Description
In the context of the adoption of Regulation (EU) 2018/1725 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (The Regulation), the Management Committee of the European Investment Bank adopted 20 October 2020, the new “Data Protection Rules Implementing Regulation (EU) 2018/1725”. These rules refer to the function of the Data Protection Officer (the DPO), but also to the obligations of other important stakeholders inside the EIB (Controllers and Processors) and the rights of the data subjects.
The rules include provisions related to all new elements introduced by the Regulation, especially those related to the conduction of Data Protection Impact Assessments, personal data breaches, requirements for considering privacy by design and by default and the protection of data subjects’ rights.
