DETAILS OF REGISTER

European Defence Agency

Rue des Drapiers 17-23
B-1050 Brussels
Belgium

Head of the Legal Office, Legal Advisor / Data Protection Mr Pedro ROSA PLAZA

dataprotection@eda.europa.eu

DG Informatics (DIGIT) of the European Commission

DG Informatics (DIGIT) of the European Commission DDG.D.1 DIGIT-DATA-PROTECTION-COORDINATOR@ec.europa.eu

Purpose of the processing operations: The EDA, through EUSurvey, collects and uses personal information for the purpose of enabling the user to connect to the EUSurvey application and use the service for creating an online election and allowing eligible voters to vote to elect a staff committee. Contact details (email address, first name and last name) may also be used for contacting users for support and quality management purposes. Personal data is not used for an automated decision-making including profiling.

• Survey owners - physical persons from the Returning Board, HR and IT staff registered in order to create the online survey Staff Committee election

• Eligible voters participating in the Staff Committee election

• Candidates participating in the Staff Committee election Data categories: In order to provide the EUSurvey services the European Commission processes the following categories of personal data: User credentials To be identified by the system, the user needs a couple login / password, which is managed by the EULogin [1] service.

For further information on how EULogin is processing your personal data, please refer to the EULogin privacy statement. User data Some personal data are accessible from the EUSurvey application under the ‘Settings’ tab:

• Full name (first name and last name)

• Email address

• Type of contract (temporary staff, contract staff or seconded national expert) for candidates standing for elections only.

Analytics: EUSurvey uses the Europa Analytics service for traffic statistics and analytics. For further information see the Europa Analytics website.

Survey specific data - i.e. data collected by the individual survey for the Staff Committee online election: Personal data collected for this processing operation is retained only as long as necessary for the organisation of the election, i.e. until the election report has been issued and the staff committee formally elected. User contact details: The Commission only keeps user personal data for the time necessary to fulfil the purpose of the survey. In particular: EU staff member (internal user). As long as the person is an EU staff member, the user account remains active and the personal data is therefore retained. However, the staff member can, at any time, ask the EUSurvey team to terminate the account if they no longer wish to use the service. In this case, the user account, all associated data and all surveys and results will be permanently deleted. Analytics data: Automatically removed from the user’s device after 13 months. Credentials: For as long as a user account is active.

Personal data collected for user management • EC Staff (EUSurvey operation team and Infrastructure administrators) EC Staff (EUSurvey operation team and Infrastructure administrators): for the purpose of enabling the user to connect to the EUSurvey application and use the service for creating and publishing online questionnaires. The user's contact details (email address, first name and last name) may also be used for contacting the user for support and quality management purposes. The personal data will not be used for an automated decision-making including profiling. The collected information will not be given to any third party, except to the extent and for the purpose they may be required to do so by law. The Commission will not share user personal data with third parties for direct marketing. In other words, the Commission will not use the users' personal data to contact them with newsletters, marketing or promotional information. However, the EC may use the user email address to contact them with information or updates regarding EUSurvey. Personal data collected via online surveys Authorised IT and HR staff, returning board organising the election. Please note that the vote remains anonymous and not traceable to the staff member in order to remain secret.

NO

• EUSurvey stores the EULogin username as well as e-mail addresses of the survey owners at the Data Centre of the European Commission.

• The European Commission has implemented security measures to protect server hardware, software and the network from accidental or malicious manipulations and loss of data.

All data is stored on European Commission servers managed by DG DIGIT in line with the technical security provisions laid down in the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission, its subsequent versions, its implementing rules (as adapted from time to time) and the corresponding security standards and guidelines, as well as the Commission Decision (EU, Euratom) 2015/443 of 13 March 2015 on the security in the Commission, its implementing rules and the corresponding security notices. These documents (as adapted from time to time) are available for consultation at the following address: https://ec.europa.eu/info/publications/security-standards-applying-all-european-commission-information-systems_en

Additional information is available by following the link to privacy statement here.