DETAILS OF REGISTER

Data Protection Officer

dataprotection@eda.europa.eu

External contractors (e.g. the venue booking agency or conference venue, catering company) may be used to perform certain tasks for the controller. All contractors are contractually obliged to ensure data protection compliance when processing personal data on behalf of EDA.

The data are collected to obtain all personal data of participants necessary for the preparation, delivery and follow-up of the Consultation Forum for Sustainable Energy in the Defence and Security Sector conferences, including creating participant lists and name badges, anonymised statistics, hotel registrations and managing dietary restrictions for the catering. Additionally, the data are stored to set up a database that helps to build the network of energy and environment focal points and experts in the defence sector in the framework of the European Defence Energy Network (EDEN) activities. These details are used to engage the individuals in future relevant events and projects.

Data subject categories:

• Delegates from defence ministries or other public bodies of EU MS and other Participating Countries (Norway, Switzerland, Serbia and other Third Countries)

• Representatives from EU institutions, agencies and bodies

• Representatives from Industry, academia and research and technology organisations • Representatives from other international private and public bodies

• Representatives of any other stakeholder, having expressed interest in receiving information or taking part in CF SEDSS activities

Data categories processed:

• Last name, First name, Email-address, Telephone number.

• Nationality.

• Organisation/entity, place of organisation/entity, function (post). • Government delegation and/or invited guest speaker.

• Dietary restrictions, Photographs, audio or video recording, or live streaming in the context of a conference or meeting (subject to consent collected upon registration).

• Identification data, bank account data, travel invoices for the reimbursement of travel expenses.

• Specific requests made by each participant.

The contact details of participants are stored to set up an internal database kept for up to 1 year after the end of the project that will serve to engage individuals interested in future relevant events or projects. Data subjects can unsubscribe or request deletion anytime by contacting the and specifying their request at the following mailbox: eden@eda.europa.eu.
Data other than contact details will be retained for a maximum period of 1 year after the last conference/meeting of the series or after the database is no longer necessary for networking in the Consultation Forum for Sustainable Energy in the Defence and Security Sector as defined under the purposes for this processing operation.
Anonymised statistics may be kept beyond the retention period. This is to inform EDA on participant numbers and analyse the relative success of each of the events as well as for reporting purposes.

The internal recipients of the data are the EDA staff of the EU-funded Defence Research Unit assigned to the project, the organisers of the meeting, competent staff from the EDA Media and Communication Unit and the EDA IT Unit, EDA Finance Unit and other Units in case those are involved in a specific task of the project or conference.

E-mail contact details of registered participants may be shared with the national authorities of the Member State where the event is hosted, when requested so by these authorities and as necessary to perform accreditation tasks carried out in the public interest, or in the exercise of official authority, pursuant to Article 9 of Regulation (EU) 2018/1725.

Personal data will not be communicated to third parties unless necessary to fulfil the purpose of this activity or to comply with legal obligations. Notably, for the 4th Plenary CF SEDSS Conference, personal data of participants will be transmitted to:

• Accommodation provider (hotel): for the purpose of booking accommodation for the conference participants, EDA will share personal data (name, surname and contact details) with the accommodation provider, acting as a data processor for the booking arrangements. Please be aware that the hotel will further process your personal data outside of the control of EDA, as a separate data controller and subject to their own privacy policy which can be consulted on the hotel website/ at the hotel reception.

• Onsite photographer for audio-visual services who processes personal data as per the instructions of EDA and applicable laws.

Conference participants and members of the CF SEDSS network of focal points and experts have to option to allow the exchange of their contact details with other participants and members of the network.

Certain categories of personal data may be accessed by auditing bodies or supervisory authorities in carrying out their respective duties and in line with EDA’s legal obligations.

No transfers are envisaged. However, participation in meetings or conferences is in principle open to data subjects from third countries or international organisations which may have limited access to the personal information of other participants displayed in the context of meetings/conferences. Personal data collected from these data subjects will be kept separate, as far as possible.
In case of opt-in, the participants’ name and affiliation may be shared with other conference participants, including those from third countries and international organisations. The data shared on the basis of consent are: first name/surname, country, organisation, post, e-mail address and the working group choice.

Data will be processed in accordance with the high security standards established by EDA. Within the EDA network the data access is limited to the RTI Directorate staff, the IT and Media and Communications units. EDA external contractors are obliged by the respective contract to adopt appropriate technical and organisational security measures having regard to the risks inherent in the processing and to the nature of the personal data concerned.
EDA has implemented appropriate technical and organisational measures (firewalls, checkpoints, antivirus) to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected. Such measures have been taken in particular to prevent any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and to prevent all others unlawful forms of processing.