On 8 April 2025, the European Data Protection Board adopted Guidelines 02/2025 on processing of personal data through blockchain technologies. Their aim is to support organisations that plan to use blockchain technology to process personal data in compliance with the GDPR Regulation[1].
These guidelines describe the fundamental principles of the functioning of blockchain technology, include a requirement to define the division of roles and responsibilities of persons engaging in the processing of personal data using blockchain technology, and analyze the interaction between the technical aspects of blockchain and the principles regarding the processing of personal data described in Article 5 of the GDPR Regulation.
The guidelines will be subject to consultation until 9 June 2025, during which stakeholders have the opportunity to comment and object to their content.
The above-mentioned guidelines can be consulted at the following link:
https://www.edpb.europa.eu/system/files/2025-04/edpb_guidelines_202502_blockchain_en.pdf
[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1–88).