropriate.

07/06/2017
7
Jun
2017

Video-surveillance - GSA

Prior-checking Opinion regarding video-surveillance at the GSA headquarters (Case 2016-1052)

Tags:
08/05/2017
8
May
2017

Coordination of social security systems

Formal comments on a proposal for a Regulation of the European Parliament and of the Council amending Regulation (EC) No 883/2004 on the coordination of social security systems and Regulation (EC) No 987/2009 laying down the procedure for implementing Regulation (EC) No 883/884

15/02/2017
15
Feb
2017

Ex-ante product quality audits - EUIPO

Prior checking Opinion concerning ex-ante product quality audits (Case 2016-0477)

Organisations such as EUIPO ensure the quality of their output in different ways. One such way is checking the quality of decisions before it leaves the organization (ex-ante), recording the error rate and trends in the type and category of errors - and using a database to record this monitoring process.
As staff members remain identifiable in the process and are given feedback at individual level on the basis of this processing operation, this might lead to implications for their performance evaluation(on such processing operations, see EDPS Guidelines in the area of staff evaluation ). This is why the organization needs to comprehensively inform those concerned, grant all data subjects’ rights and ensure the accuracy of the data processed.

Tags:
23/01/2017
23
Jan
2017

Ombudsman's policy on the third party data subject policy (consultation and exemption under Article 12(2) of Regulation 45/2001)

Letter of 23 January 2017 to Data Protection Officer of the European Ombudsman relating to the Ombudsman's third party data subject policy (Case 2016-0692)

Tags:
17/01/2017
17
Jan
2017

"Public hearings" - EMA

Prior checking opinion on the use of the "Public hearings" tool at EMA in compliance with the Regulation (case 2016-0953)

Tags:
17/01/2017
17
Jan
2017

Geographic Information System - ECDC

Prior-checking opinion regarding test run of the Geographic Information System tool at ECDC (2016-0759)

Tags:
20/10/2016
20
Oct
2016

Personal Information Management Systems

EDPS Opinion on Personal Information Management Systems - Towards more user empowerment in managing and processing personal data.

29/09/2016
29
Sep
2016

EDPS-BEUC Conference on Big Data: individual rights and smart enforcement

Technology disrupts all aspects of our lives - in good ways and bad. Meanwhile, basic rights such as privacy, freedom of expression and non-discrimination are under unprecedented strain. Big Data and the Internet of Things bring policy, regulatory and enforcement challenges that require a holistic approach to ensure that the rights and interests of individuals are safeguarded in the coming decades. 

The EDPS, in collaboration with European consumer organisation BEUC, is hosting a joint conference on Big Data: individual rights and smart enforcement in Brussels on Thursday 29 September 2016. The conference will include panels on online platforms, smart technologies and the Digital Single Market. Speakers include EU Commissioner for Competition Margrethe Vestager, Federal Trade Commissoner Terrell McSweeny, BEUC Director General Monique Goyens and European Data Protection Supervisor, Giovanni Buttarelli.

This high level conference will bring together leading regulators and experts in the competition, data protection and consumer protection spheres to discuss key areas of economic and societal change, to promote closer dialogue and cooperation among regulatory and enforcement bodies and explore how to better respond to the challenges our society is facing.

The registration was closed on Monday 12 September.

Follow #BigDataRights and stay tuned!

You can find out more about EDPS work on big data here

Video recording of the meeting & the video message of Roberto Viola, Director General of DG CONNECT, European Commission.

Presentations :

Finn Myrstad, Head of Digital Services, Norwegian Consumer CouncilPDF icon
Chairman, YesLogicPDF icon
Liza Lovdahl Gormsen, Director of the Competition Law ForumPDF icon
Bjørn Erik Thon, Commissioner, Norwegian data protection authorityPDF icon
AgendaPDF icon
21/09/2016
21
Sep
2016

EU Smart Borders Package

EDPS Opinion on the Second EU Smart Borders Package, Recommendations on the revised Proposal to establish an Entry/Exit System

27/07/2016
27
Jul
2016

Transfer of personal data to a processor established in the United States

EDPS' consultation on transfer of personal data to a processor established in the United States (Case 2016-0628)

Tags:
04/07/2016
4
Jul
2016

Individual performance indicators - CPVO

Prior-check Opinion concerning the individual performance indicators for the annual evaluation of staff members at the Community Plant Variety Office (CPVO) (Case 2016-0417)

Personal data collected during an employer's core business activities are sometimes further used to produce productivity reports of employees to feed the evaluation process. This further use of personal data is a change of the initial purpose (linked to the core business) and should therefore be based on specific and explicit internal rules. Employees must be made aware of the change of purpose to ensure fair processing of their personal information. In addition, this information can only be used as a support tool for the annual evaluation of employees and not as the only source to feed the evaluation process.

18/03/2016
18
Mar
2016

European Border and Coast Guard Regulation

EDPS' recommendations on the proposed European Border and Coast Guard Regulation

22/01/2016
22
Jan
2016

EDPS: EU Institutions making steady progress

The EU institutions and bodies are making steady progress implementing data protection rules. This is the conclusion of the report published yesterday by the European Data Protection Supervisor (EDPS) on his latest stocktaking exercise.

Tags:
18/12/2015
18
Dec
2015

Restrictive measures - EEAS

Prior Checking Opinion regarding Restrictive Measures (Sanctions) of the European External Action Service (EEAS) (Case 2014-0926)

Tags:
15/12/2015
15
Dec
2015

Online platforms

EDPS response to the Commission public consultation on the regulatory environment for platforms, online intermediaries, data and cloud computing and the collaborative economy, 15 December 2015

Tags:
19/11/2015
19
Nov
2015

Meeting the challenges of big data

Meeting the challenges of big data, A call for transparency, user control, data protection by design and accountability

Tags:
28/10/2015
28
Oct
2015

EDPS recommendations on the Directive for data protection in the police and justice sectors

A further step towards comprehensive EU data protection, EDPS recommendations on the Directive for data protection in the police and justice sectors

Annex - Comparative table of Directive texts with EDPS recommendationsPDF icon
09/10/2015
9
Oct
2015

EDPS recommendations on the EU’s options for data protection reform

Europe’s big opportunity, EDPS recommendations on the EU’s options for data protection reform

Pages