(This is a privacy statement Model)
Privacy Statement on the protection of personal data Online for invitation/registration relating to the Meeting
"name of the meeting"
(also valid for Workshop/ Information day/ Event/Seminar / including Experts meeting and related lists and Mailing Lists)
This webpage offers you an online electronic registration for the above mentioned meeting. While registering your personal data will be collected and further processed for the purposes detailed hereafter under point 2. The relevant processing operations thereof and the meeting are under the responsibility of the Head of the "Common Portal and Open Data Portal" Unit of the Publications Office, acting as the Controller.
As this online service collects and further processes personal data, Regulation (EC) 45/2001, of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.
II. Why do we collect, store and process your data?
The purpose of the processing of personal data performed in the context of the meeting is the management/organisation of the meeting, including management of:
- lists for contacts, invitations, participants, reports, distribution of reports, feedback on reports, meeting follow-up, follow-up meetings, follow-up actions, news, publications
- in case of repeated meetings of the same group, to ensure that the invitees of meetings are invited to subsequent meetings.
- [If relevant: Photographs/pictures, presentations, live webstreaming and/or audio and video recording of speakers and participants],
[If relevant: Publication on the internet/intranet].
- [If relevant: An opt-out is provided to participants who prefer their images are neither recorded nor published on any support (participants who prefer their images are not published can opt out as described in section 5.
If possible, those participants should be able to locally follow live meeting and debates at the webstreaming Internet address indicated on the subscription form or the invitation by the organizer.
The processing operations on personal data linked to the organisation and management of this meeting is necessary for the management and functioning of the Commission, as mandated by the treaties, and more specifically articles 5, 7 and 211 - 219 of the EC Treaty.
III. Who is responsible for the processing of your data? (Controller)
The controller responsible for processing these data is the head of unit of the Common Portal and Open Data Portal unit (E-mail: firstname.lastname@example.org).
IV. What personal data do we collect?
Data collected and further processed
- data which are necessary for the organisation and management of the meeting, such as gender (needed for the right title)/name/surname/profession/ postal & e-mail addresses/ phone number/fax number...
- identity/passport n°/date of birth (for access control purpose by security guards to the Commission's premises – see DPO-508)
- [if relevant: photographs/pictures, presentations, live webstreaming and/or audio and video recording of speakers and participants.
They could be published in the context of the meeting and in the framework of European Commission activities]
- [if relevant: information about the form of transport used & hotel, and banking information (for purpose of reimbursement of travel expenses/allowances – see DPO-372)]
"If the web page collecting personal data uses technical means like cookies, log-records, or equivalent, this has to be clearly explained here considering, why these techniques are used, which options the user has (to accept or reject the use of them), what are the consequences of the user's choice.""
V. To whom are your data disclosed?
- ATTENTION: If personal data are made publicly available on the web (including photographs/pictures, video recording or webstreaming), you have to offer the data subjects the possibility to opt-out to this publication. In this case, you have to put in this section: If only speakers' data are published, adapt and combine both following paragraphs as necessary.
Some of your personal data (specify which ones and where) will be published on the web. If you do not agree with this publication of your personal data, please inform the data controller by using the Contact Information below explicitly specifying your request. Your request is not granted if publication is required by law.
For speakers only, in the conferences webcast portal, name, profile, picture, short CV and presentation(s) if provided voluntarily by the speaker, will be indicated in the portal and associated to the video recording of the speech. No personal data is added for interventions not in agenda (e.g. questions from the public).
- If personal data are NOT published on a publicly available website, you have to put in this section: The access to all personal data as well as all information collected in the context of this meeting, and the organisation thereof, is only granted through UserID/Password to a defined population of users, without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection task in accordance with Community legislation. These users typically are: The chairman and the secretary of the meeting, both supported by a team in the operational services inside the Publications Office [and its subcontractor (name of the company), if the meeting is organised by an external company]
[or DG SCIC, if the meeting is organised with the support of SCIC, acting as processor(s)].
In order to keep the network of the participants operational a contact list of participants is shared between attendees.
The report including the presence list is shared between participants and distributed to all organisations represented in the meeting.
As these official meetings reports are Commission documents, they fall under the scope of the Regulation (EC) 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents.
No personal data is transmitted to parties, which are outside the recipients and the legal framework mentioned.
VI. How long are your data kept?
- Where you don't need to keep personal data for more than 1 year, you should put in this section:
Personal data is kept as long as follow-up actions to the meeting are necessary with regard to the purpose(s) of the processing of personal data as well as for the meeting and its related management. All personal data will generally be deleted from databases 1 year after the last action in relation to the meeting. Reports containing personal data will be archived according to the relevant Commission's legal framework.
- Where you need to keep personal data collected in the context of this meeting in order to feed your lists of contact details:
Your personal data will be part of a list of contact details shared internally amongst the staff of the Commission services for the purpose of contacting you in the future in the context of the Commission's activities. If you do not agree with this, please contact the Controller by using the Contact Information below and by explicitly specifying your request.
VII. How can you access to your data, check their accuracy and, if needed, correct them?
In case you want to verify which personal data is stored on your behalf by the responsible controller, have it modified respectively corrected or deleted, please contact the Controller by using the Contact Information below and by explicitly specifying your request. If you are required to take part in meetings by your position, your data cannot be erased unless the organisation delegating you nominates another person. Participants who prefer their images are not published should tick the box on the registration from to this effect.
Special attention is drawn to the consequences of a request for deletion, in which case any trace to be able to contact you will be lost.
VIII. What do we do to avoid misuse or unauthorized access?
- If the meeting is organised by the OP, you should put in this section: The collected personal data and all information related to the above mentioned meeting are stored on the servers of the Publications Office and the European Commission, the operations of which abide by the Commission's security decisions and provisions established by the Directorate of Security for this kind of servers and services. Audio and video recordings as well as information displayed on the internet/intranet might be stored on servers of external contractors abiding by the necessary security provisions
- If the meeting is organised by SCIC you should put in this section: The collected personal data and all information related to the above mentioned meeting are stored on the servers of DG Interpretation, the operations of which abide by the Commission's security decisions and provisions established by the Directorate of Security for this kind of servers and services. Audio and video recordings as well as information displayed on the internet/intranet might be stored on servers of external contractors abiding by the necessary security provisions.
- If the meeting is organised by an external company: The collected personal data and all information related to the above mentioned meeting is stored on a computer of the external contractor, acting as processor, who has to guarantee the data protection and confidentiality required by the Regulation (EC) 45/2001.
If personal data are NOT published on a publicly available website, you have to add the following paragraph: Access to all collected personal data and all information related to the above mentioned meeting is only possible to the above described populations with a UserID/Password.
IX. Contact Information
In case you wish to verify which personal data are stored on your behalf by the responsible Controller, have it modified, corrected, or deleted, or if you have questions regarding the organisation of the meeting, or concerning any information processed in the context of the meeting, or on your rights, feel free to contact the support team, operating under the responsibility of the Controller, using the following contact information:
Unit(s) in charge of the organisation/processing operations on personal data in the framework of the meeting
Phone number of support team desk
Fax number of support team desk (if applicable)
Functional Mailbox Address of support team
Remarks can be addressed to the Data Protection Officer of the European Commission.
Complaints, in case of conflict, can be addressed to the European Data Protection Supervisor.