News, events, publications

EDA-DPR-080 - EDA Public Transportation Contribution Scheme

Records and compliance checklist

Under Article 31 of the new Regulation, EUIs have to keep records of their processing operations. This template covers two aspects:

1.Mandatory records under Article 31 of the new rules (recommendation: publicly available)
2.Compliance check and risk screening (internal).

The header and part 1 should be publicly available; part 2 is internal to the EUI. By way of example, column 3 contains a hypothetical record on badges and physical access control in a EUI.
Nr Item Explanation
Header - versioning and reference numbers (recommendation: publicly available)
1. Last update of this record 05-09-2022
2. Reference number EDA-DPR-080 - EDA Public Transportation Contribution Scheme
part 1 - article 31 record (recommendation: publicly available)
3. Name and contact details of controller
European Defence Agency

Rue des Drapiers 17-23
B-1050 Brussels
4. Name and contact details of DPO

Head of the Legal Office, Legal Advisor / Data Protection Mr Pedro ROSA PLAZA

5. Name and contact details of joint controller (where applicable)
6. Name and contact details of processor (where applicable)
7. Purpose of the processing
The purpose of the processing activity "EDA Public Transportation Contribution Scheme" is to provide eligible EDA staff (temporary, contract agents, SNE and cost free SNE, and trainees) with the possibility to apply for a contribution towards the costs of public transportation used for commuting to and from work, as set out in the general conditions of enrolment to the EDA public transport contribution scheme. This processing requires the handling of personal data, making use of an EDA-internal workflow in the IT application “Flowforma”.
8. Description of categories of persons whose data EDA processes and list of data categories

Data subjects concerned are all EDA internal. The following personal data is processed through a workflow in the Flowforma application:

  • Full name (ticket holder)
  • Assign to (staff member)
  • Scan of face side of transport card (incl. photo and identification data of the staff member submitting the request)
  • Proof of purchase showing the staff member's name, the price paid, the type of pass and its period of validity, and the provider
9. Time limit for keeping the data
The data stored in Flowforma are kept for a maximum period of 5 years. Staff members are required to keep all original supporting documents for a period of 5 years and provide them to the EDA HR Unit upon request in case of an audit. A final report, containing anonymised data only, may be kept for an unlimited time. EDA may retain anonymous data for statistical purposes. EDA pays particular attention to preserve anonymity of personal data for these purposes, especially to all the measures necessary to avoid indirect identification.
10. Recipients of the data

The following limited personal data to distinguish workflows can be seen by staff members connecting to Flowforma:

  • Full name of ticket holder requesting reimbursement
  • Full name of staff member processing the request All other personal data (namely supporting documents, financial details, scan of transport card and proof of purchase etc) is only visible to the authorised actors involved in the specific workflow:
  • EDA staff member entering request for reimbursement (only access to own file);
  • Authorized HR staff in charge of validating requests;
  • Finance Unit team in charge of payments;
  • The IT team in charge of the maintenance of the web application;
  • Others on a need-to-know basis (e.g. Internal Auditor, DPO, Legal Office).
11. Are there any transfers of personal data to third countries or international organisations? If so, to which ones and with which safeguards?
12. General description of security measures, where possible.
Data is stored electronically in the Flowforma application. EDA has implemented appropriate technical and organisational measures (firewalls, checkpoints, antivirus) to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected. Such measures have been taken in particular to prevent any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and to prevent all others unlawful forms of processing.
13. For more information, including how to exercise your rights to access, rectification, object and data portability (where applicable), see the privacy statement
Additional information is available by following the link to privacy statement here.