OLAF provides online privacy notices to inform all individuals on the handling of personal data of in the framework of the OLAF processing operations in accordance with Regulation (EU) 2018/1725 and Commission decision 2018/1962.
The OLAF processing operations are further described by a dedicated public register of records of processing operations that you can consult online. This public register is maintained by the Data Protection Officer (DPO) of OLAF.
In addition, in the context of investigations, individual privacy notices are provided to individuals who are considered relevant under Art. 3 (2) of the Commission Decision 2018/1962: persons concerned, witnesses and informants.
By virtue of Article 25 of Regulation (EU) 2018/1725 and of the Internal Rules laid down in Commission decision 2018/1962, in the context of investigations and other processing operations, OLAF may implement restrictions on one or more rights under specific conditions. Such restriction will be limited in time, proportionate and respect the essence of the data subject rights. It will be lifted as soon as the circumstances justifying the restriction are no longer applicable.
Under Regulation 45/2001, the processing operations presenting specific risks were notified by the OLAF DPO to the European Data Protection Supervisor (EDPS) (Art.27), who issued opinions. You can find these online, too, next to the respective privacy notice.
Analysis of information
- Council Regulation (EC) 1469/95
- Fraud Notification System (FNS) - EDPS opinion
- Investigative Data Consultation Platform (IDCP) - EDPS opinion
- Operational analysis - EDPS opinion
Communication
- Anti-fraud information request
- Intranet and internal communication
- Journalist contacts
- OLAF Anti-Fraud Communicators' Network (OAFCN) contacts
- Photos of persons photographed at photo section of OLAF’s Open Day stand
- Storage of press correspondence
- Visits to OLAF
- Webmaster contact form
Conferences, meetings and trainings, administrative activity
- Administration of the Hercule Programme
- Management of external training events in the area of computer forensics
- Organisation of meetings of the Advisory Committee for the Coordination of Fraud Prevention (COCOLAF) and its subgroups
- Organisation of OLAF conferences/meetings/workshops/seminars and events
- Privacy notice for OLAF staff participation in external workshops, seminars, conferences
Contact lists and user registries
- AFIS user register and IT service management tools
- Case Management System (CMS) user registry
- Contact lists for the Mutual Assistance Committee, Regulation 515/97, Naples II Convention and AFIS library
- Contact list in third country authorities and international organisations
- GETI User Register
- OLAF correspondents and Fraud Prevention and Detection Network (FPDNet) members
- Processing of register for records
- List of participants of CII information sharing agreement
Individuals' rights
- Complaints received from the European Ombudsman
- Processing of requests for access to documents under Regulation 1049/2001
- Processing of complaints from the European Data Protection Supervisor
- Investigations by the OLAF Data Protection Officer (DPO)
Investigations and coordination cases
- Coordination cases
- External investigations
- Implementation of recommendations
- Internal investigations
- Selections
- Hit-no-hit access requests
- Support cases at the request of the EPPO
IT
- Computer rack access management – Core Business Information Systems (CBIS) secure network
- IT infrastructure - logs processing
- OLAF Content Management (OCM)
- Thor (The OLAF Registration System) – Registration of OLAF operational documents
Mutual assistance
- Antifraud Transit Information System (ATIS)
- Customs Information System+ - EDPS opinion
- Import, Export and Transit Directory at OLAF (IET) - EDPS opinion
- Mutual Assistance System (MAS)
- Mutual Assistance Broker - EDPS opinion
- Reporting of irregularities
- Virtual Operational Cooperation Unit - EDPS opinion
Other
- AFIS mail
- CSM Directory
- Evaluation of the Commission Anti-Fraud Strategy
- Evaluation of Regulation 515/97
- Evaluation of Regulation 883/2013
- FIDE database - EDPS opinion
- Implementation of Article 325 by the Member States – electronic questionnaire
- Internal audit process
- Mid-term evaluation of the Hercule III Programme
- Proposal to amend Regulation 883/2013 concerning investigations conducted by OLAF – Survey
- QUEST
- Tobacco seizure management system (ToSMA)
- Privacy notice for a study on the future of the Irregularity Management System (IMS)
Protection of information
- CBIS identity and access management system - EDPS opinion
- Identity and access control system - EDPS opinion
- OLAF CCTV system - EDPS opinion
- OLAF IT infrastructure