Data protection

Frontex, as an EU agency, collects and further processes personal data in accordance with the provisions of Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC, L295, 21.11.2018, p. 39-98.

Frontex has appointed a Data Protection Officer – member of the staff who is entrusted with the main task of ensuring, in an independent manner, the internal application of the Data Protection Regulation.

As a general principle, the agency only processes personal data for the performance of tasks carried out in the public interest on the basis of the Treaties establishing the European Union, the funding Regulation or in the legitimate exercise of official authority vested in the agency or in a third party to whom the data are disclosed.

All processing operations of personal data are duly reported to the Frontex Data Protection Officer and, if the situation requires, to the European Data Protection Supervisor (Register).  

Frontex guarantees that the information collected is processed and/or accessed only by the members of its staff responsible of the corresponding processing operations. In a very rare cases and under a strict supervision and limitations, personal data are made available to external parties (contractors). In line with the Article 45(2) of the funding Regulation, Specific Implementing Measures are also in place.

Data subjects (individuals whose data are being processed) have the right to access and rectify their data in a written request to be addressed to the agency. In case consent of the data subject is a legal basis for processing of personal data, this consent may be withdrawn at any time.

Data subjects may at any time consult Frontex Data Protection Officer (dataprotectionoffice@frontex.europa.eu) or a Data Controller responsible for a particular data processing operation. Data subjects have a recourse to the European Data Protection Supervisor.

Frontex is authorised under very strict conditions foreseen in Article 48 of the funding Regulation to process personal data of certain groups of returnees. Further information can be found here. Additionally, Frontex is entitled by Article 47(1)(a) of the funding Regulation to process personal data related to individuals suspected of involvement in facilitation of illegal migration, human trafficking or other cross-border crimes, like terrorism, but only in the situations strictly foreseen in that provision (privacy statement).


Privacy notice related to the supervisory mechanism on the use of force by standing corps officers and deployed members of the teams

Your personal data (name, surname, date of birth, place of birth, document details, information about physical injury, information about other damages) is collected and processed by Frontex for the purpose of supervising of the use of force by the Frontex standing corps officers, and officers deployed by Frontex. Your personal data is processed in accordance with Regulation (EU) 2018/1725 on the processing of personal data by the EU institutions.

The controller of your data is the Head of Inspection and Control Office. You can contact the controller by email: HoO.ICO@frontex.europa.eu.

The legal basis of processing your personal data is Article 87 (1) (h) of the Regulation (EU) 2019/1896 and Frontex Management Board Decision no. 7/2021 establishing a supervisory mechanism to monitor the application of the provisions on the use of force. The supervisory mechanism enables the Agency to conduct preliminary assessments, administrative inquiries, pre-disciplinary proceedings, and disciplinary proceeding as regards its statutory staff members. Some of your data may be transmitted to the Member States authorities to ensure appropriate action in case of use of force by the Member State officers.

Your data will be kept by Frontex for 5 years from the incident. After 5 years, the data will be automatically deleted. 

You can exercise your rights, including the right to request access to your data, request for rectification of your data by contacting the controller or Frontex’ Data Protection Officer (dataprotection@frontex.europa.eu). You may lodge a complaint to the European Data Protection Supervisor.

There is no profiling or decision making done based on your data and your data is not shared with third countries or international organisations.


Data protection notice for Frontex Forced-Return Monitoring System (FRMS)

Your personal data (such as gender, age, nationality, seat number, incident details, applied coercive measures, etc) may be processed by the Frontex Fundamental Rights Officer, as Controller, for the purpose of monitoring forced-return operations carried out by the forced-return monitor on the basis of objective and transparent criteria and covering the whole return operation from the pre-departure phase until the handover of the returnees in the third country of return). You may contact the Controller at: fro.coordination@frontex.europa.eu

The legal basis for processing your personal data is Article 50, 51 and 81 of Regulation (EU) 2019/1896 of the European Parliament and of the Council of 13 November 2019 on the European Border and Coast Guard.

Your data will be kept for the duration of five years. You can exercise your rights, including the right to access, right to rectification, right to erasure, right to object the processing. If you would like to exercise any of these rights, or receive further information about processing of your personal data, please contact the controller at fro.coordination@frontex.europa.eu, or the Data Protection Officer of Frontex at dataprotectionoffice@frontex.europa.eu.

You have the right to lodge a complaint with the European Data Protection Supervisor if you consider that your data protection rights have been infringed.

Your data will not be transferred to third countries or international organisations.

The recipient of your data will be the Frontex Fundamental Rights Officer.

Your personal data will not be used for an automated decision-making including profiling.