The protection of the right to privacy and the protection of personal data – as set out in article 8 of the EU Charter on Fundamental Rights – are important concerns for the European External Action Service (EEAS) as a European public administration.
To meet its obligations to citizens, the EEAS frequently needs to collect, process and retain personal data, such as names, office addresses, phone numbers, photos or other data, including more sensitive information through procurements, calls for tenders or conference invitations.
Personal data is information relating to you only, which makes you identifiable – your name, photo, phone number, birth date, e mail address, car number plate, etc.
These rules apply to all departments within the EEAS and all EU Delegations that process information identifying individuals. The EEAS Data Protection Office must be notified in advance of any operation involving such data collection, consultation, transmission or organisation. All data of a personal nature provided to the EEAS - namely data which can identify a person directly or indirectly - will be handled with the necessary care.
1. Notice – people whose data is being collected, processed and kept should be informed
2. Purpose – data collected should be used only for the stated purpose(s) and for no other
3. Consent – personal data should not be disclosed or shared with third parties without the consent of the person concerned
4. Security – once collected, personal data should be kept safe and secure from potential abuse, theft, or loss
5. Disclosure – people whose personal data is being collected should be told which party or parties are doing this
6. Access – people should granted access to their personal data and allowed to correct any inaccuracies
7. Accountability – people should be able to hold personal data collectors accountable for following all these principles.
See also: EEAS Data Protection – detailed overview [111 KB]