What is the Internal Market Information System (IMI)?
The Internal Market Information System (IMI) is a tool developed and maintained by the European Commission to facilitate communication between national authorities involved in activities relevant to the internal market, such as the posting of workers or cross-border transport of euro cash, and patients’ rights. It helps the authority of a member state to find the relevant authority in another member state, to exchange information. The Commission is responsible for the maintenance and technical operation of the system. In principle, it does not have access to personal data stored into the IMI. The cost of operating the system is financed through the EU's general budget. Member states appoint national IMI coordinators (known as NIMIC) who act as contact points for national competent authorities and the Commission.
Legal background
The IMI was originally created by Commission Decision 2008/49/EC, repealed and replaced by Regulation 1024/2012/EU of the European Parliament and of the Council of 25 October 2012 on administrative cooperation through the Internal Market Information System.
Who can use the IMI ?
IMI users are registered natural persons working for the competent authorities at national, regional and local level in the EU Member States, who get access to the online platform through which they can access the personal data stored in IMI.
Data protection rules
There are common principles applicable to processing of personal data in the system:
Purpose limitation: personal data can only be processed in a way compatible with the aim of the IMI (Article 13 of the Regulation);
Rules related to the retention of personal data (Article 14-15)
Special rules related to processing of special categories of data (Article 16);
Data security: security measures shall be taken to ensure the security of personal data in accordance with the Directive 95/46/EK (Article 17);
Information, and right of access, correction and deletion (Article 18-19);
Supervision: national IMI actors are supervised by the competent national data protection authorities. The European Data Protection Supervisor (EDPS) supervises the processing of personal data by the Commission (Article 21);
Data may be transferred to third countries (countries outside the European Economic Area) only if certain conditions exist: the information is processed pursuant to a provision of a Union act; it is in accordance with an international agreement and the third country ensures adequate protection of personal data (Article 23)
The Commission published key data protection documents on its website: http://ec.europa.eu/internal_market/imi-net/data_protection/index_en.htm
Data subjects’ rights
IMI users must inform data subjects as soon as possible about processing of personal data in IMI. Data subjects may exercise their right of access and the right to have inaccurate or incomplete data corrected and unlawfully processed data deleted.
How do I exercise my rights?
As a general rule, you should contact the authority, who collected your data and sent it to the IMI, If you do not have this information, you may turn to the national IMI coordinator who is in Hungary:
National IMI Coordinator (NIMIC)
Department of EU Law Compliance
Ministry of Justice
1051 Budapest, Nádor u. 22.
Tel: +36 (1) 896-3647
E-mail: Ez az e-mail-cím a szpemrobotok elleni védelem alatt áll. Megtekintéséhez engedélyeznie kell a JavaScript használatát.
Web: https://eujog.im.kormany.hu/egyseges-piaci-kozpont
If your request concerns another country, you can find full information on who to contact on this website:
https://ec.europa.eu/internal_market/imi-net/contact/index_hu.htm
If you are not satisfied with these authorities' reaction, you may turn to the Hungarian Data Protection Authority (NAIH).