E_SERVICES ON JRC WEBSITES (DPO-2176)
An e-Service is made available on web pages in order to offer an online electronic registration for: Green Best Practice Community.
e_Services are tools on the Internet websites of the Joint Research Centre (JRC) enabling a given research community (e.g. committee, working group, project group, etc.) geographically spread across Europe (and beyond) to maintain a private space on Internet where they can share information, documents, participate in discussion fora, download software, subscribe JRC publications etc.
Your personal data will be collected and further processed for the purposes detailed hereafter under point 2. This processing of personnel data is under the responsibility of the Head of Unit Internal and external communication at the JRC.
The Unit Head of the JRC.B.5 Unit - Circular Economy and Industrial Leadership, who manages the processing itself acts as personal data processor.
As this processing collects and further processes personal data, Regulation (EC) 45/2001, of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.
2. What personal information do we collect, what is the legal basis, for what purpose and through which technical means?
Web page registration forms can contain data fields of Data subjects such as: Title, first name and last name of person, date and place of birth, position, name of organization, street name and number, postal code, city, country, e-mail address, website, phone, fax, preferred language, default language, fields of interest, information distribution format desired (email or not). A username and password could also be set up at the first registration.
Legal Basis of processing:
- The European Parliament and Council Decision of 18 Dec. 2006 on the EC 7th Research Framework Programme (FP7) (2007-2013).
- Registration and participation of data subjects are provided on a purely voluntary basis.
Purpose of processing:
The purpose of the processing of personal data for the e-Services is to provide secure access and information exchange, management of data bases, including management of: communications to users, reports, distribution of reports, information sharing within interest groups, etc.
The user data are collected through web forms and stored inside a SQL database.
3. Who has access to your information and to whom is it disclosed?
The access to all personal data is only granted through user_Id / Password to a defined population of users. These users typically are: the Unit Head acting as controller of the processing of personal data, the system administrator of the software. Regular registered and approved users by default have access to limited personal data of other users. No personal data is transmitted to parties, which are outside the recipients and the legal framework mentioned.
4. How do we protect and safeguard your information?
The collected personal data is stored on the servers of JRC and underlie the Commission Decision C (2006) 3602 of 17/08/2006 “concerning the security of information systems used by the European Commission” defines IT security measures in force. Annex I defines the security requirements of EC Information Systems. Annex II defines the different actors and their responsibilities. Annex III defines the rules applicable by users. See notification DPO-1946.
5. How can you verify, modify or delete your information?
Registered users have direct password-protected web access to their profile and are able to update it or to cancel their registration or to request to unsubscribe from specific interest groups and / or publications.
6. How long do we keep your data?
The time limit for storing personal data is fixed to max. 4 years starting from filling in the registration form on the internet, unless the Controller launches an update of the registrations, asking the Data subjects to update or cancel the stored information including their personal data.
Registered users have password protected direct web access to their profile and can cancel their registration at any moment.
Publications can be unsubscribed by filling in the corresponding form.
In some cases user_id's unused for a defined period are automatically deleted from the system.
7. Contact Information.
Should you have any queries concerning the processing of your personal data, please address them to the controller.
On questions relating to the protection of personal data, you can contact:
- DG JRC Data Protection Co-ordinator: email@example.com
- Commission’s Data Protection Officer: firstname.lastname@example.org
- JRC EMAS SRD: JRC-EMAS-SRD@ec.europa.eu
In the event of a dispute, you can send a complaint to:
- European Data Protection Supervisor: email@example.com