合法博彩网站

Data protection law focuses on personal data in order to protect the privacy and related interests of individual natural/physical persons - data subjects.

'Data subject' is the natural person whose personal data are being processed by the European 合法博彩网站. More precisely it is an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Who is the controller?

established a legal framework for the use of personal data by the EU institutions and bodies. The Regulation introduced a number of obligations to be complied with in order that data subjects (e.g. citizens, staff members of the EU institutions or any other individual whose data is processed by the EU institutions or bodies) can trust that their personal data is used in a fair and reliable manner. These obligations are addressed to "controllers". Article 3 (8) of Regulation (EU) 2018/1725 defines the controller as: "the Union institution or body or the directorate-general or any other organisational entity which, alone or jointly with others, determines the purposes and means of the processing of personal data."

What are the obligations of the controllers?

In very general terms, controllers shall implement appropriate technical and organizational measures to ensure and to be able to demonstrate that processing is performed in accordance with Regulation (EU) 2018/1725. It means that they are obliged to design and implement the processes and procedures under their responsibility in a manner that is compliant with the Regulation. It means in particular that they need to find a legal justification for the processing of personal data (we call it a legal basis for processing) and ensure that they will use only the minimum data that is necessary for the objective to be achieved (e.g. data necessary to carry out selection and recruitment or data that is necessary to organize a conference with the participation of citizens) and to keep it no longer than necessary for that purpose.

Controllers also need to be transparent on how they process personal data. For this reason, upon collection of personal data, they should provide Data Protection Notice to data subjects with the description of the important information on how they intend to use the personal data (for which purpose, for how long they will process it, with whom they might share it etc.).

Controllers are obliged to assess the risks to the rights and freedoms of data subjects stemming from the processing under their responsibility and need to document those risks. In case of personal data breaches, they need to react in a timely manner in order to correctly manage the breach and notify the European Data Protection Supervisor and individuals affected by the breach (when required to do so by law).

Last but not least, if, as a data subject, you wish to exercise your rights under the Regulation (e.g. you wish to obtain access to personal data or ask for erasure of your data), controllers need to facilitate the exercise of your rights and to handle your requests within the deadlines set out by the Regulation (more details on this can be found under Data Subjects Rights section

The Data Protection Officer (DPO) is designated by the European 合法博彩网站 to ensure that any data protection related issues are handled properly and timely.

His main tasks include:

• To give his/her advice to the European 合法博彩网站 and its staff when they process personal data. He/she ensures that they are informed on their legal obligations, shares best practices, assists with the drafting of privacy policies and provides trainings to the European 合法博彩网站 staff on data protection.
• To monitor compliance of the European 合法博彩网站 with the Regulation (EU) 2018/1725 and any other data protection laws.
• To monitor compliance of the European 合法博彩网站 with the Regulation (EU) 2018/1725 and any other data protection laws.
• In the event of a data breach, he can provide the data controller with his advice regarding the notification to the European Data Protection Supervisor (EDPS).
• He consults the drafting of Data Protection Impact Assessments (DPIAs) that make an evaluation of the potential impacts of data processing operations on individuals' privacy.
• He provides his advice regarding the need of prior consultation of the European Data Protection Supervisor (EDPS).
• He promotes cooperation between the European 合法博彩网站 and the European Data Protection Supervisor (EDPS).
• He ensures that in processing operations, the freedoms and rights of data subjects are not harmfully affected

Overall, the DPO is committed to safeguard your rights and freedoms as well as to ensure that the European 合法博彩网站 keeps high standards in data protection. For any information or concerns, do not hesitate to contact the DPO in the following contact information.

The European Data Protection Supervisor (EDPS) is the data protection authority for the European Union institutions, bodies and agencies.

A key part of its mandate is to supervise EU institutions so that they can be exemplary when it comes to the processing of personal information.

This is accomplished by monitoring the activities that use (process) personal data. These data could be yours or that of anyone else who works for or with the EU, including visitors, contractors or beneficiaries of grants, but not only.

As part of its supervisory duties, the EDPS is entitled to:

• Provide written or verbal advice to EU institutions either on request or on its own initiative (Opinions on prior consultations, other Supervisory Opinions, Authorisation Decision on transfers, letters or papers;
• Issue guidelines on topics relevant to all EU institutions;
• Offer verbal advice to DPO telephone hotline;
• Assist DPOs in general by providing useful resources and documents;
• Raise awareness about data protection in the EU institutions and provide training;
• Conduct data protection audits to verify compliance in practice;
• Deal with complaints from individuals relating to the processing of their personal data by the EU institutions;
• Carry out investigations, either following information received from third parties or on our own initiative.
• Receive data breach notifications and follow up on them.
• Carry out periodic surveys and reports to gather statistics to benchmark and compare EU institutions.
• Notify the controller of an alleged infringement of the regulation.
• Obtain access to data information and to all equipment and means to perform its tasks.
• Can issue warnings, Reprimands to controller in case of infringement of the regulation
• In few words, oblige EU Institutions, Bodies and Agencies to comply with the regulation.

Additionally, the EDPS provides guidance on how to comply with the rules and ensure that they are applied appropriately. This involves drafting guidelines, investigating complaints, responding to consultations from EU institutions, and conducting data protection audits.

Data protection rules are nothing new for the EU institutions. Before the current Regulation (EU) 2018/1725, there was Regulation (EC) 45/2001, modelled on Directive 95/46/EC, the predecessor to GDPR. The EDPS has been supervising the EU institutions' data protection compliance since it started operations in 2004.

If you think that your rights have been infringed by an EU institution processing your personal information, you can lodge a complaint with the EDPS to investigate it.