The European Investment Bank is committed to user privacy.
The policy on "protection of individuals with regard to the processing of personal data by the Community institutions" is based on Regulation (EC) N° 45/2001 of the European Parliament and of the Council of 18 December 2000.
This general policy covers the European Union's family of institutional websites, within the eu domain and including those of the European Investment Bank.
Although you can browse through most of these websites without giving any information about yourself, in some cases, personal information is required in order to provide the e-services you request. Websites that require such information treat it according to the policy described in the Regulation mentioned above and provide information about the use of your data in their specific privacy policy statements.
In this respect:
- For each specific e-service, a controller determines the purposes and means of the processing of personal data and ensures conformity of the specific e-service with the privacy policy;
- Within each Institution, a Data Protection Officer ensures that the provisions of the Regulation are applied and advises controllers on fulfilling their obligations (see art. 24 of the Regulation);
- For all the Institutions, the European Data Protection Supervisor will act as an independent supervisory authority (see art. 41 to 45 of the Regulation).
The European Union's family of institutional websites, within the eu domain and including those of the European Investment Bank, provides links to third party sites. Since we do not control them, we encourage you to review their privacy policies.
What is an e-service?
An e-service on EIB website is a service or resource made available on the Internet in order to improve the communication between citizens and businesses on the one hand and the European Institutions on the other hand.
Three types of e-services are or will be offered by EIB websites:
- Information services that provide citizens, media, business, administrations and other decision makers with easy and effective access to information, thus increasing transparency and understanding of the policies and activities of the EU;
- Interactive communication services that allow better contacts with citizens, business, civil society and public actors thus facilitating policy consultations, and feedback mechanisms, in order to contribute to the shaping of policies, the activities and the services of the EU;
- Transaction services that allow access to all basic forms of transactions with the EU, e.g. procurement, financial operations, recruitment, event enrolment, acquisition or purchase of documents etc.
Information contained in a specific privacy statement.
A specific privacy policy statement will contain the following information about the use of your data:
- What information is collected, for what purpose and through which technical means the EU collects personal information exclusively to the extent necessary to fulfil a specific purpose. The information will not be re-used for an incompatible purpose;
- To whom your information is disclosed. The EU will only disclose information to third parties if that is necessary for the fulfilment of the purpose(s) identified above and to the mentioned (categories of) recipients. The EU will not divulge your personal data for direct marketing purposes;
- How you can access your information, verify its accuracy and, if necessary, correct it. As a data subject you also have the right to object to the processing of your personal data on legitimate compelling grounds except when it is collected in order to comply with a legal obligation, or is necessary for the performance of a contract to which you are a party, or is to be used for a purpose for which you have given your unambiguous consent;
- How long your data is kept. The EU only keeps the data for the time necessary to fulfil the purpose of collection or further processing;
- What are the security measures taken to safeguard your information against possible misuse or unauthorised access;
- Whom to contact if you have queries or complaints.
How do we treat e-mails you send us?
Many web pages on EIB websites have a "Contact" button, which activates your e-mail software and invites you to send your comments to a specific functional mailbox.
When you send such a message, your personal data is collected only to the extent necessary to reply. If the management team of the mailbox is unable to answer your question, it will forward your e-mail to another service. You will be informed, via e-mail, about which service your question has been forwarded to.
If you have any questions about the processing of your e-mail and related personal data, do not hesitate to include them in your message.
Data protection
In the context of the implementation of Regulation (EC) 45/2001 concerning the protection of individuals with regard to the processing of personal data by Community institutions and bodies, the Management Committee of the European Investment Bank adopted 10 September 2009, implementing rules concerning the Bank’s Data Protection Officer (DPO). These rules clarify the tasks and responsibilities of the DPO, as well as the role of data controllers and the rights of data subjects.