Regulation (EU) 2018/1725 lays down the data protection obligations for the EU institutions and bodies when they process personal data and develop new policies.
The Regulation repeals Regulation (EC) 45/2001, and, in line with GDPR, adopts a principle-based approach.
The new legal instrument ensures that EU institutions and bodies provide transparent and easily accessible information on how personal data is used, as well as foresee clear mechanisms for individuals to exercise their rights; it also reconfirms, clarifies and enhances the role of data protection officers within each EU institution and of the EDPS.
A Comprehensive Initiative to Strengthen Compliance on Personal Data Breach Management.
In 2024, the European Data Protection Supervisor (EDPS) launched a dedicated campaign to raise awareness of personal data breaches, one of 20 initiatives organised to mark the institution’s 20th Anniversary. The campaign ran from March to October 2024,
EDPS Formal comments on a draft Commission Implementing Regulation laying down rules for the application of Regulation(EU) 2023/956 of the European Parliament and of the Council as regards the conditions and procedures related to the status of authorised CBAM declarant.
Supervisory Opinion on the draft decision establishing measures for the application of Regulation (EU) 2018/1725, including measures concerning the data protection officer of the European Union Drugs Agency.
EDPS issues the Supervisory opinion on the draft Europol Management Board Decision laying down rules to determine time limits for the storage of administrative personal data.
Supervisory Opinion on draft internal rules concerning restrictions of certain rights of data subjects in relation to the processing by the European Commission for the supervision, investigation, enforcement and monitoring under Regulation (EU) 2022/2065.