European Data Protection Board
Guidelines, Recommendations, Best Practices
The European Data Protection Board (EDPB) is an independent European body, which contributes to the consistent application of data protection rules throughout the European Union, and promotes cooperation between the EU’s data protection authorities. The EDPB is established by the General Data Protection Regulation (GDPR), and is based in Brussels.
The EDPB is composed of representatives of the EU national data protection authorities (national Supervisory Authorities), and the European Data Protection Supervisor (EDPS). The supervisory authorities of the EFTA EEA States (IS, LI, NO) are also members with regard to GDPR-related matters and without the rights to vote and to be elected as chair or deputy chairs. The European Commission and - with regard to GDPR-related matters - the EFTA Surveillance Authority have the right to participate in the activities and meetings of the Board without voting rights.
EDPB aims to ensure the consistent application in the European Union of the General Data Protection Regulation and the Law Enforcement Directive.
EDPB acts in accordance with it’s rules of procedure and the guiding principles included therein.
Tasks and duties
- providing general guidance (including guidelines, recommendations and best practices) to clarify the law and to promote a common understanding or EU data protection laws;
- adopting opinions addressed to the European Commission or to the national Supervisory Authorities:
• to advise the European Commission on any issue related to the protection of personal data and new proposed legislation in the European Union (Art. 70 GDPR). In some instances, we issue Joint Opinions together with the EDPS (Art.42 of Regulation 2018/1725);
• to ensure consistency of the activies of national Supervisory Authorities on cross border matters (Art. 64 GDPR). If authorities fail to respect an opinion issued by the EDPB, we may adopt a binding decision;
- adopting binding decisions addressed to the national Supervisory Authorities and aiming to settle disputes arising between them when they cooperate to enforce the GDPR, with the purpose of ensuring the correct and consistent application of the GDPR in individual cases;
- promote and support the cooperation among national Supervisory Authorities.
The EDPS prepares an Annual Activity Report, which is made public and sent to the European Parliament, the Council and the Commission.
For more information, visit the website of the European Data Protection Board.
Working group under Article 29 of Directive 95/46 / EC - closed with the establishment of the European Data Protection Board.
Guidelines of the Working Group under Art. 29 on the implementation of the General Data Protection Regulation adopted and validated by the EDPS