E_SERVICES ON JRC WEBSITES (DPO-2176) PRIVACY STATEMENT
1. Description.
e-Service is made available on web pages in order to offer an online electronic registration for: European Alien Species Information Network – EASIN e_Services are tools on the internet websites of the Joint Research Centre (JRC) enabling a given research community (e.g. committee, working group, project group, etc.) geographically spread across Europe (and beyond) to maintain a private space on Internet where they can share information, documents, participate in discussion fora, download software, subscribe JRC publications etc. Your personal data will be collected and further processed for the purposes detailed hereafter under point 2.This processing of personal data is under the responsibility of the Head of Unit Thematic coordination at the JRC. The Directorate D - Sustainable Resources / Unit D.02 Water and Marine Resources who manages the processing itself acts as personal data processor. As this processing collects and further processes personal data, Regulation (EC) 45/2001, of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.
2. What personal information do we collect, what is the legal basis, for what purpose and through which technical means?
Identification Data:
Web page registration forms contain the following data fields: Title, first name and last name of person, name of organization, e-mail address. Legal Basis of processing: - The Framework Programme for Research and Innovation (2014-2020) - Horizon 2020. - Registration and participation of data subjects are provided on a purely voluntary basis.
Purpose of processing:
The purpose of the processing of personal data for the e-Services is to provide secure access and information exchange, management of data bases, including management of: communications to users, reports, distribution of reports, information sharing within interest groups, etc.
Technical Information:
The user data are collected through web forms and stored inside a SQL database.
3. Who has access to your information and to whom is it disclosed?
The access to all personal data is only granted through user_Id / Password to a defined population of users. These users typically are: the Unit Head acting as controller of the processing of personal data, the system administrator of the software. Regular registered and approved users by default have access to limited personal data of other users. No personal data is transmitted to parties, which are outside the recipients and the legal framework mentioned.
4. How do we protect and safeguard your information?
The collected personal data is stored on the servers of JRC and underlie the Commission Decision C (2006) 3602 of 17/08/2006 “concerning the security of information systems used by the European Commission” defines IT security measures in force. Annex I defines the security requirements of EC Information Systems. Annex II defines the different actors and their responsibilities. Annex III defines the rules applicable by users. See notification DPO-1946.
5. How can you verify, modify or delete your information?
Registered users have direct password-protected web access to their profile and are able to update it or to cancel their registration or to request to unsubscribe from specific interest groups and / or publications.
6. How long do we keep your data?
The time limit for storing personal data is fixed to 4 years starting from filling in the registration form on the internet, unless the Controller launches an update of the registrations, asking the Data subjects to update or cancel the stored information including their personal data. Registered users have password protected direct web access to their profile and can cancel their registration at any moment. Publications can be unsubscribed by filling in the corresponding form. In some cases user_id's unused for a defined period are automatically deleted from the system.
7. Contact Information.
Should you have any queries concerning the processing of your personal data, please address them to the controller or to the following processor address: jrc-easin@ec.europa.eu On questions relating to the protection of personal data, you can contact: - DG JRC Data Protection Co-ordinator: jrc-data-protection-coordinator@ec.europa.eu - Commission’s Data Protection Officer: data-protection-officer@ec.europa.eu
8. Recourse.
In the event of a dispute, you can send a complaint to: - European Data Protection Supervisor: edps@edps.europa.eu