|
Header - versioning and reference numbers (recommendation: publicly available) |
|
1. |
Last update of this record |
05-09-2022 |
2. |
Reference number |
EDA-DPR-067 - Small Ads |
|
part 1 - article 31 record (recommendation: publicly available) |
|
3. |
Name and contact details of controller |
European Defence Agency
Rue des Drapiers 17-23
B-1050 Brussels
Belgium
|
4. |
Name and contact details of DPO |
|
5. |
Name and contact details of joint controller (where applicable) |
N/A
|
6. |
Name and contact details of processor (where applicable) |
N/A
|
7. |
Purpose of the processing |
It is an internal EDA advertising service for renting, buying, selling and looking for property, goods and services or community activities. The staff's contact data are needed to be able to get in touch about an item advertised.
|
8. |
Description of categories of persons whose data EDA processes and list of data categories |
Data subjects are EDA staff, including in some cases respective spouses/partners and/or third parties who can include their contact details, such as phone number, e-mail addresses, their home addresses, etc. Besides EDA staff, these can also be contact details of their spouses/ partners or third parties, such as a landlord of an apartment to rent.
|
9. |
Time limit for keeping the data |
The data should be deleted as soon as ad expires because the goods have been bought, service rendered, etc. and on any account not retained more than a year after publication.
|
10. |
Recipients of the data |
EDA staff
|
11. |
Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards? |
No
|
12. |
General description of security measures, where possible. |
The measures implemented in the framework of EDA Office365 (including SharePoint Online) are applicable also in this case, namely firewalls, checkpoints, antivirus, to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be preserved. Such measures have been taken in particular to prevent any unauthorized disclosure or access and to prevent all other unlawful forms of processing.
|
13. |
For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement |
Additional information is available by following the link to privacy statement here.
|