SDPC, DPA and TIA for the use of personal data processing software by the European Commission

Cette demande a été retirée par la personne qui l'a fait . Il ya peut etre une explication ci dessous .

Dear Data Protection Officer,

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

1) Indication of whether, which and for what purpose personal data processing services / software of organizations (e.g., as processor / data importer) located outside the EU/EEA are used acutally by the European Commission.

2) Indication of whether, which and for what purpose such personal data processing services of organizations located within the EU/EEA, but with subcontractors outside the EU/EEA, are actually used by the European Commission.

3) Per individual of these services with the aforementioned third country references:

a) I request an indication as to whether and which transfers pursuant to Art. 44 et seq. GDPR are triggered by the use of these services.

b) I ask for all contracts concluded with the providers of these services in this respect, which are necessary under data protection law, or for a missing indication if there are no such contracts. In particular, namely: contract for commissioned processing according to Art. 28 DSGVO as well as standard data protection clauses according to Art. 46 GDPR.

c) I request the provision of the documented "Transfer Impact Assessment" required according to clause 14 of the current standard data protection clause sets of the EU Commission or the documented "Transfer Impact Assessment" required according to Art. 46 (1) GDPR in conjunction with the principles from ECJ judgment "Schrems II" regarding the data transfers associated with the use of such services.

It should be possible to find the above information without major effort, in particular by means of corresponding information and links in the official processing directory pursuant to Art. 30 GDPR to which, as DPOs, they should already have easy access by law.

Yours faithfully,
Heiko Roth

SG ACCES DOCUMENTS, Délégué à la protection des données

1 Attachment

Link: [1]File-List
Link: [2]Edit-Time-Data
Link: [3]themeData
Link: [4]colorSchemeMapping

Dear Sir,


Thank you for your request for access to documents.


Unfortunately, you have not indicated your postal address. This is
necessary for registering and handling your request in line with the
procedural requirements.


Please send us your full postal address at your earliest convenience.
Pending your reply, we reserve the right to refuse the registration of
your request.


Please accept our sincere apologies for the late reaction; your initial
request was discovered in the Junk mail folder of the DPO’s office.


Yours faithfully,






European Commission


SG C.1

[6][email address]




Afficher les sections citées


i will repeat my request via Thank you for your support.

Yours sincerely,