|
Header - versioning and reference numbers (recommendation: publicly available) |
|
1. |
Last update of this record |
05-09-2022 |
2. |
Reference number |
EDA-DPR-061 |
|
part 1 - article 31 record (recommendation: publicly available) |
|
3. |
Name and contact details of controller |
European Defence Agency
Rue des Drapiers 17-23
B-1050 Brussels
Belgium
|
4. |
Name and contact details of DPO |
|
5. |
Name and contact details of joint controller (where applicable) |
N/A
|
6. |
Name and contact details of processor (where applicable) |
N/A
|
7. |
Purpose of the processing |
The Capability Development Plan (CDP) - Tool is a web-based tool designed to support participating Member States in sharing information on EU Capability Development. The Application is restricted to governmental users representing EDA participating Member States and to governmental authorities representing the EU (EC, EUMS, EUMC). Personal data are processed in order to allow participation and to provide information to the CDP-Tool user community.
|
8. |
Description of categories of persons whose data EDA processes and list of data categories |
The users are managed through Security Group CDP Reader in AppSecStore. We process the following data on every person who opens an user account: Name, E-Mail, Phone, Mobile, Address (Street, Postalcode, City), Employer. The data processed are not sensitive personal data in the sense of Article 10 of Regulation 2018/1725.
|
9. |
Time limit for keeping the data |
Data will be retained for the duration of validity of the CDP 2018 and will be deleted once the CDP will be revised (expected not earlier than 2020). Data might be stored for longer periods if users retain their EDA Account in AppSecStore.
|
10. |
Recipients of the data |
EDA Administrators of the CDP-Tool (role is managed by the PO CDP) have access to all CDP user data. All CDP national PoCs have access to all personal data of other users of their country. All Users of the CDP-tool have access to contact details (E-Mail Address and Telephone number) of all CDP national PoCs.
|
11. |
Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards? |
N/A
|
12. |
General description of security measures, where possible. |
The measures implemented in the framework of AppSecStore and ECP are applicable also in this case, namely firewalls, checkpoints, antivirus, in order to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected. Such measures have been taken in particular to prevent any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and to prevent all others unlawful forms of processing.
|
13. |
For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement |
Additional information is available by following the link to privacy statement here.
|