PRIVACY STATEMENT FOR EVENTS FUNDED WITHIN THE SUPPORT FACILITY FOR THE IMPLEMENTATION OF THE EU-MEXICO SECTOR DIALOGUES SUPPORT FACILITY (SDSF) (PI/2018/397-678)
IDOM is committed to protecting and respecting your privacy. For the purpose of these events, IDOM collects and further processes personal data in compliance with Regulation (EC) No. 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, hereafter referred to as the "Regulation". The legal basis for any processing operations of your personal data is RECAST Regulation (EC) No 1339/2008 Article 2 Functions.
Why do we collect and process your data?
Purpose of the processing operation: The Foreign Policy Instruments Service of the European Commission requires IDOM to collect and use your personal information to ensure an adequate organisation and follow-up of the event(s) organised by European Union Delegation to Mexico under the framework of the Support Facility for the implementation of the EU-Mexico Sector Dialogues Support Facility (SDSF).
In particular, it serves the following purposes: i) General organisation and management of the event; ii) sharing with other participants or in professional communities; and iii) recordkeeping in the IDOM stakeholders' database.
Which data do we collect and process?
IDOM will only collect and process data necessary for the organisation and management of the event, such as title, name, surname, postal & e-mail addresses, phone number, company/institution, department and job title, etc. Other data such as ID/passport details will be collected and processed in some specific cases, if necessary. All participants are required to provide such information.
Live web streaming, video recording and images of the speakers and the participants, as well as photographs of groups of participants and organisers may be taken and published in the context of the event. Participants that do not wish to be part of the above recording/publishing activities are given the possibility to opt-out.
The participant can also choose not to share his/her personal information for recordkeeping in the IDOM stakeholders' database by sending an email to email@example.com.
How do we protect your data?
The personal data is collected and processed electronically and is stored on the servers of IDOM.
Who has access to your data and to whom is it disclosed?
Personal data is provided to IDOM, responsible for the organisation and management of the event.
Where the data owner has given consent to other uses of the data (see Section 2 and 3 above), the data may be made available to other staff of the project, IDOM or the European Union.
Without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection task in accordance with European Union and national law, certain personal data may be disclosed on a need to know basis to IDOM Legal Advisor, European Court of Justice or National Judicial Authority, OLAF, European Ombudsman, European Data Protection Supervisor, European Court of Auditors and the Internal Audit Service.
How long do we keep your data?
All personal data will be kept for 5 years after the end of the Framework Contract for audit purposes.
IDOM keeps aggregated data of participation in events, which is not connected in any means to individual participants, for statistical reasons.
Right of access, rectification, blocking, erasure
Data owner has the right to request to access, rectify, block or erase personal data. Requests shall
be addressed in writing to firstname.lastname@example.org. All justified and legitimate requests will be carried out within one month of their reception.
If you have any queries concerning the processing of your personal data, you may address them to email@example.com.
Right of recourse
Data owner can at any time have recourse to IDOM or to the European Data Protection Supervisor (https://edps.europa.eu) if they consider that their rights under Regulation 45/2001 have been infringed as a result of the processing of their personal data.