Convention drawn up on the basis of article K.3 of the Treaty on European Union, on mutual assistance and cooperation between customs administrations:artikel 25

Convention drawn up on the basis of article K.3 of the Treaty on European Union, on mutual assistance and cooperation between customs administrations

Article 25 Data protection for the exchange of data

Geldend

Documentgegevens:

Geldend vanaf 23-06-2009

Bronpublicatie:: 18-12-1997, Trb. 1998, 174 (uitgifte: 10-07-1998, kamerstukken/regelingnummer: -)
Inwerkingtreding: 23-06-2009
Bronpublicatie inwerkingtreding:: 22-06-2009, Trb. 2009, 94 (uitgifte: 22-06-2009, kamerstukken/regelingnummer: -)
Vakgebied(en): EU-recht / Bijzondere onderwerpen
Privacy / Internationaal gegevensverkeer
Douane (V)

1.

When information is exchanged, the customs administrations shall take into account in each specific case the requirements for the protection of personal data. They shall respect the relevant provisions of the Convention of the Council of Europe of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data. In the interest of data protection, a Member State may, in accordance with paragraph 2, impose conditions concerning the processing of personal data by another Member State to which such personal data may be passed.

2.

Without prejudice to the provisions of the Convention concerning the use of information technology for customs purposes, the following provisions shall apply to personal data which are communicated pursuant to the application of this Convention:

a): processing of the personal data by the recipient authority shall be authorized only for the purpose referred to in Article 1(1). That authority may forward them, without prior consent from the Member State supplying them, to its customs administrations, its investigative authorities and its judicial bodies to enable them to prosecute and punish infringements within the meaning of Article 4(3). In all other cases of data transmission, the consent of the Member State which supplied the information is necessary;
b): the authority of the Member State which communicates data shall ensure that they are accurate and up-to-date. If it emerges that inaccurate data have been communicated or data have been communicated which should not have been communicated or that lawfully communicated data are required at a later stage to be erased in accordance with the law of the communicating Member State, the recipient authority shall be immediately informed thereof. It shall be obliged to correct such data or have them erased. If the recipient authority has reason to believe that communicated data are inaccurate or should be erased, it shall inform the communicating Member State;
c): in cases where communicated data should, according to the law of the communicating Member State, be erased or amended, the persons concerned must be given the effective right to correct the data;
d): the forwarding and receipt of exchanged data shall be recorded by the authorities concerned;
e): if so requested, the communicating and recipient authorities shall inform the person concerned, at that person's request, of the personal data communicated and the use to which they are to be put. There is no obligation to provide the information if it is found, on consideration of the matter, that the importance to the public of the information being withheld outweighs the importance to the person concerned of receiving it. Moreover, the right of the person concerned to receive information about the personal data communicated shall be determined in accordance with the national laws, regulations and procedures of the Member State in whose territory the information is requested. Before any decision is taken on providing information, the communicating authority shall be given the opportunity of stating its position;
f): Member States shall be liable, in accordance with their own laws, regulations and procedures, for injury caused to a person through the processing of data communicated in the Member State concerned. This shall also be the case where the injury was caused by the communication of inaccurate data or the fact that the communicating authority communicated data in violation of the Convention;
g): the data communicated shall be kept for a period not exceeding that necessary for the purposes for which they were communicated. The need to keep them shall be examined at the appropriate moment by the Member State concerned;
h): in any event, the data shall enjoy at least the same protection as is given to similar data in the Member State which received them;
i): every Member State shall take the appropriate measures to ensure compliance with this Article by the application of effective controls. Every Member State may assign the task of control to the national supervisory authority mentioned in Article 17 of the Convention concerning the use of information technology for customs purposes.

3.

For the purposes of this Article, ‘the processing of personal data’ shall be understood in accordance with the definition in Article 2(b) of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.