Frontex, as an EU agency, collects and further processes personal data in accordance with the provisions of Regulation (EU) 2018/1725 of the European Parliament
and of the Council of 23 October 2018 on the protection of natural persons with
regard to the processing of personal data by the Union institutions, bodies,
offices and agencies and on the free movement of such data, and repealing
Regulation (EC) No 45/2001 and Decision No 1247/2002/EC, L295, 21.11.2018, p. 39-98.
Frontex has appointed a Data Protection Officer – member of the staff who is entrusted with the main task of ensuring, in an independent manner, the internal application of the Data Protection Regulation.
As a general principle, the agency only processes personal data for the performance of tasks carried out in the public interest on the basis of the Treaties establishing the European Union, the funding Regulation or in the legitimate exercise of official authority vested in the agency or in a third party to whom the data are disclosed.
All processing operations of personal data are duly reported to the Frontex Data Protection Officer and, if the situation requires, to the European Data Protection Supervisor (Register).
Frontex guarantees that the information collected is processed and/or accessed only by the members of its staff responsible of the corresponding processing operations. In a very rare cases and under a strict supervision and limitations, personal data are made available to external parties (contractors). In line with the Article 45(2) of the funding Regulation, Specific Implementing Measures are also in place.
Data subjects (individuals whose data are being processed) have the right to access and rectify their data in a written request to be addressed to the agency. In case consent of the data subject is a legal basis for processing of personal data, this consent may be withdrawn at any time.
Data subjects may at any time consult Frontex Data Protection Officer (firstname.lastname@example.org) or a Data Controller responsible for a particular data processing operation. Data subjects have a recourse to the European Data Protection Supervisor.
Frontex is authorised under very strict conditions foreseen in Article 48 of the funding Regulation to process personal data of certain groups of returnees. Further information can be found here. Additionally, Frontex is entitled by Article 47(1)(a) of the funding Regulation to process personal data related to individuals suspected of involvement in facilitation of illegal migration, human trafficking or other cross-border crimes, like terrorism, but only in the situations strictly foreseen in that provision (privacy statement).
personal data (name, surname, date of birth, place of birth, document details,
information about physical injury, information about other damages) is
collected and processed by Frontex for the purpose of supervising of the use of
force by the Frontex standing corps officers, and officers deployed by Frontex.
Your personal data is processed in accordance with Regulation (EU) 2018/1725 on
the processing of personal data by the EU institutions.
The controller of your
data is the Head of Inspection and Control Office. You can contact the
controller by email: HoO.ICO@frontex.europa.eu.
legal basis of processing your personal data is Article 87 (1) (h) of the
Regulation (EU) 2019/1896 and Frontex Management Board Decision no. 7/2021
establishing a supervisory mechanism to monitor the application of the
provisions on the use of force. The supervisory mechanism enables the Agency to
conduct preliminary assessments, administrative inquiries, pre-disciplinary
proceedings, and disciplinary proceeding as regards its statutory staff
members. Some of your data may be transmitted to the Member States authorities
to ensure appropriate action in case of use of force by the Member State
Your data will be kept by
Frontex for 5 years from the incident. After 5 years, the data will be
You can exercise your
rights, including the right to request access to your data, request for
rectification of your data by contacting the controller or Frontex’ Data
Protection Officer (email@example.com).
You may lodge a complaint to the European Data Protection Supervisor.
There is no profiling or decision making done based on
your data and your data is not shared with third countries or international
Your personal data (such as gender, age, nationality, seat
number, incident details, applied coercive measures, etc) may be processed by
the Frontex Fundamental Rights Officer, as Controller, for the purpose of
monitoring forced-return operations carried out by the forced-return monitor on
the basis of objective and transparent criteria and covering the whole return
operation from the pre-departure phase until the handover of the returnees in
the third country of return). You may contact the Controller at: firstname.lastname@example.org
The legal basis for processing your personal data is Article
50, 51 and 81 of Regulation (EU) 2019/1896 of the European Parliament and of
the Council of 13 November 2019 on the European Border and Coast Guard.
Your data will be kept for the duration of five years. You
can exercise your rights, including the right to access, right to
rectification, right to erasure, right to object the processing. If you would
like to exercise any of these rights, or receive further information about
processing of your personal data, please contact the controller at
email@example.com, or the Data Protection Officer of Frontex
You have the right to lodge a complaint with the European
Data Protection Supervisor if
you consider that your data protection rights have been infringed.
Your data will not be transferred to third countries or
The recipient of your data will be the Frontex Fundamental
Your personal data will not be used for an automated
decision-making including profiling.