Protection of your personal data

Introduction

One of your rights under EU law is that you must be informed when your personal data - also known as personal information - is processed (collected, used, stored) by any organisation including one of the EU institutions. You also have the right to know the details and purpose of that processing.

On these pages you will find information about the processing of personal data in the context of the organisation and follow-up of meetings, workshops, and other similar events undertaken by the Directorate-General for Research and Innovation (‘DG R&I’) as Data Controller. Read more...

Why and how do we process your personal data?

Purpose of the processing operation: DG R&I (also referred to hereafter as Data Controller) collects and uses your personal information to ensure an adequate organisation and follow-up of the meetings/events organised by it.

Lawfulness of the processing operation:
The Data Controller is committed to protect your personal data and to respect your privacy. We may collect your personal data only to the extent necessary for organisational and security purposes, to provide you with information about the EU-LAC Innovation Cooperation Conference 2019 (before, during and after) and process your application to participate. Where necessary, we may also share your information with service providers for the purposes of organising the conference and associated events.

The following personal data will be collected and processed:

• Contact details (title, first name, last name, city, country, e-mail, phone number, name of organisation, nationality, passport or identity card number, expiry date);
• Financial information such as payment card number or bank account, necessary to pay the fees of the conference or for possible refunds [if any];
• Dietary requests;
• Photographs, video recordings of speakers and participants;
• For speakers only: in the conference website and in the conference digital and paper materials your name, picture, short CV and presentation(s) (if provided voluntarily by you).

Live web streaming, video recording and images of the speakers and the participants, as well as photographs of groups of participants and organisers may be taken and published in the context of the meeting.

Your consent is required for:
• Conference attendee list containing your name and affiliation which will be shared among participants;
• Live web streaming, or video recording or images of the speakers and the participants, taken and published in the context of the event;
• (For speakers only) Publication of your name, picture, short CV provided by you in the conference digital and paper materials.

Under certain conditions outlined in law, we may disclose your information to third parties, (such as the European Anti-Fraud Office, the Court of Auditors, or law enforcement authorities) if it is necessary and proportionate for lawful, specific purposes.

We will never divulge your personal data for direct marketing purposes.

Your personal data will not be used for an automated decision-making including profiling.

On what legal ground(s) do we process your personal data?

The processing operations on personal data linked to the organisation, management, follow-up and promotion of the meeting/conference are necessary for the management and functioning of the Commission, as mandated by the Treaties, and more specifically Articles 5, 11 and 13 TEU and Articles 15, 244-250 TFEU. The processing is necessary and lawful under Article 5(1)(a) of Regulation 2018/1725:

"Processing is necessary for the performance of a task carried out in the public interest or the exercise of official authority vested in the Union institution or body".

The processing operations linked to: distributing the attendee list among participants; invitations to future similar events organised by DG R&I or other Commission services; taking and publication of photographs; publication of name, picture, short CV of speakers, are necessary and lawful under Article 5 (1)(d) of the Regulation (EC) 2018/1725:

"the data subject has given consent to the processing of his or her personal data for one or more specific purposes"

You give us your consent via a clear affirmative act (e.g. by ticking the box on the registration form). This consent can be withdrawn at any time. For further details on how to withdraw your consent, please visit the register of the European Commission Data Protection Officer (EC DPO) and check the record of processing, under reference DPR-EC-00946.

How long do we keep your personal data?

The Data Controller only keeps your personal data for the time necessary to fulfil the purpose of collection or further processing.

For each of the categories of personal data that is processed, please find below the retention details and the record of processing reference where necessary:

• All personal data related to the organisation of the meeting will be deleted one year following the conference or at the latest after the last follow-up action, unless you have explicitly agreed that we keep your contact details in order to invite you to future similar events;
• Recordings from web-streamed meetings will be kept for 2 years before being deleted. See the Record of Processing DPR-EC-00306.1;
• Personal data shared with the Security Directorate for badges and to gain access to Commission Buildings as detailed in the Record of Processing DPR-EC-00655 (e.g. 6 months after the last visit for visitors);
• Personal data shared within DG R&I for future mailing purposes is dealt with under their record of processing on mailing lists/newsletters/communication. Further information will be available in the organising DG and data subjects should contact their communications unit for more details;
• Personal data shared with selected service providers for organisational purposes, such as caterers, travel agencies or event management organisers are contractually bound to process personal data on behalf of us, keep confidential any data they handle and protect it from unauthorised access, use and retention.

How do we protect and safeguard your personal data?

All personal data in electronic format (e-mails, documents, databases, uploaded batches of data, etc.) are stored either on the servers of the European Commission or of its contractors.

All processing operations are carried out pursuant to the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission.

The Commission’s contractors are bound by a specific contractual clause for any processing operations of your data on behalf of the Commission, and by the confidentiality obligations deriving from the transposition of the General Data Protection Regulation in the EU Member States (‘GDPR’ Regulation (EU) 2016/679).

In order to protect your personal data, the Commission has put in place a number of technical and organisational measures in place. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to the personal data solely to authorised persons with a legitimate need to know for the purposes of this processing operation.

Who has access to your personal data and to whom is it disclosed?

Access to your personal data is provided to the Commission staff responsible for carrying out this processing operation and to authorised staff according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements.

Where necessary, we may also share your information with service providers for the purposes of organising the conference and associated events.

The following data might be published by the Data Controller:

• The names, photos and short CVs of the speakers who have agreed so may be published on the conference website, as well as in the conference paper materials;
• Live web streaming, or video recording or images of the speakers and the participants who have agreed could be taken and published in the context of the meeting.

If you have given your consent for this, your personal data will be part of a list of contact details shared internally within the Commission services for the purpose of contacting you in the future for similar events in the context of your activities.

Cookies

Cookies are short text files stored on a user’s device (such as a computer, tablet or phone) by a website. Cookies are used for the technical functioning of a website or for gathering statistics.

Cookies are also typically used to provide a more personalised experience for a user, for example, when an online service remembers your user profile without you having to login.

When you visit this website, we may collect some data on your browser experience such as your IP address, the page you visited, when you visited and the website page you were redirected from. This information is used to gather aggregated, anonymous statistics with a view to improving our services and enhancing your user experience.

When you visit this website, we will keep the browser history of your visit for a maximum of 12 months. This information will then be deleted. The collection, aggregation and anonymising operations are performed in the data centre of the European Commission under adequate security measures.

Should you wish to opt your data out of our anonymised, aggregated statistics, you can do so on our cookies page.

Visit our cookies page for more information about the types of cookies this website uses.

Social Media

We use social media to inform about and promote the "EU-LAC Innovation Cooperation Conference 2019" through widely used and contemporary channels.

For instance, you can watch videos, which we upload to the Data Controller's YouTube page and follow links from our website to Twitter, Instagram and LinkedIn.

Cookies are not set by our display of Twitter, Instagram, YouTube and LinkedIn buttons to connect to those services when our website pages are loaded on your computer (or other devices).

You can watch videos related to the conference on our website. These will be played using YouTube player.

In the event that you click “play” on a video to watch it, a YouTube cookie will be installed on your computer or device. If you do not click on any videos at all, no cookie will be installed.

The use of social media does not in any way imply endorsement of them or their privacy policies. In the event that one or more social media are occasionally unavailable we accept no responsibility for lack of service due to their downtime.

We recommend that users read the Twitter, Instagram, LinkedIn and YouTube privacy policies. These explain each company’s policy of data collection and processing, their use of data, users' rights and the ways in which users can protect their privacy when using these services.

What are your rights and how can you exercise them?

You have the right of access to the personal data we hold regarding you, and to rectify them, if necessary.

If you would like to exercise your rights under Regulation (EU) 2018/1725, or if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller: RTD-INCOSERVICEFACILITY@ec.europa.eu.

You may contact the Data Protection Officer (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.

Contact information

If you have comments or questions, any concerns or a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller using the following contact information:

The service concerned of the Data Controller:
• DG Research and Innovation, Unit H.1
• +32 229-54167;
• RTD-INCOSERVICEFACILITY@ec.europa.eu.

You may contact the Data Protection Officer (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.

Important: By ticking this check box, you give consent to the processing of your personal data.