Data Protection

General Data Protection Regulation (GDPR)

Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. This text includes the corrigendum published in the OJEU of 23 May 2018.

This regulation is an essential step to strengthen the fundamental rights of people in the digital age and stimulate economic activity by clarifying the regulation of the digital single market for businesses and public bodies. A single piece of legislation will also help to end the current legal fragmentation between different national systems and unnecessary administrative burdens on businesses.

The regulation entered into force on May 24, 2016 and has applied since May 25, 2018. More information for businesses and individuals.

Information on the integration of the General Data Protection Regulation (GDPR) into the EEA Agreement.

EU Member States notifications to the European Commission under the GDPR

Study on Data Protection Certification Mechanisms
Law Enforcement Data Protection Directive

Directive (EU) 2016/680 on the protection of individuals with regard to the processing of personal data in connection with criminal offenses or the execution of criminal sanctions, as well as on the free movement of such data.

This directive protects the fundamental right of citizens to the protection of data concerning them when such data is used by law enforcement authorities for law enforcement purposes. In particular, it guarantees the protection of the personal data of victims, witnesses and suspects and facilitates cross-border cooperation in the fight against crime and terrorism.

The directive entered into force on May 5, 2016 and EU countries were required to transpose it into national law by May 6, 2018.