|
Header - versioning and reference numbers (recommendation: publicly available) |
|
| 1. |
Last update of this record |
05-09-2022 |
| 2. |
Reference number |
EDA-DPR-029 |
|
part 1 - article 31 record (recommendation: publicly available) |
|
| 3. |
Name and contact details of controller |
European Defence Agency
Rue des Drapiers 17-23
B-1050 Brussels
Belgium
|
| 4. |
Name and contact details of DPO |
|
| 5. |
Name and contact details of joint controller (where applicable) |
N/A
|
| 6. |
Name and contact details of processor (where applicable) |
European Council Medical Service
|
| 7. |
Purpose of the processing |
The processing of health data serves various organisation management purposes at EDA, including:
- Management of pre-employment check-ups to future EDA staff members and annual medical check-ups for TA and CA;
- Management of certain leave entitlements for TA, CA, SNEs, Trainees and Interim;
- Determining working conditions for TA & CA;
- Annual Health promotion and sickness prevention programs for TA and CA.
|
| 8. |
Description of categories of persons whose data EDA processes and list of data categories |
- TA, CA and SNEs, Trainee and Interim Staff.
In connection to certain types of leave documented:
- relatives of EDA, including spouse and relatives in ascending line;
- Candidates offered a TA or CA position at EDA, when undergoing a pre-recruitment medical check-up First name, last name, date of birth, place and country of birth, nationality, gender, address, tel; email, civil and family status (for pre-employment medical check-ups). Medical certificates from staff members that could contain health data Special leave documents including medical reports.
|
| 9. |
Time limit for keeping the data |
The "apt for duty note" for the pre-employment check-up as long as the "Personal file" exists Confirmation that staff members underwent the annual medical check-up: 5 years Confirmation of the invalidity for the duration of the invalidity until the pensionable age The "apt for duty" or "not apt for duty" note of non-recruited persons: 2 years Medical certificates are kept for a period of 5 years.
|
| 10. |
Recipients of the data |
Medical Council of the Council and EDA HR Unit.
|
| 11. |
Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards? |
NO
|
| 12. |
General description of security measures, where possible. |
Having regard to the state of the art and the cost of their implementation, the controller has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected (restricted access, logs, others). Such measures have been taken in particular to prevent any unauthorized disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and to prevent all others unlawful forms of processing.
|
| 13. |
For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement |
Additional information is available by following the link to privacy statement here.
|