Who we are
The European Data Protection Board (EDPB) is an independent European body, which contributes to the consistent application of data protection rules throughout the European Union, and promotes cooperation between the EU’s data protection authorities.
The EDPB is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor (EDPS). The supervisory authorities of the EFTA EEA States are also members with regard to the GDPR related matters and without the right to vote and being elected as chair or deputy chairs. The EDPB is established by the General Data Protection Regulation (GDPR), and is based in Brussels. The European Commission and -with regard to the GDPR related matters- the EFTA Surveillance Authority have the right to participate in the activities and meetings of the Board without voting right.
The EDPB has a Secretariat, which is provided by the EDPS. A Memorandum of Understanding determines the terms of cooperation between the EDPB and the EDPS.
EDPB aims to ensure the consistent application in the European Union of the General Data Protection Regulation and of the European Law Enforcement Directive.
We can adopt general guidance to clarify the terms of European data protection laws, giving our stakeholders a consistent interpretation of their rights and obligations.
We are also empowered by the GDPR to make binding decisions towards national supervisory authorities to ensure a consistent application.
We act in accordance with our rules of procedure and our guiding principles.
Tasks and duties
- provide general guidance (including guidelines, recommendations and best practice) to clarify the law;
- advise the European Commission on any issue related to the protection of personal data and new proposed legislation in the European Union;
- adopt consistency findings in cross-border data protection cases; and
- promote cooperation and the effective exchange of information and best practice between national supervisory authorities.
We also produce an annual report on our activities, which is made public and sent to the European Parliament, the Council and the Commission.
Our guiding principles are:
- Independence and impartiality
- Good governance, integrity and good administrative behaviour
- Efficiency and modernisation
See the EDPB rules of procedure for more information.
The EDPB is an independent European body with legal personality that contributes to the consistent application of data protection rules throughout the European Union and promotes cooperation between supervisory authorities. The EDPB is composed of the heads of the Supervisory Authorities (SA) and the European Data Protection Supervisor (EDPS) or their representatives. Instead of answering specific, individual requests, the EDPB issues general guidance. On 25 May 2018, the EDPB has endorsed the guidance provided on the GDPR provided by WP29: https://edpb.europa.eu/our-work-tools/general-guidance/gdpr-guidelines-recommendations-best-practices_en. The EDPB is also developing additional guidance, available here: https://edpb.europa.eu/our-work-tools/general-guidance/gdpr-guidelines-recommendations-best-practices_en.
The EDPB does not provide individual consultancy services. Please note that individuals or organisations with questions related to data protection law are advised to consult the website of the Supervisory Authority in the country where they are based. (For EU Member States: https://edpb.europa.eu/about-edpb/board/members_en.)