|
Header - versioning and reference numbers (recommendation: publicly available) |
|
| 1. |
Last update of this record |
02-06-2025 |
| 2. |
Reference number |
EDA-DPR-086 - Gov2Gov Portal |
|
part 1 - article 31 record (recommendation: publicly available) |
|
| 3. |
Name and contact details of controller |
European Defence Agency
Rue des Drapiers 17-23
B-1050 Brussels
Belgium
|
| 4. |
Name and contact details of DPO |
|
| 5. |
Name and contact details of joint controller (where applicable) |
N/A
|
| 6. |
Name and contact details of processor (where applicable) |
Amazon Web Services Inc. (AWS)
|
| 7. |
Purpose of the processing |
Personal data are being processed for the registration of authorised governmental users to the EDA Gov2Gov Platform. The Gov2Gov Platform is set up and maintained by EDA to support Member States in coordinating joint initiatives. Personal data of registered users are made available to all registered users to facilitate the necessary communication between Member States in the coordination of joint initiatives.
|
| 8. |
Description of categories of persons whose data EDA processes and list of data categories |
Categories of persons: Registered users, in their capacity as competent staff of Member States’ authorities.
Categories of data processed: Name, Surname, e-mail address, telephone number, MS represented, professional affiliation. Contact details of MS project managers and associated project titles.
|
| 9. |
Time limit for keeping the data |
Personal data will be kept as long as needed to serve the purpose for which they have been collected, which is to provide registered participants with access to the CBRN KB and the possibility to upload or download documents, or until the data subject (a registered participants) indicates that he/she wants the data to be deleted. In any case, the personal data collected, and the database will be deleted at the termination of the relevant activities and CBRN defence projects.
|
| 10. |
Recipients of the data |
Internal recipients:
External recipients:
-
Other users registered to the Gov2Gov Platform.
|
| 11. |
Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards? |
The Gov2Gov Platform is hosted using AWS (Amazon Web Services Inc.). Personal data could potentially be transferred to the US, where AWS is based. AWS is certified under the EU-US Data Privacy Framework. Such transfer would take place pursuant to the EU-US Commission Adequacy Decision (Commission Implementing Decision EU 2023/1795 of 10 July 2023) and Article 47 of Regulation 2018/1725.
|
| 12. |
General description of security measures, where possible. |
EDA has implemented appropriate technical and organisational measures (firewalls, checkpoints, antivirus) to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected. Such measures have been taken in particular to prevent any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and to prevent all others unlawful forms of processing.
|
| 13. |
For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement |
Additional information is available by following the link to privacy statement here.
|