In order to carry out its duties towards European citizens, the European Parliament may collect personal information (“personal data”), which is gathered and treated in full compliance with Regulation (EU) 2018/1725, “the Regulation”.
“Personal data” means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her identity.
Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data was published in the Official Journal of the European Union on 21 November 2018 and entered into force on 11 December 2018. Decision of the Bureau of the European Parliament of 17 June 2019 on the implementing rules relating to Regulation (EU) 2018/1725 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data by the Union Institutions, Bodies, Offices and Agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.
The vast majority of the pages that make up this website can be consulted without any personal data being requested. Only a few pages invite you to enter personal data in order to deliver specific services or to answer dedicated requests. For example, the page Citizens’ Enquiries Unit (Ask EP) includes a contact tab, which activates an on-line form. On that form, you are asked, at the minimum, to indicate (compulsory fields) your surname, forename, country of residence and email address, as well as, possibly, your gender, address, age, profession and nationality. Once sent, the form is forwarded by email to the appropriate department so that it can meet your needs in the best possible way. The European Parliament ensures data gathered is processed solely for intended and clearly stated purposes, and not reused for any other aim. Personal information is kept for the time period needed to process the data, as described in the original purpose. Some data may be kept on a longer term for historical, statistical or security reasons, without prejudice to any other provision of the Regulation.
Notice on restrictions
In specific cases, the European Parliament has the possibility to restrict the exercise of some rights of a data subject. For instance, the IT services of the European Parliament keep some server logs, as describes in the DPO Notifications 153 and 179. This information is necessary for supervising and diagnosing incidents related to security issues. Please read this Notice on restrictions for more details.
Exchanges with third parties
The European Parliament discloses personal information to third parties only when it is necessary for the purposes specified and only to the categories of the recipients mentioned. The European Parliament does not divulge any personal data for direct marketing purposes and undertakes to take appropriate security measures to safeguard these data from misuse by third parties. The website of the European Parliament may provide links to other internet sites. Since the European Parliament has no control over such sites, we suggest you to review their own privacy policies. In some rare cases, the European Parliament publishes third party components on its webpages (e.g. maps; Twitter walls; embed videos; etc.). When the European Parliament is not able to block calls to resources coming from third-party services, we implement techniques that allow you to accept of refuse to show this external content.
How to get your personal data deleted or modified
All citizens have the right to obtain access to the personal data held by the European Parliament about them and to request its modification or its deletion. For any request concerning the processing of your personal data, we invite you to contact either the Data Protection Officer of the European Parliament (DPO) or the European Data Protection Supervisor (EDPS).
Data Protection Officer of the European Parliament (DPO)
The Data Protection Officer of the European Parliament is the data protection authority responsible for monitoring the application of the Regulation (EU) 2018/1725 within the European Parliament who will welcome and process your request.
European Data Protection Supervisor (EDPS)
The European Data Protection Supervisor (EDPS) is the data protection authority for all the European Union institutions, bodies and agencies. One of the tasks is to handle complaints and conduct inquiries. The Data Protection Supervisor will welcome and process your request.
Data Protection Officer
The Data Protection Officer of the European Parliament is responsible for monitoring the application of the Regulation (EU) 2018/1725 within the institution. Any unit of the European Parliament that uses information which identifies individuals is covered by this Regulation and is required to notify the European Parliament Data Protection Officer of any operation in which personal data is processed (gathering, consultation, forwarding, organisation, etc.). These operations are described in dedicated notifications stored in the “Data Protection Register”, which is publicly available on internet. Any citizen may access and consult these notifications in the language in which the information was entered (either English or French). Any person concerned may exercise the rights conferred by the Regulation based on the information contained in these notifications.