EREA is strongly committed to protecting personal data and fully complies with the The EU General Data Protection Regulation 2016/679 (GDPR), implemented on 25 May 2018.

EREA has a register of processing operations in place, which describes all computerised processing of personal data of EREA stakeholders and EREA member. We process this data only to the extent needed, relevant, and reasonable. We use the data solely for the intended purpose. We do not save these data longer than necessary for the purpose for which it was gathered.

Every stakeholder has the right to information about and inspection of their personal data held on our systems, as well as the right to request its correction and the right of objection.

Our information security management system relating to confidential data is regulated by monthly website updates, backups over secure protocol, firewall and simple DDoS protection.