
Article 1 
This Decision lays down the functions and responsibilities of the European Commission in relation to data protection requirements whilst processing personal data in the European e-Justice Portal (hereinafter ‘the Portal’).
Article 2 
For the purpose of this Decision, the definitions laid down in Regulation (EC) No 45/2001 shall apply. In addition, the following definitions shall also apply:

((a)) ‘European e-Justice actor’ means any representative of a Member State or a European e-Justice partner organisation who has been granted authorisation to modify (parts of) the content of the Portal;
((b)) ‘Interconnected national databases’ means databases containing publicly accessible information, operated by the Member States and other bodies such as professional associations and non-profit organisations, which are interconnected through the Portal in such a way that the information available at national level can be accessed via the Portal;
((c)) ‘Publicly accessible information’ means information which is accessible to the public via the internet;
((d)) ‘Registered user’ means a Portal user who has registered to the Portal via the European Commission Authentication Service (ECAS), such as a ‘European e-Justice actor’.
Article 3 
The Commission shall process personal data in the Portal only in so far as this is necessary for the purpose of:

((a)) providing access to interconnected national databases holding personal data;
((b)) providing interactive services allowing registered users to communicate directly with the appropriate authorities in another Member State;
((c)) providing access to public information targeted towards registered users;
((d)) providing contact information.
Article 4 

1. The Commission shall exercise the responsibilities of data controller pursuant to Article 2(d) of Regulation (EC) No 45/2001 in accordance with its respective responsibilities within the Portal as referred to in this Article.
2. The Commission shall ensure the availability, maintenance and security of the IT infrastructure of the Portal.
3. The Commission shall be responsible for the following processing operations:
(a) organisation;
(b) disclosure by transmission;
(c) dissemination or otherwise making available;
(d) alignment or combination of personal data derived from the interconnected national databases or of personal data on registered users.
4. The Commission shall define the necessary policies and apply the appropriate technical solutions to fulfil its responsibilities within the scope of the function of data controller.
5. The Commission shall implement the technical measures required to ensure the security of personal data while in transit and during their display on the Portal, in particular the confidentiality and integrity for any transmission to and from the Portal.
6. The Commission shall not be responsible for any data protection aspects concerning
(a) the initial collection and storage of any data derived from the interconnected national databases;
(b) any decision taken by the Member States to make such data available via the Portal;
(c) the content of any data derived from the interconnected national databases made available through the Portal.
7. The obligations of the Commission shall not affect the responsibilities of the Member States and other bodies for the content and operation of the interconnected national databases run by them.
Article 5 

1. The Commission shall provide the data subjects with the information specified in Articles 11 and 12 of Regulation (EC) No 45/2001, as regards information for which the Commission is responsible under this Decision.
2. Notwithstanding the obligations towards data subjects of the Member States and other bodies operating the interconnected national databases, the Commission shall also provide data subjects with information on whom to contact for the effective exercise of their rights to information, to access, to rectify and to object according to the applicable data protection legislation. The Commission shall refer to specific privacy statements of the Member States and other bodies.
3. The Commission shall also make available on the Portal:
(a) translations into the languages of the Portal of Member States' privacy notices referred to in paragraph 2;
(b) a comprehensive privacy notice concerning the Portal in accordance with Articles 11 and 12 of Regulation (EC) No 45/2001, in a clear and understandable form.
Article 6 

1. As regards information exchanges from interconnected national databases, no personal data relating to the data subjects shall be stored in the Portal. All such data shall be stored in the national databases operated by the Member States or other bodies.
2. Personal data relating to or provided by Portal users shall not be stored in the Portal, other than in cases where they have signed up as registered users. Personal data of registered users shall be stored until they request the deletion of their registration. In accordance with Article 3, personal data on European e-Justice actors or contact points will only be stored for as long as these persons fulfil their function.
Article 7 
This Decision shall enter into force on the 20th day after its publication in the Official Journal of the European Union.
Done at Brussels, 5 June 2014.
For the Commission
The President
José Manuel BARROSO