Scope of these rules
These rules apply to issues related to the processing of personal data through the web services owned by the European Commission and executive agencies within the europa.eu domain.
Any operation performed upon information related to an identified or identifiable natural person is defined as processing of personal data. Some examples include collection, recording, storage, alteration, use, disclosure and transfer of personal data.
As other European Institutions, the European Commission is subject to specific legal obligations concerning the protection of personal data and their processing. These obligations are described in Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data. It repeals Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.
- All cookies and similar technologies implemented by DGs and executive agencies’ websites must be described on the central Cookies policy pages
- EC branded websites must link to the EC branded page Cookies policy and EU branded websites must link to the EU branded page Cookies.
- Consent for cookies and any similar technologies requiring it must be collected before setting cookies and after having adequately informed users about their utilisation
- The corporate service Cookie Consent Kit must be implemented on all public pages of the website as described in this guide’s page dedicated to cookies and similar technologies.
- Any data processing on websites must be described in a data protection record and accompanied by its own privacy statement.
For more information, contact your DG's Data Protection Coordinator (EU login required). The Data Protection Coordinator deals with data protection at DG level. The DPCs provide advice and assistance on data protection issues. DPCs also represent the DGs in the network of Coordinators, chaired by the DPO.
- Data Protection Officer of the European Commission
- the Data Protection Officer of the European Commission (EU Login required)
- Register of the Data Protection Officer
- EDPS Resources - Guidelines on the protection of personal data processed through web services provided by EU institutions.
Contact and support
Within the European Commission, the first level of contact for any data protection related issues is the DG's Data Protection Coordinator (EU Login required).
For adding new cookies that are not described on the central Cookies policy pages, please contact the team in charge of Europa Domain Management (EU Login required).
We are interested in your opinion. Please log in to reply to the question below:
|Partially, tell us more|