Personal data protection notice


EIOPA, as a European Authority, is committed to protect individuals with regard to the processing of their personal data in accordance with the Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000.

Purpose of the processing of personal data

Your data are collected and processed in order to enable EIOPA’s Complaint investigation team to deal with your complaint, as well as to further follow-up, if necessary.

Personal data collected and stored in an Excel file are processed according to the conditions set out in the above mentioned Regulation.

Your data will not be used for any purposes other than the performance of the activities specified above.

Controller of the personal data processing

The controller responsible for processing your data is EIOPA’s Executive Director.

Personal data collected

Last name, first name, telephone/fax, full address, email

To whom are your data disclosed?

The collected personal data are treated confidentially, and are used only, by the Complaint investigation team.

No personal data are transferred to parties other than the Complaint investigation team, or the parties specifically mentioned in the legal framework concerned, without prejudice to a possible disclosure by transmission to the bodies in charge of a monitoring, inspection or regulatory task in accordance with the Community legislation, e.g. the European Anti Fraud Office (OLAF).

EIOPA will not transfer personal data to third parties for purposes of direct marketing.

How long are your data kept?

Personal data are kept indefinitely.

How can you have access to your data, verify their accuracy or rectify them?

You have the right to obtain from the controller copy of your personal data in order to check the accuracy of the data held, and/or to obtain rectification or update of these data if necessary.

You may also ask for deletion of your data if the processing thereof is unlawful, or to have your data blocked for a period enabling the data controller to verify the accuracy, including the completeness, of the data.

For the protection of your privacy and security, the Complaint investigation team shall take every reasonable step to ensure that your identity is verified before granting access, or rectification, or deletion.

What are the technical means used and the security measures taken to avoid misuse or unauthorised access?

The Complaint investigation team has set up, and regularly reviews and updates, appropriate physical, electronic, and managerial procedures to safeguard your data against unauthorised access, to maintain data security, and to lawfully use the information collected for the processing of copyright permission requests.

Staff of EIOPA having access to information concerning an identified or identifiable person are required to protect the data in a manner that is consistent with the rules set out in this privacy notice by, for example, not using the data for any purposes other than the tasks carried out in the exercise of their respective competences.

Whom can you contact if you have questions or complaints?

Should you wish to obtain access to your personal data, or rectification or deletion thereof, please contact the Data Protection Officer at EIOPA:

by mail:

by letter:
Data Protection Officer (Confidential)
Westhafen Tower
DE60327 Frankfurt am Main

Questions or complaints in case of conflict may be addressed to the European Commission's Data Protection Officer or the European Data Protection Supervisor.