New data protection rules enter into force on 1 January 2022

1 January 2022

Decorative illustration showing icons of different elements associated with data protection

Following the adoption of an updated data protection framework by the Administrative Council of the European Patent Organisation on 30 June 2021, the new EPO Data Protection Rules (DPR) enter into force today. 

The new DPR lay the foundations for modern, integrated data protection legislation at the EPO. Bringing the EPO into line with the principles and key requirements of international best practices in the area of data protection, they are an essential step in strengthening individuals' fundamental rights in the digital age and guarantee all EPO staff, users and the general public that the same standard of protection of personal data will apply to all data processing activities carried out by the EPO.

Relevant information, legal texts and operational documentation supplementing the DPR have been made available in the data protection and privacy policy. The entry into force of the DPR also sees the newly created Data Protection Board take up its oversight and advisory function as an independent body monitoring the EPO's processing of personal data.

The new framework applies to data processing operations that were initiated on or after 1 July 2021. A six-month transitional period until 1 July 2022 will also apply to enable pre-adoption data protection operations to be brought into line with the new framework.

Further information: 

Quick Navigation