Dear Alan, The European Commission website on page https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-busines... shows: Do the data protection rules apply to data about a company? No, the rules only apply to personal data about individuals, they don’t govern data about companies or any other legal entities. However, information in relation to one-person companies may constitute personal data where it allows the identification of a natural person. The rules also apply to all personal data relating to natural persons in the course of a professional activity, such as the employees of a company/organisation, business email addresses like ‘ forename.surname@company.eu’ or employees’ business telephone numbers. This point related to "personal data relating to natural persons" is problematic. Let's consider the European Commission's own conventions, as seen in its webpages inside https://ec.europa.eu/info/about-european-commission/contact_en which lists the various departments, names the heads of departments, shows who is incharge of what, the official's phone number, and also provides an interface to download the visiting card file. Without such openness, the Commission would be unapproachable, and would theoretically be functioning with minimised accountability. It is the visibility of the divisions that enables the common man to reach the right division and the right person in the Commission. (Though it provides name and phone numbers, it is rather puzzling as to why the Commission or a business with this level of transparency ) would have hesitation listing the email address. ) With the existing level of transparency, which the Commission would know by experience as a good practice that works, why wouldn't the Commission go by its own experience and alter its position "The rules also apply to ... business telephone numbers" ? Thank you. Sivasubramanian M