The data protection rules (Regulation (EU) 2018/1725) applicable to the EU institutions, bodies and agencies (EUIs) are in line with the provisions of the General Data Protection Regulation (Regulation (EU) 2016/679), applicable to EU member states.
In accordance with the applicable data protection rules, the EUIs are accountable for the way they process personal data.
It is required that all EUIs appoint a Data Protection Officer (DPO).
The task of the DPO is to ensure, in an independent manner, that the institution complies with the data protection law and protects individuals’ rights and freedoms.
The EDPS has appointed a DPO.
In application of the relevant data protection rules, the EDPS adopted its Decision on internal rules concerning restrictions of certain rights of data subjects in relation to the processing of personal data in the framework of activities carried out by the EDPS as well as implementing rules concerning the Data Protection Officer (EDPS Decision of 11 December 2018).
The EDPS DPO is part of and collaborates with the DPOs of the other EUIs in the EUIs DPO network.
To learn more about your data protection rights and how to exercise them, you can consult the following webpage: When the EDPS processes your personal data.
You can always address your concerns on the way the EDPS processes your personal data directly the DPO by sending an e-mail to: dpo@edps.europa.eu.