PRIVACY STATEMENT ON THE PROTECTION OF YOUR PERSONAL DATA
Public Consultation, Survey, Questionnaire, Quiz, etc.
(referred to as "Consultation" in the text)
carried out by MAINSTRAT or its subcontractor(s) on behalf of the Publications Office
The European institutions are committed to protecting and respecting your privacy. The policy on protection of individuals with regard to the processing of personal data by the Community institutions is based on Regulation (EC) N° 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data.
II. Why do we collect, store and process your data?
The objective of this consultation carried out by MAINSTRAT or its subcontractor(s) is to receive the views of stakeholders or people concerned by the topic of the consultation and, on occasions, to publish them on the Internet.The results of this consultation will be used to improve the quality of the website concerned, its content and related functionalities.
Your personal data will be used only for this purpose.
Tasks and operations of the Publications Office are defined in the Decision 2009/496/EC. The processing of your personal data is based on Article 5(a) of Regulation (EC) no. 45/2001 which stipulates that “personal data may be processed only if “processing is necessary for the performance of a task carried out in the public interest on the basis of the Treaties establishing the European Communities or other legal instruments adopted on the basis thereof or in the legitimate exercise of official authority vested in the Community institution or body or in a third party to whom the data are disclosed,” .
Collected personal data is treated according to the policy described in the above-mentioned Regulation.
III. Which data do we collect and process?
The personal data collected and further processed are data necessary for the participation in the consultation, such as name/surname/profession/ postal & e-mail addresses/phone number/fax number etc.of the contributors, including their views on the topics concerned.
Internal participants may, in some cases, be selected through an appropriate sampling in Sysper2 or ComRef. This sampling results in lists used by the Controller to send invitations to participate.
The processing operations on personal data linked to the organisation and management of this consultation are necessary for the management and functioning of the Commission, as mandated by the Treaties, and more specifically in Article 5 of the Treaty on European Union (TEU), Article 13 TEU and Articles 244-250 of the Treaty on the Functioning of the European Union (TFEU), and in accordance with Article 1 and Article 11 TEU.
The survey application is hosted in Spain by MAINSTRAT, an external contractor of the Publications Office.
- If we use an online tool using cookies:
The system uses session "cookies" in order to ensure communication between the client and the server. Therefore, your browser must be configured to accept "cookies". However, it does not collect personal or confidential information of any kind, nor any IP address from your PC. The cookies disappear once the session has been terminated.
- If we use an online tool not using cookies:
- If we will launch our consultation by e-mail:
Your reply and personal data will be collected through e-mail. The e-mail system of the European Commission abides by the Commission's security decisions and provisions established by the Directorate of Security.
IV. How long do we keep your data?
We keep the data only for the time necessary to fulfil the purpose of collection or further processing.
- When the Publications Office keeps personal data for more than 1 year:
Your personal data will remain in the database until the results have been completely analysed and will be rendered anonymous when they have been usefully exploited, and at the latest after 1 year from the end of the consultation.
- When the Publications Office needs to keep personal data collected in the context of this consultation in order to feed its lists of contact details:
If you provided your email address at the end of the consultation, your personal data will be part of a list of contact details shared internally amongst the staff of the EU institutions for the purpose of contacting you in the future in the context of the EU’s activities. If you do not agree with this, please contact the Controller by using the Contact Information below and by explicitly specifying your request.
Any record or copies must be destroyed by MAINSTRAT or its subcontractor(s) and proof provided.
V. How do we protect your data?
All data in electronic format (e-mails, documents, uploaded batches of data etc.) are stored either on the servers of the European Commission or of its contractors; the operations of which abide by the European Commission’s security decision of 16 August 2006 [C(2006) 3602] concerning the security of information systems used by the European Commission.
The Commission’s contractors are bound by a specific contractual clause for any processing operations of your data on behalf of the Commission, and by the confidentiality obligations deriving from the transposition of Directive 95/46/CE.
The Publications Office has put in place, and regularly reviews and updates, appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information collected for the treatment of publications orders.
Staff of the Publications Office and the European institutions who have access to personally identifiable information are required to protect this information in a manner that is consistent with this Privacy Statement by, for example, not using the information for any purpose other than to carry out the services they are performing.
To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access or making corrections.
The collected personal data and all information related to the above mentioned consultation is stored on a computer of MAINSTRAT or its subcontractor(s), acting as processor(s), who has to guarantee the data protection and confidentiality required by Regulation (EC) N° 45/2001.
VI. Who has access to your data and to whom is it disclosed?
Access to your data is provided to authorised staff according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements
The collected data will be treated confidentially and used only by the relevant staff of the European institutions, its contractor (MAINSTRAT, Managing Innovation Strategies, S.L.L, consortium co-ordinator, Poligono Industrial Axpe, Spain), and its subcontractor(s). The contractors are bound by contractual clauses to comply with the EU data protection rules.
The access to all personal data as well as all information collected in the context of this consultation is only granted through UserId/Password to a defined population of users, without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection task in accordance with EU legislation. These users typically are members of the unit organising the consultation inside the Publications Office, and MAINSTRAT and its subcontractor(s
No personal data is transmitted to parties which are outside the recipients and the legal framework mentioned.
The European Commission will not share personal data with third parties for direct marketing purposes.
Without prior written agreement of the person concerned, such personal details will not be disclosed to third parties, without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection task in accordance with EU legislation.
The Publications Office and its contractor(s) will not share personal data with third parties for direct marketing.
VII. What are your rights and how can you exercise them?
In accordance with Regulation (EC) n°45/2001, you are entitled to access your personal data and rectify and/or block it in case the data is inaccurate or incomplete. You can exercise your rights by contacting the data controller, or in case of conflict the Data Protection Officer and if necessary the European Data Protection Supervisor using the contact information given at section VIII below.
You may also request us to delete your personal information completely, subject to settlement of all outstanding issues related to our relationship. This will mean that you will also terminate all services and access rights that may be linked to this information.
In case you want to verify which personal data is stored on your behalf by the responsible controller, have it modified, corrected or deleted, please contact the controller by using the contact information below and by explicitly specifying your request.
VIII. Contact information
If you have comments or questions, any concerns or a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller using the following contact information:
- The Data Controller:
- Head of the “Common Portal and Open Data Portal” unit
- Email: firstname.lastname@example.org
In case you wish to access or verify your personal information which is stored on your behalf by the responsible controller, have it modified, corrected, or deleted, or if you have questions regarding the consultation, or concerning any information processed in the context of the consultation, or on your rights, feel free to contact the support team, operating under the responsibility of the Controller.
Unit(s) in charge of the consultation: …………………..……..
Phone number of support team desk: (+352) 29 29-……..
Fax number of support team desk: (+352) 29 29-……..
Functional Mailbox Address: …………………..…….. @publications.europa.eu
- The Data Protection Officer (DPO) of the Commission: email@example.com
- The European Data Protection Supervisor (EDPS):): firstname.lastname@example.org.
Complaints, in case of conflict, can be addressed to the Data Protection Officer of the European Commission or the European Data Protection Supervisor
IX. Where to find more detailed information?
The Commission Data Protection Officer publishes the register of all operations processing personal data. You can access the register on the following link:.
This specific processing has been notified to the DPO with the following reference: DPO-3827.