Controllers at the General Secretariat of the Council must notify the Data Protection Officer of processing operations upon personal data which they are or will be performing. The DPO keeps a register of such operations, which anybody may consult (Article 26 of Regulation (EC) No 45/2001).
In addition, the DPO submits processing operations which are likely to present specific risks to the rights and freedoms of data subjects to the European Data Protection Supervisor. The Supervisor carries out a prior check and keeps a register of such operations (Article 27 of the above Regulation).
Category of persons concerned