The three DPSB members and their three alternates are nominated by EUROCONTROL Member States, are fully independent in exercising their tasks, and occupy their roles on a three-year rotational basis.
For the first iteration of the DPSB, the members come from the data protection authorities of Albania, Germany and Armenia.
The DPSB is responsible for
- monitoring the application of the Regulation
- carrying out investigations and data protection audits
- enforcing compliance
- advising in the case of personal data breaches
- handling personal data complaints.
- treating complaints from persons who believe their data have not been correctly processed by EUROCONTROL.
For EUROCONTROL, the creation of the DPSB takes the Agency’s approach to personal data protection to the next level, and complements the work done by its Data Protection Officer to monitor compliance with the Regulation and provide EUROCONTROL with the tools and guidance to ensure compliance.
Where the DPSB strengthens the Agency’s data protection approach is by ensuring regular personal data protection investigations and audits, with additional work envisaged on updating internal procedures to ensure further compliance with the Regulation.
For stakeholders, the DPSB will be informed in any case of a personal data breach that could result in a high risk to the rights and freedoms of natural persons, and it will play a significant role in any personal data complaints.
Stakeholders who have raised a personal data issue to the EUROCONTROL Data Protection Officer but remain unsatisfied with the result may choose to lodge a complaint with the DPSB.
