These cookies cannot be disabled. They are essential for core functionality in ebrd.com to ensure a seamless and secure experience.
The EBRD Personal Data Protection Policy sets out the core principles relating to personal data protection followed by the EBRD and it applies to all personal data processed by or on behalf of the Bank.
The EBRD Personal Data Protection Directive, which sits underneath the aforementioned Policy, sets out the rights and obligations of data subjects and the Bank in relation to processing of personal data.
The Personal Data Protection Policy and Directive are supported by the Personal Data Complaint Review Procedure and the Data Subject Requests Procedure.
- The Personal Data Complaint Review Procedure sets out the process to be followed for complaints by data subjects who consider that the Bank has failed to process their personal data in accordance with the Personal Data Protection Policy and its implementing acts.
- The Data Subject Requests Procedure sets out the process that should be followed by the data subjects and the EBRD when they request review, rectification or supplementing of their personal data and by the EBRD when dealing with such requests.
Submitting a Complaint
A data subject (or their legal representative), who considers that the Bank has failed to process personal data in accordance with the Personal Data Protection Policy and its implementing acts, may submit a complaint to the EBRD Personal Data Review Panel within 90 days of becoming aware of the alleged failure.
The complaint must be made in writing, preferably in English or in any other working language of the Bank (Russian, German or French) or, alternatively, in an official national language of the Bank’s recipient country. In each case the complaint should be prepared by completing the data subject complaint form available and submitted via one of the following methods:
(a) by delivery or post to the following address:
European Bank for Reconstruction and Development
For the attention of the Personal Data Review Panel
5 Bank Street,
London E14 4BG
United Kingdom
(b) by email to the following address: PDReviewPanel@ebrd.com
When preparing the complaint, data subjects shall follow the format and content of the complaint form and provide information on, including but not limited to: (i) the reasons why the data subject considers that the Bank has failed to process personal data in accordance with the Personal Data Protection Policy and its implementing acts, (ii) the date on which the data subject was informed or became aware of the Bank's failure, and (iii) the remedy being sought.
Please note:
- The Bank shall not accept any complaints made other than via the methods set out above.
- The Bank shall not accept or respond to anonymous complaints.
For more information, please see the Personal Data Complaint Review Procedure.
Request access, erasure, rectification or supplement personal data
A data subject (or their legal representative) may submit a request to the Personal Data Management Officer in writing, preferably in English or in any other working language of the Bank (Russian, German or French) or, alternatively, in an official national language of the Bank’s recipient country. In each case, the Request shall be prepared by completing the data subject request form available and submitted via any of the following methods:
(a) by email to the following email address: DPOffice@ebrd.com
(c) by delivery or post to the following address:
European Bank for Reconstruction and Development
For the attention of the Personal Data Management Officer
5 Bank Street,
London E14 4BG
United Kingdom
The Bank shall not accept any requests made other than via the methods set out above. For more information, please see the Data Subject Requests Procedure.
Following the data subject request, they may be requested to verify their identity.