DETAILS OF REGISTER

European Defence Agency

Rue des Drapiers 17-23
B-1050 Brussels
Belgium

Head of the Legal Office, Legal Advisor / Data Protection Mr Pedro ROSA PLAZA

dataprotection@eda.europa.eu

N/A

SendinBlue, a simplified joint stock company registered with the Paris commercial registry under No 498019298 and whose registered office is located at 47, rue de la Chaussee d'Antin, 75009 Paris, provides email and/or SMS marketing and/or transactional solutions via its website www.sendinblue.com website and is used by EDA for the sending of the e-mail newsletter. Under EDA General Terms and Conditions all contractors are obiged to ensure data protection compliance when processing personal data.

The purpose of the processing is to group information on data subjects in order to convey information on EDA activities, in particular by sending e-news and postal sending of hard-copy EDA magazines. The explicit and legitimate purpose of this action is to keep stakeholders informed on the activities of the EDA, serving the principle of public information and transparency.

Data are processed from the following individuals or group of people: -National Administrations' civil servants;

• European Institutions' civil servarnts;
• Industry professionals;
• Academic & Think-thank professionals;
• Sectoral associations' professionals;
• Army/Navy/Air Force
• Press
• Any individual interested in receiving news from EDA indicated by completing the e-news sign-up form.

Data processed are the following: For e-news:

• First name and surname;
• E-mail address Additional information needed for the paper magazine:
• Postal address.

The following additional information may be processed for further costumer relations management:

• additional personal information (organisation, department, job title);
• additional contact information (phone, fax, website)
• roles (representing country, representing organisation)

Data will be kept in the database for the purposes outlined above until the data subject expresses his/her wish to be deleted from the database: -An annual email reminder is sent to all data subjects informing them that are included in EDA's database and providing the Privacy Statement. -Every e-newsletter sent via the EDA communication database contains an usubscribe option; the data of the data subject requesting to usubscribe is subsequently deleted from the database. -Emails that are returned to the sender will be deleted from the database.

The internal recipients of the data are the Media and Communication Unit, the EDA assistants and IT Unit. The Media and Communication Unit commissions an external contractor (through a framework contract for communications services) for the postal sending operations of the EDA magazine in print, in case the subscriber has expressed the wish to receive such publication.

N/A

The data are stored on the host servers on which SendinBlue processes and stores its databases, located exclusively within the European Union. SendinBlue does not transfer data outside of the European Union under the supervision and responsibility of the EDA IT unit. Only MCU & IT staff & assistants have access to the EDA database. EDA's contractors are bound by a specific contractual clause under EDA general Terms and Conditions and under the respective contract for any processing operations of personal data on behalf of EDA, abiding to strict technical and organisational security measures in adherence to Regulation 2018/1725. SendinBlue has taken all necessary precautions to safeguard personal data and, in particular, to prevent it from being misrepresented, damaged or accessed by an unauthorised third party. These measures include the following: -Multi-level firewall; -Anti-virus with a proven reputation for detecting attempted intrusions -Encrypted data transmission.