Skip to main content

Privacy policy for websites managed by the European Commission

Introduction

The European Commission is committed to the protection of your personal data and respects your privacy on all its websites on the europa.eu domain.

This privacy policy on the protection of individuals with regard to the processing of personal data by the European Commission is based on the Regulation (EU) 2018/1725.

This privacy policy covers all the European Commission’s websites within the ec.europa.eu domain as well as inter-institutional EU websites on the europa.eu domain that are managed by the Commission. You can browse through most of these websites without giving any personal data.  

In certain cases though, your personal data may be required for the provision of an e-service. When personal data is required for that purpose, you can find more detailed information on that in a specific privacy statement linked to the website. You will find which service you should contact in that specific privacy statement.

In this respect:

  • an operational controller ensures conformity with the specific privacy statement in place for each e-service
  • the Data Protection Officer ensures in an independent manner the internal application of the Regulation in the Commission, and advises operational controllers on their data protection obligations
  • the European Data Protection Supervisor acts as an independent supervisory authority

Information contained in a specific privacy statement

When visiting other Commission websites, further specific privacy statements will contain the following information about the use of your personal data:

  • the purposes of the processing and how your personal data is processed
  • on what legal grounds your personal data is processed
  • which personal data is collected and further processed
  • how long it is kept
  • how it is protected and safeguarded
  • who has access to your personal data
  • what are your rights and how you can exercise them
  • who to contact if you have questions or complaints

e-services

An e-service on the ec.europa.eu websites is a service or resource that improves communication between people and the European Commission.

3 types of e-services are offered on the Commission websites:

  • information services that provide easy and effective access to information
  • interactive communication services to facilitate policy consultations and feedback
  • transaction services that allow basic forms of transactions with the EU, such as procurement, financial operations, recruitment, event enrollment, and ordering documents

Europa Analytics

Europa Analytics is the corporate service that measures the effectiveness and efficiency of the European Commission's websites on Europa.

You are free to refuse the use of this service – either via the cookie banner that appears at the top of the first page you visit or at Europa Analytics.

Choosing not to use this service does not affect your navigation experience on Europa websites of the Commission.

More about Europa Analytics for European Commission websites

More about Europa Analytics for European Union websites

IP adress and device ID

When you access a European Commission website, the European Commission receives as an essential technical requirement the Internet Protocol address (IP address) or the device ID of the device used to access the website.

Without this information, you will not be able to establish a technical connection between your devices and the server infrastructure maintained by the European Commission and therefore will not be able to access the websites of the European Commission.

The European Commission only keeps this information for the time necessary to fulfil the request, namely for the duration of the browsing session. In addition, IP addresses and device IDs might be saved for one year in the log files of the Directorate-General for Informatics operational environment for security or other purposes (see DPR-EC-02886 DIGIT IT security operations and services for more information).

Cookies and third parties

Some websites of the Commission on Europa use 'first-party cookies'. These are cookies set and controlled by the Commission, not by any external organisation.

Read more about our cookies here.

The Commission's websites within the ec.europa.eu domain may provide links to third-party sites. In order to use third party content on our websites, you may need to accept their specific terms and conditions, including their cookie policies over which we have no control.

Safeguarding information

Collected personal data are stored by the Commission under the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the Commission.  

The Commission’s contractors are bound by a specific contractual clause for any processing operations of your data on behalf of the Commission, and must guarantee the data protection and confidentiality level required by Regulation (EU) 2018/1725.

Your rights as a data subject

You have the right to obtain access to the personal data held by the Commission about you and to request its rectification or erasure, or restriction of processing or, where applicable, the right to object to processing or the right to data portability. Where the processing is based on your consent or explicit consent, you also have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

For any request concerning the processing of your personal data, we invite you to contact the operational controller responsible (as identified in the privacy statement related to the specific processing activity or e-service).

Where to find more detailed information

The Commission Data Protection Officer (DPO) publishes the register of all processing operations on personal data by the Commission, which have been documented and notified to him.

You may access the register via the following link: https://ec.europa.eu/dpo-register/