Guidance on Art. 25 of the Regulation 2018/1725
EDPS Guidance on Article 25 of the Regulation 2018/1725 and internal rules updated on 24 June 2020.
Since the data protection implications of some functions common to all EU institutions, bodies and agencies are similar, we publish guidelines on specific subjects, such as recruitment, appraisals, use of IT equipment in the workplace and disciplinary procedures.
These consolidate our guidance from our prior check Opinions, consultations and also include relevant guidance by the Article 29 Working Party and the case law of the European courts.
Our guidelines may be a useful source of inspiration for other organisations outside the EU institutions or may supplement the guidance offered by national data protection authorities.
EDPS Guidance on Article 25 of the Regulation 2018/1725 and internal rules updated on 24 June 2020.
Revised guidelines on personal data and electronic communications in the EU institutions (eCommunications guidelines).
2015 guidelines on eCommunications are available here.
These EDPS Guidelines explore in greater depth, and provide relevant examples of, issues relating to the impact on the fundamental rights to privacy and the protection of personal data, focusing on and complementing in particular Tool#28 of the Commission Better Regulation Toolbox and the Operational Guidance on taking account of Fundamental Rights in Commission Impact Assessments. The Guidelines also complement the EDPS Necessity Toolkit.
The following guidelines are an update of the guidance on whistleblowing published in July 2016.
When processing personal data, EU institutions and bodies (EUIs) must comply with specific data protection rules. Depending on their role, their obligations differ. The following guidelines provide explanation and practical advice to EU institutions and bodies on how to comply with Regulation (EU) 2018/1725 (‘the Regulation’).