|
Header - versioning and reference numbers (recommendation: publicly available) |
|
1. |
Last update of this record |
28-03-2025 |
2. |
Reference number |
EDA-DPR-045 |
|
part 1 - article 31 record (recommendation: publicly available) |
|
3. |
Name and contact details of controller |
European Defence Agency
Rue des Drapiers 17-23
B-1050 Brussels
Belgium
|
4. |
Name and contact details of DPO |
|
5. |
Name and contact details of joint controller (where applicable) |
N/A
|
6. |
Name and contact details of processor (where applicable) |
External contractors (e.g. the venue booking agency or conference venue, catering company) may be used to perform certain tasks for the controller. All contractors are contractually obliged to ensure data protection compliance when processing personal data on behalf of EDA.
|
7. |
Purpose of the processing |
The data are collected to obtain all personal data of participants necessary for the preparation, delivery and follow-up of the Consultation Forum for Sustainable Energy in the Defence and Security Sector conferences, including creating participant lists and name badges, anonymised statistics, hotel registrations and managing dietary restrictions for the catering. Additionally, the data are stored to set up a database that helps to build the network of energy and environment focal points and experts in the defence sector in the framework of the European Defence Energy Network (EDEN) activities. These details are used to engage the individuals in future relevant events and projects.
|
8. |
Description of categories of persons whose data EDA processes and list of data categories |
For CFSEDSS conference participants the data processed are the following:
- Last name, First name, Email-address, Telephone number,
- Nationality,
- Organisation/entity, place of organisation/entity, function (post),
- Government delegation, invited guest speaker,
- Dietary restrictions, Photographs, audio or video recording, or live streaming in the context of a meeting (opt-in via consent to be given in registration).
|
9. |
Time limit for keeping the data |
The contact details of participants are stored to set up an internal database kept for up to 1 year after the end of the project that will serve to engage individuals interested in future relevant events or projects. Data subjects can unsubscribe or request deletion anytime by contacting the and specifying their request at the following mailbox: eden@eda.europa.eu.
Data other than contact details will be retained for a maximum period of 1 year after the last conference/meeting of the series or after the database is no longer necessary for networking in the Consultation Forum for Sustainable Energy in the Defence and Security Sector as defined under the purposes for this processing operation.
Anonymised statistics may be kept beyond the retention period. This is to inform EDA on participant numbers and analyse the relative success of each of the events as well as for reporting purposes.
|
10. |
Recipients of the data |
The internal recipients of the data are the EDA staff assigned to the project, the organisers of the meeting, the Media and Communication Unit, the IT Unit, and other Units involved in a specific project or conference.Personal data will not be communicated to third parties unless necessary to fulfill the purpose of this activity or to comply with legal obligations.External data recipients may include:
- EDA’s contractors, which are contractually bound to comply with data protection requirements and EDA’s instructions when processing personal data on behalf of EDA (e.g., the agency or the hotel which is hosting the event),
- Other meeting participants (based on data subject’s consent),
- Others on a need-to-know basis (e.g., supervisory authorities, courts, etc.).
|
11. |
Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards? |
No transfers are envisaged. However, participation in meetings or conferences is in principle open to data subjects from third countries or international organisations which may have limited access to the personal information of other participants displayed in the context of meetings/conferences. Personal data collected from these data subjects will be kept separate, as far as possible.
In case of opt-in, the participants’ name and affiliation may be shared with other conference participants, including those from third countries and international organisations. The data shared on the basis of consent are: first name/surname, country, organisation, post, e-mail address and the working group choice.
|
12. |
General description of security measures, where possible. |
Data will be processed in accordance with the high security standards established by EDA. Within the EDA network the data access is limited to the RTI Directorate staff, the IT and Media and Communications units. EDA external contractors are obliged by the respective contract to adopt appropriate technical and organisational security measures having regard to the risks inherent in the processing and to the nature of the personal data concerned.
EDA has implemented appropriate technical and organisational measures (firewalls, checkpoints, antivirus) to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected. Such measures have been taken in particular to prevent any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and to prevent all others unlawful forms of processing.
|
13. |
For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement |
Additional information is available by following the link to privacy statement here.
|