1.The Commission shall exercise the responsibilities of data controller pursuant to Article 2(d) of Regulation (EC) No 45/2001 in accordance with its respective responsibilities within the Portal as referred to in this Article.
2.The Commission shall ensure the availability, maintenance and security of the IT infrastructure of the Portal.
3.The Commission shall be responsible for the following processing operations:
(a)organisation;
(b)disclosure by transmission;
(c)dissemination or otherwise making available;
(d)alignment or combination of personal data derived from the interconnected national databases or of personal data on registered users.
4.The Commission shall define the necessary policies and apply the appropriate technical solutions to fulfil its responsibilities within the scope of the function of data controller.
5.The Commission shall implement the technical measures required to ensure the security of personal data while in transit and during their display on the Portal, in particular the confidentiality and integrity for any transmission to and from the Portal.
6.The Commission shall not be responsible for any data protection aspects concerning
(a)the initial collection and storage of any data derived from the interconnected national databases;
(b)any decision taken by the Member States to make such data available via the Portal;
(c)the content of any data derived from the interconnected national databases made available through the Portal.
7.The obligations of the Commission shall not affect the responsibilities of the Member States and other bodies for the content and operation of the interconnected national databases run by them.