Useful infographics and documents to help you stay informed about your rights and responsibilities regarding data protection.


Ongoing investigation into the use of M365 by EUIs after Schrems II

The EDPS has an ongoing investigation into Commission’s use of Microsoft Office 365 (M365).
While the ongoing investigation by the EDPS concerns the Commission in its capacity as a controller for its use of M365, the future outcome of this investigation should nevertheless be instructive for other EU institutions (EUIs) procuring of Microsoft products and services under the same inter-institutional licensing agreement with Microsoft.

Available languages: English

What to expect when we inspect - Data protection audits explained

Audits are one of the tools used by the EDPS to ensure that EUIs comply with data protection rules. When do we conduct audits? Why and which EUIs are audited? What are the three stages of an EDPS audit? This factsheet will help you to learn more on what to expect when we inspect. 

Available languages: German, English, French

Personal Data Breaches in a Nutshell


Image of the coverpage of the fachsheet

All EU institutions, offices, bodies and agencies process personal data to recruit staff, pay salaries or negotiate service contracts, for example. If this personal data is lost, stolen or obtained accidently or deliberately, it is a personal data breach. What can you do if a personal data breach occurs? When should the breach be communicated to individuals? This factsheet will help you deepen your knowledge on personal data breaches.

Available languages: German, English, French