EEB2’s daily work involves the processing of large amounts of personal data relating principally to its pupils and staff. EEB2 is subject to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, OJ L 119, 4.5.2016, p. 1. (known as the “General Data Protection Regulation” or “GDPR”). The Controller for EEB2’s personal data processing activities is its Director, and EEB2 is under the supervisory powers of the Belgian Data Protection Authority, https://www.dataprotectionauthority.be. The Secretary General of the European Schools has appointed a single Data Protection Officer whose responsibilities extend to all 13 European Schools.
Since 2018, EEB2 has undertaken a major effort to bring its personal data processing activities into full compliance with the GDPR. To this end, it has completed its Controller’s Register of personal data processing, consisting of the Records of each of its data processing operations, as required by Article 30 of the GDPR. The Register is available on this website by clicking on the link above. A privacy statement for each of the processing operations has also been prepared to inform the data subjects of how their data will be processed, as required by Articles 13 and 14 of the GDPR. All privacy statements are available by clicking on the link above. EEB2 has also undertaken a major effort to train staff on data protection requirements in performance of their duties, and will continue work to ensure that staff are fully aware of their responsibilities in this area.
EEB2 strives to fully respect the rights of all data subjects established by the GDPR. These include the rights of access (Article 15), Rectification (Article 16), Erasure (Article 17), and Restriction of processing (Article 18), among others. Data subjects may address themselves to any of the contacts listed in the link below in exercising those rights.