Since December 2018, internal rules concerning the processing of personal data by the European Anti-Fraud Office (OLAF) in relation to the provision of information to data subjects and the restriction of certain of their rights in accordance with Article 25 of Regulation (EU) 2018/1725 of the European Parliament and of the Council are defined by Commission Decision 2018/1962.
In November 2021, the Director-General adopted, in accordance with Art. 17 (8) of the OLAF regulation 883/2013, the Guidelines on data protection for investigative activities.