Dies ist eine HTML Version eines Anhanges der Informationsfreiheitsanfrage 'Commission Decision (EU) 2021/2121 on records management and archives'.



Ref. Ares(2020)2531349 - 13/05/2020
 
EUROPEAN 
  COMMISSION 
 
Brussels, XXX  
[…](2019) XXX draft 
 
COMMISSION DECISION 
of XXX 
on records management and archives 
 
EN   EN

COMMISSION DECISION 
of XXX 
on records management and archives 
THE EUROPEAN COMMISSION, 
Having regard to the Treaty on the Functioning of the European Union, 
Having regard to Council Regulation (EEC, Euratom) No 354/831, as amended by Council 
Regulation (EC, Euratom) No 1700/20032 and Council Regulation (EU) No 2015/4963, 
Having regard to Regulation (EU) No 910/20144 of the European Parliament and of the 
Council, 
Having regard to Commission Decision (EU, Euratom) 2015/443 and its implementing rules5, 
Having regard to Commission Decision (EU, Euratom) 2015/444 and its implementing rules6, 
Having regard to Commission Decision (EU, Euratom) 2017/467, 
Having regard to Regulation (EU) 2018/17258 of the European Parliament and of the Council, 
Having regard to Regulation (EC) No 1049/20019 of the European Parliament and of the 
Council, 
Whereas: 
                                                 

Council Regulation (EEC, Euratom) No 354/83 concerning the opening to the public of the historical 
archives of the European Economic Community and the European Atomic Energy Community (OJ 
L 43, 15.2.1983, p. 1). 

Council Regulation (EC, Euratom) No 1700/2003 amending Regulation (EEC, Euratom) No 354/83 
concerning the opening to the public of the historical archives of the European Economic Community 
and the European Atomic Energy Community (OJ L 243, 27.9.2003, pp. 1-4) 

Council Regulation (EU) 2015/496 of 17 March 2015 amending Regulation (EEC, Euratom) No 354/83 
as regards the deposit of the historical archives of the institutions at the European University Institute in 
Florence (OJ L 79, 25.3.2015, pp. 1-5). 

Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on 
electronic identification and trust services for electronic transactions in the internal market and 
repealing Directive 1999/93/EC (OJ L 257, 28.8.2014, pp. 73-114). 

Commission Decision (EU, Euratom) 2015/443 on security in the Commission (OJ L 72, 17.3.2015, 
pp. 41-52), Security Notice C(2019) 1903 on information assessment and classification and Security 
Notice C(2019) 1904 for marking and handling of sensitive non-classified information. 

Commission Decision (EU, Euratom) 2015/444 on the security rules for protecting EU classified 
information (OJ L 72, 17.3.2015, pp. 53-88), Security Notice C(2019) 1903 on information assessment 
and classification and Security Notice C(2019) 1904 for marking and handling of sensitive non-
classified information. 

Commission Decision (EU, Euratom) 2017/46 on the security of communication and information 
systems in the Commission (OJ L 6, 11.1.2017, pp. 40-51). 

Regulation (EU) 2018/1725 of the European Parliament and of the Council on the protection of natural 
persons with regard to the processing of personal data by the Union institutions, bodies, offices and 
agencies and on the free movement of such data and repealing Regulation (EC) No 45/2001 and 
Decision 1247/2002/EC (OJ L 295, 21.11.2018, pp. 39-98). 

Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 
regarding public access to European Parliament, Council and Commission documents (OJ L 145, 
31.5.2001, pp. 43-48). 
EN 
1  
EN 

(1) 
The records held by the Commission form the basis for its operation and daily work. 
They are part of the Commission’s assets and also fulfil the function of facilitating the 
exchange of information, providing evidence of action taken, meeting the institution’s 
legal obligations and preserving its memory. They must therefore be managed in 
accordance with effective rules applicable to all directorates-general and equivalent 
departments. 
(2) 
The Commission keeps records that are created, received and managed in the course of 
its activities. All records, regardless of format and the technological environment in 
which they are collected, created or generated, are captured and maintained in an 
official electronic repository of records. 
(3) 
Provisions on records management and archives define the principles of records and 
archives management, in order to ensure: the creation, receipt and proper preservation 
or elimination of records and their consultation and communication; the authenticity, 
reliability, integrity and readability over time of records and the metadata 
accompanying them; the identification of each record together with the extraction and 
allocation of metadata, so that it can be filed, searched and is easily traceable; the 
development, maintenance and updating of the structure of the Commission’s records 
and archives management systems, its electronic repositories and its repositories for 
analogue media. 
(4) 
Such principles are intended to cover the lifecycle of Commission’s records, whatever 
their medium, making available, exchanging, sharing, reusing and disseminating data, 
information and records, in line with the policy governance and practice of the 
Commission’s data and information management. 
(5) 
Effective and proper records management and archiving help meet transparency 
obligations, in particular by promoting efficient public access to documents and 
implementing the principle of accountability of public actions. 
(6) 
By Decision 2002/47/EC, ECSC, Euratom, the Commission adopted provisions on 
document management and by Decision 2004/563/CE, Euratom it adopted provisions 
on electronic and digitised documents to establish electronic document management 
and archiving, laying down a common set of rules and procedures applicable to all the 
departments. 
(7) 
It is paramount to update provisions determining the conditions under which 
electronic, digitised and electronically transmitted documents are valid and stored, for 
the Commission’s purposes. 
(8) 
The records management and archiving policy should take account of the 
Commission’s digital transformation10. Therefore, the principle of the creation of 
records only in electronic format is strongly enounced; exceptions to this principle are 
nevertheless possible. 
(9) 
The Union institutions, bodies, offices and agencies are encouraged to recognise 
electronic identification and trust services covered by Regulation (EU) No 910/2014 
for the purpose of administrative cooperation capitalising, in particular, on existing 
good practices and the results of ongoing projects in the areas covered by the 
abovementioned Regulation. 
                                                 
10 
Communication to the Commission C(2018) 7118 on the European Commission Digital Strategy. See 
also Commission Communication C(2016) 6626, which sets out the general orientations of the internal 
policy for data, information and knowledge management at the Commission. 
EN 
2  
EN 

(10)  Commission’s rules and procedures on records management and archives are regularly 
updated taking account of developments and results of academic and scientific 
research, including the emergence of related standards and developments in 
information and communication technologies’. 
(11)  A records management system does not only register records, but more broadly 
captures them to clearly and reliably identify them, ensure their traceability and make 
them available to other users through filing or other means of aggregation of records 
throughout their life cycle. 
(12)  Information systems, networks and transmission facilities which feed the 
Commission’s records system are protected by adequate security measures in 
accordance with the applicable security rules for protecting information. 
(13)  Data and information are available and shared as widely as possible within the 
Commission in order to facilitate the collaborative working of its staff and the 
retrievability and reuse of data and information and to promote the synergy of its 
resources and improve efficiency. 
(14)  Each institution of the European Union establishes its historical archives and opens 
them to the public in accordance with Regulation (CEE, EURATOM) No 354/83. 
Each institution furthermore adopts internal rules for the application of this 
Regulation. 
(15)  Under Regulation (EU) 2018/1725, the Commission is required to provide information 
to data subjects on the processing of personal data concerning them and to respect 
their rights as data subjects. However, the Commission should reconcile those rights 
with the objectives of archiving in the public interest in accordance with data 
protection law. 
(16)  Articles 16(5) and 19(3) of Regulation (EU) 2018/1725 provide for exceptions to data 
subjects’ right to information and right to erasure in respect of processing for 
archiving purposes in the public interest. Those rights should not apply in principle in 
the particular context of the historical archives of the Commission taking into account 
the size of the institution and its records and the nature of archiving in the public 
interest. The erasure of personal data contained in such records, in particular, would 
undermine the validity, integrity and authenticity of the Commission’s archives and is 
therefore likely to seriously impair the achievement of the objectives of archiving in 
the public interest.  
(17)  The Commission may be unable or would be required to make a disproportionate 
effort to provide information on processing once its files and records selected for 
permanent preservation have been transferred to the historical archives. Data subjects 
should be informed that records containing their personal data may be transferred to 
the historical archives at the end of the retention period defined for such records as 
part of the information referred to in Articles 15 and 16 of Regulation (EU) 2018/1725 
provided in respect of the original processing operations for purposes of which the 
personal data are initially collected. 
(18)  Article 25(4) of Regulation (EU) 2018/1725 gives the Commission the possibility to 
provide for derogations from the rights referred to Articles 17, 18, 20, 21, 22 and 23 of 
that Regulation in so far as such rights are likely to render impossible or seriously 
impair the achievement of archiving purposes in the public interest and such 
derogations are necessary for the fulfilment of those purposes. Unless derogations are 
EN 
3  
EN 

provided for in a legal act adopted on the basis of the Treaties, it is necessary to adopt 
internal rules under which the Commission is entitled to derogate from those rights. 
(19)  Granting access to personal data in case of a data subject request which does not 
provide specific information regarding the processing concerned by the request may 
involve a disproportionate administrative effort or be practically impossible, given the 
size and nature of the Commission’s historical archives. 
(20)  The rectification of personal data would undermine the integrity and authenticity of 
the Commission’s archives and defeat the purpose of archiving in the public interest. 
This is without prejudice to the possibility of the Commission, in duly justified cases 
of inaccurate personal data, to decide to include a supplementary statement or 
annotation to the record concerned. 
(21)  Personal data form an integral and indispensable part of records selected for 
permanent preservation. Therefore, granting the right to object to the processing of 
personal data contained in such records would render impossible the achievement of 
the purposes of archiving in the public interest. 
(22)  The Commission should impose derogations subject to the conditions and safeguards 
referred to in Article 13 of Regulation (EU) 2018/1725. 
(23)  In application of the principle of accountability, the Commission should keep a record 
of its application of derogations. 
(24)  To guarantee utmost protection of the rights and freedoms of data subjects and in 
accordance with Article 44(1) of Regulation (EU) 2018/1725, the Data Protection 
Officer of the Commission should be informed in due time of the application of 
derogations under this Decision. 
(25)  All members of staff are accountable for the creation and correct management of the 
records related to policies, process and procedures for which they are responsible. 
 
HAS ADOPTED THIS DECISION: 
 
Chapter I 
General provisions 
Article 1 
Subject matter 
This Decision lays down rules concerning: 
(a) 
the management of Commission records and archives; 
(b) 
the preservation and opening of the archives to the public and for deposit of the 
historical archives of the Commission at the Historical Archives of the European 
Union at the European University Institute (EUI) in Florence. 
Article 2 
Scope 
This Decision shall apply to records held by the Commission and to its archives, irrespective 
of their form, medium, age and location. 
EN 
4  
EN 

It may be applicable, by specific agreement, to records held by other entities responsible for 
applying certain Union policies or to records exchanged via data transmission networks 
between administrations and the Commission. 
The scope of the rules contained in this Decision is aligned to the obligations to provide 
access to documents held by the Commission in accordance with the principles, modalities 
and limits laid down in Regulation (EC) No 1049/2001. 
Article 3 
Definitions 
For the purposes of this Decision, the following definitions shall apply: 
(1) 
‘record’ means information, received and created in the form of a document, a 
collection of data or other form in a digital or analogue medium that is captured in an 
official repository and managed and maintained as evidence and as an asset;11 
(2) 
‘document’ means any content whatever its medium (written on paper or stored in 
electronic form or as a sound, visual or audiovisual recording) concerning a matter 
relating to the policies, activities and decisions falling within the institution's sphere 
of responsibility;12 
(3) 
‘metadata’ means any information describing the context, content and structure of 
records and their management over time for the purposes of, inter alia, retrieval, 
accessibility and reuse; 
(4) 
‘digitisation’ means the process of transforming a record on paper or any other 
traditional medium into an electronic rendition; 
(5) 
‘official repository of records’ means a system, recognised and approved by the 
Secretariat-General, in which records held by the Commission are collected, 
organised and categorised to facilitate records retrieval, distribution, use, disposal or 
preservation; 
(6) 
‘capture’ means the insertion of a document into an official electronic repository by 
combining a unique identifier and metadata;13 
(7) 
‘unique identifier’ means sequence of digits or letters, or both, unambiguously 
assigned to a record by a machine or person and which identifies that record as 
unique and distinct from all other records; 
(8) 
‘registration’ means capturing a record into a register establishing that it is complete 
and properly constituted from an administrative and/or legal standpoint and 
certifying that it has been sent by an author to an addressee on a given date, as 
incoming or outgoing mail, or has been incorporated into one of the Commission’s 
official repositories; 
(9) 
‘file’ means core around which records are organised in line with the Commission’s 
activities, for reasons of proof, justification or information and to guarantee 
efficiency in the work. The group of records making up the file is organised in such a 
way as to form a coherent and relevant unit in terms of the activities conducted by 
the Commission or its departments; 
                                                 
11 ISO 
15489-1:2016, 
point 
3.14. 
12 
Article 3(a) of Regulation (EC) No 1049/2001. 
13 
ISO 15489-1:2016, point 9.3. 
EN 
5  
EN 

(10) 
‘filing plan’ means an instrument with hierarchical and logical structure, in the form 
of a tree structure with a number of interlinked headings, which enables files (or 
other aggregation of records) to be intellectually organised and linked to the context 
in which they were drawn up, on the basis of the functions, activities and working 
processes; 
(11) 
‘electronic signature’ means data in electronic form which is attached to or logically 
associated with other data in electronic form and which is used by the signatory to 
sign;14 
(12) 
‘advanced  electronic signature’ means an electronic signature that meets the 
following requirements: (a) it is uniquely linked to the signatory; (b) it is capable of 
identifying the signatory; (c) it is created using electronic signature creation data that 
the signatory can, with a high level of confidence, use under his sole control; and (d) 
it is linked to the data signed therewith in such a way that any subsequent change in 
the data is detectable;15 
(13) 
‘qualified electronic signature’ means an advanced electronic signature that is created 
by a qualified electronic signature creation device and which is based on a qualified 
certificate for electronic signatures;16 
(14) 
‘electronic seal’ means data in electronic form, which is attached to or logically 
associated with other data in electronic form to ensure the latter’s  origin and 
integrity;17 
(15) 
‘electronic time stamp’ means data in electronic form which binds other data in 
electronic form to a particular time establishing evidence that the latter data existed 
at that time;18 
(16) 
‘electronic registered delivery service’ means a service that makes it possible to 
transmit data between third parties by electronic means and provides evidence 
relating to the handling of the transmitted data, including proof of sending and 
receiving the data and that protects transmitted data against the risk of loss, theft, 
damage or any unauthorised alterations;19 
(17) 
‘authenticity’ means the fact that a record can be proved to be what it purports to be, 
to have been created or sent by the person purported to have created or sent it and to 
have been created or sent when purported;20 
(18) 
‘reliability’ means the fact that the content of a record can be trusted as full and 
accurate representation of the transactions, activities or facts to which they attest and 
that the record can be depended upon in the course of subsequent transactions or 
activities;21 
(19) 
‘integrity’ means the fact that a record is complete and unaltered;22 
                                                 
14 
Article 3(10) of Regulation (EU) No 910/2014. 
15  
Articles 3(11) and 26 of Regulation (EU) No 910/2014. 
16 
Article 3(12) of Regulation (EU) No 910/2014 
17 
Article 3(25) of Regulation (EU) No 910/2014. 
18 
Article 3(33) of Regulation (EU) No 910/2014. 
19 
Article 3(36) of Regulation (EU) No 910/2014. 
20 
ISO 15489-1:2016, point 5.2.2.1. 
21 
ISO 15489-1:2016, point 5.2.2.2. 
22 
ISO 15489-1:2016, point 5.2.2.3. 
EN 
6  
EN 

(20) 
‘validity’ means the fact that a document has all the intrinsic and extrinsic 
characteristics required by its production context, necessary in order to be accepted 
as an expression of its author with all its legal consequences; 
(21) 
‘admissibility’ means the fact that a document has all the intrinsic and extrinsic 
characteristics required by its reception context, necessary for it to be accepted as an 
expression of its author with all its legal consequences; 
(22) 
‘preservation’ means all technical processes and operations which make it possible to 
keep records over time, to maintain their integrity and authenticity and to guarantee 
access to their content; 
(23) 
‘personal data’ means any information relating to an identified or identifiable natural 
person (‘data subject’); an identifiable natural person is one who can be identified, 
directly or indirectly, in particular by reference to an identifier such as a name, an 
identification number, location data, an online identifier or to one or more factors 
specific to the physical, physiological, genetic, mental, economic, cultural or social 
identity of that natural person;23 
(24) 
‘controller’ means the Union institution or body or the directorate-general or any 
other organisational entity which, alone or jointly with others, determines the 
purposes and means of the processing of personal data; where the purposes and 
means of such processing are determined by a specific Union act, the controller or 
the specific criteria for its nomination can be provided for by Union law;24 
(25) 
‘processor’ means a natural or legal person, public authority, agency or other body 
which processes personal data on behalf of the controller.25 
 
Chapter II 
Records management 
Article 4 
Creation  
1. 
The author of any newly created information shall analyse it in order to determine 
the electronic management system by which the information will be managed, if it 
will be captured and in which official repository system it will be preserved. 
2. 
Records shall be created in accordance with the formal requirements laid down by 
Commission departments for the relevant types of records. 
3. 
The Commission’s records shall be created as electronic records and shall be kept in 
its official electronic repositories. 
Where a provision of Union or national law so requires, or where protocol 
convenience imposes paper medium, or where practical reasons impede digitisation 
of the document or where the preservation of the original analogue document has an 
added value because of its form or the material from which it is made or for 
historical reasons, records shall be created and kept in the required medium. 
                                                 
23 Article 
3(1) 
of 
Regulation 
(EU) 
2018/1725. 
24 
Article 3(8) of Regulation (EU) 2018/1725. 
25 
Article 3(12) of Regulation (EU) 2018/1725. 
EN 
7  
EN 

Article 5 
Digitisation 
1. 
Information in analogue media created or received by the Commission shall be 
systematically digitised. The resulting electronic renditions when captured in an 
official electronic repository, shall replace the corresponding original analogue 
document, unless a handwritten signature is required by a provision of Union law or 
the law of the Member State or third country concerned. 
2. 
The implementing rules lay down the procedural and technical details of digitisation, 
the applicable exceptions and the elimination of analogue records following their 
digitisation. 
Article 6 
Capture 
1. 
Each directorate-general or equivalent department shall regularly review the types of 
information created or received in the course of its activities, to identify which ones 
are to be captured in an official electronic repository and, taking account of the 
context in which they were produced, to organise their management throughout their 
life cycle. 
2. 
The captured records shall not be altered. They may be removed or replaced by 
subsequent versions until the file they belong to is closed. 
Article 7 
Registration 
1. 
Documents shall be registered if they contain important information which is not 
short-lived or when they may involve action or follow-up by the Commission or one 
of its departments. 
2. 
Registers shall be set up to generate the unique identifiers of the registered records 
and the rendition of electronic records. 
Any such register shall be connected to one or more electronic repositories. 
Exceptions may be made for security reasons. 
Article 8 
Filing plan 
The Secretariat-General maintains the Commission’s filing plan. This filing plan, which can 
be accessed by electronic means, is associated with a common nomenclature defined for all 
Commission departments. This nomenclature shall form part of the Commission’s activity-
based management. 
Article 9 
Computerised processes and systems 
The Commission’s directorates-general and equivalent departments shall keep and manage 
their records by means of computerised processes and computerised systems and structures 
with interfaces to ensure storage, access to and recovery of records, unless required otherwise 
by a Commission provision. 
EN 
8  
EN 

Article 10 
Legal effects of electronic signatures, seals, timestamps and electronic registered delivery 
services 
1. 
A qualified electronic signature shall have the equivalent legal effect of a 
handwritten signature. 
2. 
A qualified electronic seal shall enjoy the presumption of integrity of the data and of 
correctness of the origin of that data to which the qualified electronic seal is linked. 
3. 
A qualified electronic time stamp shall enjoy the presumption of the accuracy of the 
date and the time it indicates and the integrity of the data to which the date and time 
are bound. 
4. 
Data sent and received using a qualified electronic registered delivery service shall 
enjoy the presumption of the integrity of the data, the sending of that data by the 
identified sender, its receipt by the identified addressee and the accuracy of the date 
and time of sending and receipt indicated by the qualified electronic registered 
delivery service. 
Article 11 
Validity of documents and procedures 
1. 
A document created or received by the Commission shall be considered to satisfy the 
validity or admissibility criteria where the following conditions are met: 
(a)  the person from whom it originates is identified; 
(b)  the context in which the document was produced is reliable and the document 
meets the conditions that guarantee its integrity; 
(c)  the document complies with the formal requirements laid down in the 
applicable Union or national law; 
(d)  in the case of an electronic document, the document is created in a way that 
guarantees the integrity, reliability and usability of its content and the 
accompanying metadata. 
2. 
An electronic rendition created by digitising an analogue document created or 
received by the Commission shall be considered to satisfy the validity or 
admissibility criteria where the following conditions are fulfilled: 
(a)  no signature is required by a provision of Union law or the law of a Member 
State or third country concerned, 
(b)  its format offers guarantees of integrity, reliability, durability, readability over 
time and ease of access to the information it contains. 
Where a signed analogue document is not required, such an electronic rendition may 
be used for any exchange of information and for any internal procedure within the 
Commission. 
3. 
Where a provision in Union or national law requires a signed original of a document, 
a document drawn up or received by the Commission shall satisfy that requirement if 
the document contains any of the following: 
(a)  one or more handwritten or qualified electronic signatures, 
EN 
9  
EN 

(b)  one or more electronic signatures, other than qualified, providing sufficient 
guarantees about the identification of the signatory and the expression of their 
will in the signed document. 
4. 
Where a procedure specific to the Commission requires the signature of an 
authorised person or the approval of a person at one or more stages of the procedure, 
the procedure may be managed by computer systems, provided that each person is 
clearly and unambiguously identified and that the system in question provides 
guarantees that the content is not altered during the procedure. 
5. 
Where a procedure involves the Commission and other entities and requires the 
signature of an authorised person or the approval of a person at one or more stages of 
the procedure, the procedure may be managed by computer systems offering 
conditions and technical assurances determined by mutual agreement. 
Article 12 
Provision of data and information within the Commission 
1. 
Data and information shall be made available and shared as widely as possible within 
the Commission, unless legal obligations require limiting access. 
2. 
In the interest of information sharing, directorates-general and equivalent 
departments shall ensure that their files are as widely accessible as the sensitivity of 
their content allows. 
Article 13 
Information security and protection 
Records shall be managed in accordance with the Commission security rules applicable to the 
protection of information. To this end, records, files, information systems and archives, 
including their networks and means of transmission, shall be protected by appropriate security 
measures for the management of classified information, sensitive non-classified information 
and personal data. 
Classified information shall be processed in accordance with the rules in force on security. 
 
Chapter III 
Preservation and historical archives 
Article 14 
Storage and preservation 
1. 
Storage and preservation shall take place under the following conditions: 
(a)  records shall be stored in the form in which they were created, sent or received 
or in a form which preserves the authenticity, reliability and the integrity of 
their content and of the accompanying metadata; 
(b)  the contents of records and their relevant metadata must be readable throughout 
their period of their storage by any person authorised to have access to them; 
(c)  where records sent or received electronically, the information required to 
determine its origin or destination and the date and time of the capture or 
registration, shall be part of the minimum metadata to be stored; 
EN 
10  
EN 

(d)  as regards electronic procedures managed by IT systems, information 
concerning the formal stages of the procedure shall be stored under such 
conditions as to ensure that those stages and the authors and participants can be 
identified. 
2. 
The Secretary-General shall ensure the implementation of a digital preservation 
strategy to ensure long-term access to electronic records on the basis of the retention 
lists referred in Article 15(1). The strategy shall be drawn up in cooperation with the 
Historical Archives Service and shall ensure that processes, tools and resources are in 
place to ensure the authenticity, reliability and integrity of records and their 
accessibility.  
Article 15 
Retention, transfer and elimination 
1. 
The retention period for the various categories of files and, in certain cases, records, 
shall be defined for the whole Commission by way of regulatory instruments, such as 
the common retention list, or one or more specific retention lists drawn up on the 
basis of the organisational context, the existing legislation and the Commission’s 
legal obligations. 
2. 
Directorates-general and equivalent departments shall regularly conduct an appraisal 
of records and files managed by them in view of assessing whether they shall be 
transferred to the Commission’s historical archives referred to in Article 16, or 
eliminated. 
However, a set of metadata on records and files shall be retained in the original 
electronic repository as evidence of such records and files and their transfer or 
elimination. 
3. 
EU classified information with a classification CONFIDENTIEL UE/EU 
CONFIDENTIAL or higher, shall not be transferred to the Historical Archives 
Service. 
Article 16 
Commission’s Historical Archives Service 
The tasks of the Historical Archives Service shall be to: 
(a) 
guarantee the authenticity, reliability and integrity of and access to the records, files 
and archives of the Commission which have been transferred to it; 
(b) 
ensure the material protection and integrity of the metadata of records and files 
provided by the transferring departments; 
(c) 
make records and files available on request to the directorates-general or equivalent 
departments; 
(d) 
undertake, where necessary and in cooperation with the originating directorate-
general or equivalent department or its successor, the second review of all transferred 
records, files and archives; 
(e) 
initiate the declassification of classified documents as referred in Articles 2 and 5 of 
Council Regulation (EC, Euratom) No 354/1983; 
(f) 
open the historical archives to the public after the expiry of a period of 30 years, 
except for those records covered by exceptions relating to the privacy and integrity of 
EN 
11  
EN 

individuals, or the commercial interests of a natural or legal person, including 
intellectual property; 
(g) 
deposit the historical archives that have been opened to the public at the historical 
archives of the EU. 
Article 17 
Processing of personal data contained in the historical archives 
1.  
The following derogations from the rights of data subjects shall apply in accordance 
with Article 25(4) of Regulation (EU) 2018/1725, as necessary for the fulfilment of 
archiving purposes in the public interest and in order to preserve the integrity of the 
historical archives, in particular: 
(a)  the right of access26, in so far as the request of the data subject does not allow 
for the identification of specific records without involving disproportionate 
administrative effort. In assessing the action to be taken on the request of the 
data subject and the administrative effort required account shall be taken in 
particular of the information provided by the data subject and the nature, scope 
and size of the records potentially concerned, 
(b)  the right to rectification27, as rectification renders impossible to preserve the 
integrity and authenticity of records selected for permanent preservation in the 
historical archives, without prejudice to the possibility of a supplementary 
statement or annotation to the record concerned, unless this proves impossible 
or involves disproportionate effort, 
(c)  the obligation to notify the rectification or erasure of personal data28 in so far as 
this proves impossible or involves disproportionate effort,  
(d)  the right to object to the processing29, in so far as the personal data are 
contained in records selected for permanent preservation in the historical 
archives as an integral and indispensable part of these records. 
2. 
The Commission shall implement appropriate safeguards to ensure compliance with 
Article 13 of the Regulation (EU) 2018/1725. Such safeguards shall include technical 
and organisational measures in particular in order to ensure respect for the principle 
of data minimisation. The safeguards shall include: 
(a)  the files to be transferred to the historical archives are selected following a 
case-by-case assessment according to the Commission’s retention lists. All the 
other files, including structured personal data files, such as personal and 
medical files are eliminated at the end of the administrative retention period; 
(b)  the retention lists provide for the administrative elimination of certain types of 
records before the end of the administrative retention period. Consequently, 
these types of records are not processed for archiving purposes in the public 
interest; 
(c)  prior to processing for archiving purposes in the public interest, the directorate-
general or equivalent department reports the potential presence of records 
                                                 
26 
Articles 17 of Regulation (EU) 2018/1725. 
27 Article 
18 
of 
Regulation 
(EU) 
2018/1725. 
28 Article 
21 
of 
Regulation 
(EU) 
2018/1725. 
29 Article 
23 
of 
Regulation 
(EU) 
2018/1725. 
EN 
12  
EN 

covered by Article 2(1) of Council Regulation (EEC, Euratom) No 354/83 in 
the files to be transferred to the historical archives; 
(d)  before any Commission file is opened to the public, the Historical Archives 
Service reviews it to verify the possible presence of records covered by the 
exceptions indicated in Article 2(1) of Council Regulation (EEC, Euratom) 
No 354/83, including on the basis of the signposting referred to in point (c) 
with the aim of protecting personal data. 
3. 
The Commission shall record the reasons for derogations applied pursuant to this 
Decision. The record and, where applicable, the documents concerning the factual or 
legal context shall be registered. They shall be made available to the European Data 
Protection Supervisor on request. 
4. 
The Data Protection Officer of the Commission shall be informed, without any undue 
delay, of the application of derogations from data subject rights in accordance with 
this Decision. Upon request, the Data Protection Officer shall be provided with 
access to the associated records and any documents concerning the factual or legal 
context. 
Article 18 
Deposit of the Commission’s historical archives at the EUI 
1. 
The  Commission’s  Historical Archives Service shall provide the EUI, where 
possible, access to digitised copies of records on an analogue medium. 
2. 
The EUI shall be the main access point to the Commission’s historical archives that 
are open to the public. 
3. 
The  Commission’s  Historical Archives Service shall send EUI descriptions of the 
deposited archives. In accordance with international standards and to facilitate the 
exchange of metadata, the Commission will promote interoperability between its 
archives systems and those of by the EUI. 
4. 
The EUI acts as processor in accordance with Article 3 of Regulation (EU) 
2018/1725, under instructions from the Commission which acts as controller of 
personal data contained in the historical archives deposited at the EUI. The 
Commission’s  Historical Archives Service provides, on behalf of the Commission, 
the necessary instructions for the processing of personal data contained in the 
deposited archives by the EUI and monitors its performance. 
5. 
Classified information shall not be deposited at the EUI. 
 
Chapter IV 
Governance and implementation 
Article 19 
 Governance at Commission level 
1. 
Each director-general or head of department shall put in place the necessary 
organisational, administrative and physical structure and provide the staff required 
for the implementation of this Decision and the implementing rules by their 
departments. 
EN 
13  
EN 

2. 
The Secretariat-General shall be responsible for ensuring that this Decision and its 
implementing rules are applied. 
3. 
The Directorate-General for Informatics shall be responsible to provide the 
technological infrastructure to implement this Decision. 
Article 20 
Network of document management officers 
1. 
Each director-general or head of department shall designate a document management 
officer for the purpose of maintaining a modern and efficient records management 
system in their department and of ensuring coordination within their department, 
with the Secretariat-General and the other departments of the Commission. 
2. 
The role of the network of document management officers, chaired by the 
Secretariat-General, shall be to: 
(a)  ensure the correct and uniform application of this Decision within the 
Commission Departments; 
(b)  deal with any issues which may arise from their application; 
(c)  share the requirements of directorates-general and equivalent departments as 
regards training and support measures. 
Article 21 
Information, training and support 
The Secretariat-General, in close cooperation with the Directorate-General for Informatics, 
the Directorate-General for Human Resources and Security and the Commission’s Historical 
Archives Service, shall put in place the information, training and support measures necessary 
to ensure the application of this Decision within the directorates-general and equivalent 
departments. 
Article 22 
Implementing rules 
The Secretary-General shall ensure the implementation of implementing rules, which will be 
drawn up in coordination with the directorates-general and equivalent departments. 
They shall be regularly updated taking account in particular of: 
(a) 
developments regarding records and archives management and results of academic 
and scientific research, including the emergence of related standards, 
(b) 
developments in information and communication technologies, 
(c) 
the applicable rules on the probative value of electronic records, 
(d) 
the Commission’s obligations as regards transparency, public access to documents 
and the opening to the public of archives, 
(e) 
any new obligations by which the Commission may be bound, 
(f) 
harmonisation in the presentation of records from the Commission and its 
departments. 
EN 
14  
EN 

Article 23 
Repeal of previous acts 
Decision 2002/47/EC, ECSC, Euratom and Decision 2004/563/EC, Euratom are repealed. 
Article 24 
Entry in force 
This Decision shall enter into force on the day of its adoption. 
Done at Brussels, 
 
For the Commission 
 
[…] 
 
 

The President  
 
 
EN 
15  
EN