|
Header - versioning and reference numbers (recommendation: publicly available) |
|
1. |
Last update of this record |
05-09-2022 |
2. |
Reference number |
EDA-DPR-075 - Online Staff Committee Election on EU Survey |
|
part 1 - article 31 record (recommendation: publicly available) |
|
3. |
Name and contact details of controller |
European Defence Agency
Rue des Drapiers 17-23
B-1050 Brussels
Belgium
|
4. |
Name and contact details of DPO |
|
5. |
Name and contact details of joint controller (where applicable) |
DG Informatics (DIGIT) of the European Commission
|
6. |
Name and contact details of processor (where applicable) |
DG Informatics (DIGIT) of the European Commission DDG.D.1 DIGIT-DATA-PROTECTION-COORDINATOR@ec.europa.eu
|
7. |
Purpose of the processing |
Purpose of the processing operations: The EDA, through EUSurvey, collects and uses personal information for the purpose of enabling the user to connect to the EUSurvey application and use the service for creating an online election and allowing eligible voters to vote to elect a staff committee. Contact details (email address, first name and last name) may also be used for contacting users for support and quality management purposes. Personal data is not used for an automated decision-making including profiling.
|
8. |
Description of categories of persons whose data EDA processes and list of data categories |
• Survey owners - physical persons from the Returning Board, HR and IT staff registered in order to create the online survey Staff Committee election
• Eligible voters participating in the Staff Committee election
• Candidates participating in the Staff Committee election Data categories: In order to provide the EUSurvey services the European Commission processes the following categories of personal data: User credentials To be identified by the system, the user needs a couple login / password, which is managed by the EULogin [1] service.
For further information on how EULogin is processing your personal data, please refer to the EULogin privacy statement. User data Some personal data are accessible from the EUSurvey application under the ‘Settings’ tab:
• Full name (first name and last name)
• Email address
• Type of contract (temporary staff, contract staff or seconded national expert) for candidates standing for elections only.
Analytics: EUSurvey uses the Europa Analytics service for traffic statistics and analytics. For further information see the Europa Analytics website.
|
9. |
Time limit for keeping the data |
Survey specific data - i.e. data collected by the individual survey for the Staff Committee online election: Personal data collected for this processing operation is retained only as long as necessary for the organisation of the election, i.e. until the election report has been issued and the staff committee formally elected. User contact details: The Commission only keeps user personal data for the time necessary to fulfil the purpose of the survey. In particular: EU staff member (internal user). As long as the person is an EU staff member, the user account remains active and the personal data is therefore retained. However, the staff member can, at any time, ask the EUSurvey team to terminate the account if they no longer wish to use the service. In this case, the user account, all associated data and all surveys and results will be permanently deleted. Analytics data: Automatically removed from the user’s device after 13 months. Credentials: For as long as a user account is active.
|
10. |
Recipients of the data |
Personal data collected for user management • EC Staff (EUSurvey operation team and Infrastructure administrators) EC Staff (EUSurvey operation team and Infrastructure administrators): for the purpose of enabling the user to connect to the EUSurvey application and use the service for creating and publishing online questionnaires. The user's contact details (email address, first name and last name) may also be used for contacting the user for support and quality management purposes. The personal data will not be used for an automated decision-making including profiling. The collected information will not be given to any third party, except to the extent and for the purpose they may be required to do so by law. The Commission will not share user personal data with third parties for direct marketing. In other words, the Commission will not use the users' personal data to contact them with newsletters, marketing or promotional information. However, the EC may use the user email address to contact them with information or updates regarding EUSurvey. Personal data collected via online surveys Authorised IT and HR staff, returning board organising the election. Please note that the vote remains anonymous and not traceable to the staff member in order to remain secret.
|
11. |
Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards? |
NO
|
12. |
General description of security measures, where possible. |
• EUSurvey stores the EULogin username as well as e-mail addresses of the survey owners at the Data Centre of the European Commission.
• The European Commission has implemented security measures to protect server hardware, software and the network from accidental or malicious manipulations and loss of data.
All data is stored on European Commission servers managed by DG DIGIT in line with the technical security provisions laid down in the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission, its subsequent versions, its implementing rules (as adapted from time to time) and the corresponding security standards and guidelines, as well as the Commission Decision (EU, Euratom) 2015/443 of 13 March 2015 on the security in the Commission, its implementing rules and the corresponding security notices. These documents (as adapted from time to time) are available for consultation at the following address: https://ec.europa.eu/info/publications/security-standards-applying-all-european-commission-information-systems_en
|
13. |
For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement |
Additional information is available by following the link to privacy statement here.
|