Opinion of the European Data Protection Supervisor on the Commission Proposal for a Directive of the European Parliament and of the Council amending Directive 2007/36/EC as regards the encouragement of long-term shareholder engagement and Directive 2013/34/EU as regards certain elements of the corporate governance statement.
The EDPS welcomed the prior consultation on this proposal and the fact that the Commission took into account several of its comments which resulted in the strengthening of the data protection safeguards in the proposed Directive.
In March 2013, following the adoption of the Commissions Action Plan: European company law and corporate governance a modern legal framework for more engaged shareholders and sustainable companies, the EPDS provided preliminary guidance with regard to data protection and privacy concerns regarding shareholder identification and shareholder oversight of remuneration policy.
The EDPS is of the opinion that the proposed Directive should:
- contain a general, substantive provision to refer to applicable data protection legislation;
- specify the purposes of processing and should clearly provide that neither the information regarding the identity of the shareholders, nor the data on the remuneration of individual directors, shall be used for any incompatible purposes;
- require companies to ensure that technical and organisational measures are put in place to limit accessibility of the information regarding individuals (such as shareholders or individual directors) after a certain period of time;
- require that in case the disclosure of the details of an individual directors remuneration package reveal health data or other special categories of data protected under Article 8 of Directive 95/46/EC, then the information should be redacted so as to exclude any reference to such more sensitive information.