acting Secretary-General of the EDPS
Dear European Data Protection Supervisor,
Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:
This request concerns the position of Acting Secretary-General of the EDPS.
In particular, I hereby request access to all documents, independently of the format or medium (including but not limited to emails, notes, internal memoranda, briefings, legal opinions, correspondence and attachments), related to:
The legal basis for the appointment of the Acting Secretary-General of the EDPS, including any legal analysis, interpretation of the applicable rules, or references to relevant provisions of EU law, the Staff Regulations, internal rules or decisions.
The decision on appointment of the Acting Secretary-General, including:
a) when the Acting Secretary-General was appointed;
b) the decision or decisions appointing the Acting Secretary-General;
c) any preparatory documents, proposals or internal discussions leading to this appointment;
The status of the former Secretary-General, Mr Cervera-Navas, including:
a) documents concerning the end, suspension or modification of his functions as Secretary-General;
b) any decisions, notes or correspondence clarifying his administrative or legal status after the appointment of the Acting Secretary-General;
c) any justification of steps taken.
d) any documents clarifying the duration, scope and conditions of the mandate of the Acting Secretary-General.
For the avoidance of doubt, this request covers all documents held by the EDPS falling within the above description, including draft documents and internal communications.
If parts of the requested documents are considered exempt from disclosure, I kindly request access to the remaining parts in accordance with Article 4(6) of Regulation (EC) No 1049/2001.
I would prefer to receive the requested documents in electronic format. In case you consider that this request needs clarification or to be limited, I remain available to discuss it.
Yours faithfully,
Pablo García
Dear requester,
We acknowledge the receipt of your request, registered on 26.01.2026. In
accordance with Article 7(1) of Regulation (EU) No 1049/2001 regarding
public access to European Parliament, Council and Commission documents,
you will receive a reply within 15 working days (by 13.02.2026).
Your case number is 2026-0100.
Please note that your personal data will only be processed for the
purposes of replying to your request and in accordance with the privacy
statement set out below. More information on how the EDPS process personal
information can be found on our [1]website.
Yours sincerely,
EDPS Access to Documents
[2]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | › Email:
[3][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[4]Twitter [5]@EU_EDPS [6]Website [7]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [8][EDPS request email]. You may also contact the data protection
officer of the EDPS ([9][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[10][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [11][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
References
Visible links
1. https://edps.europa.eu/about-edps/data-p...
2. file:///tmp/tel:+3222831900
3. mailto:[email address]
5. http://@eu_edps/
7. http://www.edps.europa.eu/
http://www.edps.europa.eu/
8. mailto:[EDPS request email]
9. mailto:[email address]
10. mailto:[EDPS request email]
11. mailto:[EDPS request email]
Dear requester,
In line with the European Ombudsman's decisions in cases 1500/2019/TM and
1600/2019/TM, and to determine your eligibility for access to documents
under Article 2(1) of Regulation 1049/2001, we require you to provide
proof of identification in order to authenticate your identity. Should you
provide a copy of your ID card or passport or any other document, personal
details such as your full name, the issuing authority, citizenship or
residence and the expiry date should be visible. Personal data such as
photo, serial-number, nationality and personal characteristics can be
blacked out on the copy. The EDPS' use of the information on your
identification document is strictly limited: the personal data provided
will only be used to verify your identity and will not be stored for
longer than needed for this purpose.
Please be advised that failure to submit such proof within five working
days will result in the administrative closure of your case. Please note
that the 15-day deadline mentioned in our acknowledgment of receipt will
be suspended until we receive the requested information.
The EDPS would like to note that due to technical error the date by which
you will receive our reply was not calculated correctly. The correct date
is 16.02.2026. We apologise for any inconveniences we might cause.
We look forward to hearing from you.
Kind regards
Tsanko Tsankov
Transparency Officer
31902
MTS 02X044
From: EDPS Access to Documents <[email address]>
Sent: 26 January 2026 14:14
To: Pablo García <[FOI #16773 email]>
Subject: Acknowledgement of receipt access to documents [EDPS ref:
2026-0100 - D (2026) 0214]
Dear requester,
We acknowledge the receipt of your request, registered on 26.01.2026. In
accordance with Article 7(1) of Regulation (EU) No 1049/2001 regarding
public access to European Parliament, Council and Commission documents,
you will receive a reply within 15 working days (by 13.02.2026).
Your case number is 2026-0100.
Please note that your personal data will only be processed for the
purposes of replying to your request and in accordance with the privacy
statement set out below. More information on how the EDPS process personal
information can be found on our [1]website.
Yours sincerely,
EDPS Access to Documents
[2]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | › Email:
[3][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[4]Twitter [5]@EU_EDPS [6]Website [7]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [8][EDPS request email]. You may also contact the data protection
officer of the EDPS ([9][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[10][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [11][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
References
Visible links
1. https://edps.europa.eu/about-edps/data-p...
2. file:///tmp/tel:+3222831900
3. mailto:[email address]
5. http://@eu_edps/
7. http://www.edps.europa.eu/
http://www.edps.europa.eu/
8. mailto:[EDPS request email]
9. mailto:[email address]
10. mailto:[EDPS request email]
11. mailto:[EDPS request email]
Dear EDPS Access to Documents,
I'm very surprised that to execute my transparency right, EDPS is collecting photos of ID cards, which I find excessive. I'm sending you a photo via e-mail.
Yours sincerely,
Pablo García
Dear requester,
We acknowledge receipt of your message enclosing a copy of an identity document. However, the document provided does not clearly display the issuing authority and the expiry date, as previously requested.
You are therefore required to submit a copy of your identity document in which all the requested elements are clearly visible.
Please be advised that failure to submit such proof within 2 working days will result in the administrative closure of your case. Please note that the 15-day deadline mentioned in our acknowledgment of receipt is still suspended until we receive the requested information.
Kind regards
EDPS Access to Documents
| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | Email: [email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
@EU_EDPS www.edps.europa.eu
This email (and any attachment) may contain information that is internal or confidential. Unauthorised access, use or other processing is not permitted. If you are not the intended recipient please inform the sender by reply and then delete all copies. Emails are not secure as they can be intercepted, amended, and infected with viruses. The EDPS therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the Regulation), we are processing your personal data in order to reply to your request. The controller is the European Data Protection Supervisor (EDPS). The legal basis for this processing operation is Article 5(1)(b) of the Regulation, since processing is necessary for compliance with a legal obligation to which the EDPS is subject. The data processed include your contact details, your request, as well as personal data that might be collected during the investigation of your request. For the EDPS, case handlers, administrative staff and hierarchy involved in the request handling will have access to the case file containing your personal data on a need-to-know basis. All access to case files is logged. Your data will only be transferred to other EU institutions and bodies or to third parties when it is necessary to ensure the appropriate investigation or follow up of your request. Your data will be stored by the EDPS in electronic files until the end of the reporting period of the current year (as a rule, until mid-next year), unless legal proceedings require us to keep them for a longer period. Afterwards, only a brief anonymous note will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant information concerning how we use it. You have the right to rectify your personal data. Under certain conditions, you have the right to ask that we delete your personal data or restrict its use. We will consider your request, take a decision and communicate it to you. For more information, please see Articles 14 to 21, 23 and 24 of the Regulation. Please note that in some cases restrictions under Article 25 of the Regulation may apply. Any request to exercise your rights should be addressed to the EDPS at [EDPS request email]. You may also contact the data protection officer of the EDPS ([email address]), if you have any remarks or complaints regarding the way we process your personal data. You have the right to lodge a complaint with the EDPS, as supervisory authority. Any such request should be addressed to the EDPS at [EDPS request email]. You can reach the EDPS in the following ways: e-mail: [EDPS request email]; EDPS postal address: European Data Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
Dear EDPS Access to Documents,
The Ombudsman cases you refer to concern solely the confirmation of Member State nationality. The photograph of my ID I have already provided clearly confirms that I am a Spanish citizen.
I would like to remind you that, in accordance with the principle of data minimisation under EU data protection law, you may only request information that is strictly necessary for the stated purpose. You have already received the information required to proceed - a photo that shows my name, date of birth and confirms I'm a Spanish citizen.
By requesting additional documentation, you are going beyond what was established in the Ombudsman decisions (cases 1500/2019/TM and 1600/2019/TM) you refer to. In those cases, Frontex requested ID scans exclusively to confirm EU nationality.
I'm shocked that as a EU data protection authority you are now seeking more personal data than was deemed necessary even by law enforcement authorities (!!!)
It is particularly concerning that to limit my access rights you are invoking what is widely criticised by NGOs as a controversial Frontex practice. By doing so, you risk replicating the very non-transparency practices that have drawn criticism toward EU law enforcement agencies.
I have discussed this matter with a colleague from EDRi, who expressed serious concern about both the scope of your request and the condition that ID documents must be shared via email !!! This is against data protection laws.
Taking into account the Ombudsman’s findings and the data minimisation principle — which, as a data protection authority, you are obliged to uphold with particular diligence — I have provided all information necessary for you to proceed.
Should you decline to move forward on this basis, despite the fact that your request exceeds both the Ombudsman’s reasoning and the requirements applied even by law enforcement authorities, I will have no choice but to challenge the matter before the Ombudsman.
I'm still shocked that you request photos of IDs, which is against guidelines of the European Data Protection Board. You can find here guidelines you are violating (also EDRi opinion): https://www.edpb.europa.eu/system/files/...
I look forward to your confirmation that you will proceed accordingly.
Yours sincerely,
Pablo García
Dear requester,
For an identification document to be accepted as proof of citizenship or residence, it must, inter alia, (i) have been issued by a competent public authority and (ii) be valid at the time of its submission.
The EDPS is not seeking any additional documentation; rather, it requires the minimum necessary information to ascertain that the document provided satisfies the applicable requirements.
Please be advised that failure to submit such proof within the time limit provided in our previous communication will result in the administrative closure of your case. Please note that the 15-day deadline mentioned in our acknowledgment of receipt is still suspended until we receive the requested information.
Kind regards,
EDPS Access to Documents
| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | Email: [email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
@EU_EDPS www.edps.europa.eu
This email (and any attachment) may contain information that is internal or confidential. Unauthorised access, use or other processing is not permitted. If you are not the intended recipient please inform the sender by reply and then delete all copies. Emails are not secure as they can be intercepted, amended, and infected with viruses. The EDPS therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the Regulation), we are processing your personal data in order to reply to your request. The controller is the European Data Protection Supervisor (EDPS). The legal basis for this processing operation is Article 5(1)(b) of the Regulation, since processing is necessary for compliance with a legal obligation to which the EDPS is subject. The data processed include your contact details, your request, as well as personal data that might be collected during the investigation of your request. For the EDPS, case handlers, administrative staff and hierarchy involved in the request handling will have access to the case file containing your personal data on a need-to-know basis. All access to case files is logged. Your data will only be transferred to other EU institutions and bodies or to third parties when it is necessary to ensure the appropriate investigation or follow up of your request. Your data will be stored by the EDPS in electronic files until the end of the reporting period of the current year (as a rule, until mid-next year), unless legal proceedings require us to keep them for a longer period. Afterwards, only a brief anonymous note will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant information concerning how we use it. You have the right to rectify your personal data. Under certain conditions, you have the right to ask that we delete your personal data or restrict its use. We will consider your request, take a decision and communicate it to you. For more information, please see Articles 14 to 21, 23 and 24 of the Regulation. Please note that in some cases restrictions under Article 25 of the Regulation may apply. Any request to exercise your rights should be addressed to the EDPS at [EDPS request email]. You may also contact the data protection officer of the EDPS ([email address]), if you have any remarks or complaints regarding the way we process your personal data. You have the right to lodge a complaint with the EDPS, as supervisory authority. Any such request should be addressed to the EDPS at [EDPS request email]. You can reach the EDPS in the following ways: e-mail: [EDPS request email]; EDPS postal address: European Data Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
Dear requester,
The EDPS has not received the requested information within the prescribed time limit. In the absence of the necessary information, we have no alternative but to proceed with the administrative closure of your case.
This letter serves as formal notification of the closure and constitutes our final communication on this matter.
If you wish to obtain documents from the European Data Protection Supervisor (EDPS), please submit a separate request. Kindly note that, in accordance with the European Ombudsman’s decisions in cases 1500/2019/TM and 1600/2019/TM, and to assess your eligibility for access to documents under Article 2(1) of Regulation 1049/2001, we require you to provide proof of identification to verify your identity.
When submitting a copy of your ID card, passport, or any other identification document, please ensure that the following personal details are clearly visible: your full name, issuing authority, citizenship or residence, and expiry date. You may obscure personal data such as your photograph, serial number, nationality, and other personal characteristics.
Please be assured that the EDPS will use the information solely to verify your identity, and this data will not be retained longer than necessary for this purpose.
Thank you for your understanding.
EDPS Access to Documents
| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | Email: [email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
@EU_EDPS www.edps.europa.eu
This email (and any attachment) may contain information that is internal or confidential. Unauthorised access, use or other processing is not permitted. If you are not the intended recipient please inform the sender by reply and then delete all copies. Emails are not secure as they can be intercepted, amended, and infected with viruses. The EDPS therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the Regulation), we are processing your personal data in order to reply to your request. The controller is the European Data Protection Supervisor (EDPS). The legal basis for this processing operation is Article 5(1)(b) of the Regulation, since processing is necessary for compliance with a legal obligation to which the EDPS is subject. The data processed include your contact details, your request, as well as personal data that might be collected during the investigation of your request. For the EDPS, case handlers, administrative staff and hierarchy involved in the request handling will have access to the case file containing your personal data on a need-to-know basis. All access to case files is logged. Your data will only be transferred to other EU institutions and bodies or to third parties when it is necessary to ensure the appropriate investigation or follow up of your request. Your data will be stored by the EDPS in electronic files until the end of the reporting period of the current year (as a rule, until mid-next year), unless legal proceedings require us to keep them for a longer period. Afterwards, only a brief anonymous note will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant information concerning how we use it. You have the right to rectify your personal data. Under certain conditions, you have the right to ask that we delete your personal data or restrict its use. We will consider your request, take a decision and communicate it to you. For more information, please see Articles 14 to 21, 23 and 24 of the Regulation. Please note that in some cases restrictions under Article 25 of the Regulation may apply. Any request to exercise your rights should be addressed to the EDPS at [EDPS request email]. You may also contact the data protection officer of the EDPS ([email address]), if you have any remarks or complaints regarding the way we process your personal data. You have the right to lodge a complaint with the EDPS, as supervisory authority. Any such request should be addressed to the EDPS at [EDPS request email]. You can reach the EDPS in the following ways: e-mail: [EDPS request email]; EDPS postal address: European Data Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.
Dear EDPS Access to Documents Team,
In your correspondence, you referred to the European Ombudsman’s decisions in cases 1500/2019/TM and 1600/2019/TM. These decisions appear to clearly establish that applicants may redact identity documents, leaving visible only the data strictly necessary for identification.
As stated in the Ombudsman’s findings in this cases (point 10): "applicants may redact their identity documents leaving available only the names and the issuing country".
In light of this reasoning, I understand that it should be sufficient to provide an identity document with all personal data redacted except for the name and issuing country, which adequately serve the purpose of verification while respecting the principle of data minimisation.
I would therefore kindly inform you that I will submit a complaint about your actions to the European Ombudsman.
Yours sincerely,
Pablo García
Dear European Data Protection Supervisor,
Please pass this on to the person who reviews confirmatory applications.
I am filing the following confirmatory application with regards to my access to documents request 'acting Secretary-General of the EDPS'.
In light of the Ombudsman’s case law, notably cases 1500/2019/TM and 1600/2019/TM, it is my understanding that, for the purpose of verifying identity in access to documents procedures, it is sufficient to collect identification data limited to confirming a requester’s name and nationality. The Ombudsman’s findings appear to emphasise the principle of data minimisation and the need to avoid excessive collection of personal data.
In their correspondence, the EDPS Access to Documents team themselves referred to these cases, available here: https://www.ombudsman.europa.eu/en/decis... . These decisions appear to clearly establish that applicants may redact identity documents, leaving visible only the data strictly necessary for identification.
As stated in the Ombudsman’s findings in these cases (point 10): "applicants may redact their identity documents leaving available only the names and the issuing country".
In light of this reasoning, I understand that it should be sufficient to provide the EDPS Access to Documents team an identity document with all personal data redacted except for the name and issuing country, which adequately serve the purpose of verification while respecting the principle of data minimisation.
I provided the EDPS Access to Documents team with a picture of my identity document showing my name, date of birth and issuing country.
However, I have been asked by the EDPS Access to Documents team to provide additional categories of personal data beyond what seems necessary for purposes foreseen by law. The scope of the requested information goes for example beyond data collected by Frontex, which is bound by the same Regulation (EC) No 1049/2001 as the EDPS, for access to documents requests, which raises concerns regarding necessity and proportionality.
I respectfully complain that this practice may not be fully aligned with the principle of data minimisation as set out in Regulation (EU) 2018/1725. In line with Article 4(1)(c) of this Regulation, personal data shall be adequate relevant and limited to what is necessary in relation to the purposes for which they are processed.
In point 7 of the decision in cases mentioned, it is said that "Frontex said that it had accepted copies of identity documents that showed only the issuing country and the applicants’ names, after applicants had redacted all the other information".
I provided the EDPS Access to Documents team with a picture showing my ID document with my name and the issuing country.
I’m being asked by the EDPS Access to Documents team to provide more personal data that it was required by Frontex to process access to documents requests. Which means, I’m being asked to provide more personal data that is necessary.
In my view, this practice appears in breach of the principle of data minimisation, a standard that the European Data Protection Supervisor, as a data protection authority, should apply with particular rigor.
A full history of my request and all correspondence is available on the Internet at this address: https://www.asktheeu.org/request/acting_...
Yours faithfully,
Pablo García
Dear Sir,
In your communication to the EDPS dated 09.02.2026, you provided a picture
of a document that omits information previously expressly requested,
namely the issuing authority and the expiry date. In the absence of this
information, your identity cannot be confirmed, as the authenticity and
validity of the document cannot be assessed. As indicated in our
communication of 17.02.2026, case 2026-0100 was administratively closed
due to the absence of information necessary for the EDPS to determine
whether you meet the criteria set out in Article 2(1) of Regulation (EC)
No 1049/2001.
Accordingly, your communication from 24.01.2026 to the EDPS was not
treated as a request for access to documents within the meaning of
Regulation (EC) No 1049/2001. You received clear information from our side
that we could not process the request in this respect. For the same
reason, your current correspondence cannot be treated as a confirmatory
application under that Regulation. Your message is therefore noted for
information only.
No further action will be taken by the EDPS. This will be our final
communication on this matter.
If you wish to obtain documents from the European Data Protection
Supervisor (EDPS), you can submit a new request for access to documents
via the appropriate communication channels.
Kindly note that, to assess your eligibility for access to documents under
Article 2(1) of Regulation 1049/2001 and in accordance with the European
Ombudsman’s decisions in cases 1500/2019/TM and 1600/2019/TM, we require
you to provide proof of identification to verify your eligibility under
Article 2(1) of Regulation (EC) No 1049/2001.
When submitting proof of identification, please ensure that the following
details are clearly visible: (i) your full name, (ii) issuing authority of
the document, (iii) citizenship or residence, and (iv) expiry date of the
document. You may redact personal data such as your photograph, serial
number, nationality, and other personal characteristics.
Please be assured that the EDPS will use the information solely to verify
your eligibility under Article 2(1) of Regulation (EC) No 1049/2001, and
this data will not be retained longer than necessary for this purpose.
Thank you for your understanding.
EDPS Access to Documents
[1]| Tel. (+32) 228 31900 | Fax (+32) 228 31950 | > Email:
[2][email address]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
[3]Twitter [4]@EU_EDPS [5]Website [6]www.edps.europa.eu
This email (and any attachment) may contain information that is internal
or confidential. Unauthorised access, use or other processing is not
permitted. If you are not the intended recipient please inform the
sender by reply and then delete all copies. Emails are not secure as
they can be intercepted, amended, and infected with viruses. The EDPS
therefore cannot guarantee the security of correspondence by email.
Data Protection Notice
According to Articles 15 and 16 of Regulation (EU) 2018/1725 (the
Regulation), we are processing your personal data in order to reply to
your request. The controller is the European Data Protection Supervisor
(EDPS). The legal basis for this processing operation is Article 5(1)(b)
of the Regulation, since processing is necessary for compliance with a
legal obligation to which the EDPS is subject. The data processed include
your contact details, your request, as well as personal data that might be
collected during the investigation of your request. For the EDPS, case
handlers, administrative staff and hierarchy involved in the request
handling will have access to the case file containing your personal data
on a need-to-know basis. All access to case files is logged. Your data
will only be transferred to other EU institutions and bodies or to third
parties when it is necessary to ensure the appropriate investigation or
follow up of your request. Your data will be stored by the EDPS in
electronic files until the end of the reporting period of the current year
(as a rule, until mid-next year), unless legal proceedings require us to
keep them for a longer period. Afterwards, only a brief anonymous note
will be included in a file in order to keep record of the request.
You have the right of access to your personal data and to relevant
information concerning how we use it. You have the right to rectify your
personal data. Under certain conditions, you have the right to ask that we
delete your personal data or restrict its use. We will consider your
request, take a decision and communicate it to you. For more information,
please see Articles 14 to 21, 23 and 24 of the Regulation. Please note
that in some cases restrictions under Article 25 of the Regulation may
apply. Any request to exercise your rights should be addressed to the EDPS
at [7][EDPS request email]. You may also contact the data protection
officer of the EDPS ([8][email address]), if you have any remarks
or complaints regarding the way we process your personal data. You have
the right to lodge a complaint with the EDPS, as supervisory authority.
Any such request should be addressed to the EDPS at
[9][EDPS request email]. You can reach the EDPS in the following ways:
e-mail: [10][EDPS request email]; EDPS postal address: European Data
Protection Supervisor, Rue Wiertz 60, B-1047 Brussels, Belgium.