Publications Office of the EU
EU Whoiswho - About Us
legal notice EU Whoiswho

Privacy Statement on personal data protection

I. Introduction

The European Union is committed to protecting your privacy.

Your data is covered by Regulation (EC) no. 45/2001 on the protection of individuals with regard to the processing of personal data by EU institutions and on the free movement of such data.

II. Why do we publish personal data?

The data in the Official Directory of the European Union (EU Whoiswho) are published to promote the transparency of the institutions and to enable European citizens and persons or organisations interested in European affairs to find contact persons.

Personal data are processed in compliance with the above-mentioned Regulation.

Your data will not be used by the Publications Office for any purposes other than the publication on the internet, in the printed directory and made available for use on portable devices.

It is strictly forbidden to use these data for direct marketing purposes.

The data published are collected and supplied by the relevant institutions from their records or systems. The institutions refresh the data periodically. For more information, refer to the Privacy Statement concerning the collection of the data or the Privacy Statement of your institution.

Privacy Statements concerning officials and other internal persons are made available within these institutions.

Tasks and operations of the Publications Office are defined in the decision 2009/496/EC. The lawfulness of the processing is based on Article 5(a) of the Regulation (EC) no. 45/2001 which stipulates that “personal data may be processed only if “processing is necessary for the performance of a task carried out in the public interest on the basis of the Treaties establishing the European Communities or other legal instruments adopted on the basis thereof or in the legitimate exercise of official authority vested in the Community institution or body or in a third party to whom the data are disclosed”.

III. Personal data processing – controller

The controller responsible for processing your data is the Head of the "Common Portal and Open Data Portal" unit of the Publications Office (

In respect of the collection of data and their recording, storage and processing in the individual systems of the institutions, agencies and other bodies of the European Union (hereafter: institutions) the controller is indicated in the Privacy Statement of these institutions.

IV. Which personal data do we publish?

The data published are mainly the name, position and contact data of the persons.

The scope of data published depends on the decision of the institution of the person. A summary table is available here (PDF).

V. To whom are your data disclosed?

The data are published in the directory.

VI. How long do we keep your personal data?

The institutions refresh the data continuously and also before publishing the printed directory.

The data of the electronic directory is updated on a weekly basis and the obsolete data is deleted, except from an internal backup kept during 3 years in order to trace and analyse problems which could occur.

VII.Can you access, correct and delete your personal data?

You can see your data on line, in the printed directory and on a portable device.

You have the right to ask for rectification or update of these data on the website and in the next printed edition if justified.

You may also ask for deletion of your data if your functions with the EU institutions cease.

As the data are supplied by the institutions, you should address your request to the controller within your institution.

If you feel, however, that the Publications Office has committed an error, you can address your request to the controller in the Publications Office (see above).

VIII. How do we prevent unauthorised access or use of your personal data?

We have set up – and we regularly update – physical, electronic and managerial procedures to protect and prevent unauthorized access to and manipulation of your data.

Members of our staff who have access to personal data are required to treat it in a manner consistent with this Privacy Statement.

IX. Questions or complaints?

Please contact the controller in your institution or, if your question or complaint concerns the publishing activity of the Publications Office, contact the controller in the Publications Office (

X. Recourse

You can also address a complaint to the Data Protection Officer of the European Commission or the