Introduction

This privacy statement explains the reason for  the processing, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you may exercise in relation to your data (the right to access, rectify, block etc.).

The European institutions are committed to protecting and respecting your privacy. As this service/application collects and further processes personal data, Regulation (EU) 2018/1725, of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, is applicable.

This privacy statement concerns personal data processing activities undertaken by Directorate – General for Economic and Financial Affairs (DG ECFIN), hereinafter referred as the operating DG.

This privacy statement concerns the subscription and mail alert management for external and internal communication (mailing lists for e-service) undertaken by the operating DG.

Why do we process your data?

Purpose of the processing operation: the operating DG (referred to hereafter as Data Controller) collects and uses your personal information for the purposes of subscription and management of the publication mail alerts for external and internal communication (mailing lists for e-service), in particular to dispatch the mail alerts on newly published works in the area of its activity.

Lawfulness of the processing operation: 

The processing operations on personal data for the subscription, distribution and management of internal and external newsletters are necessary and lawful under the Article 5(a) and (d) and recital 22 of Regulation (EU) 2018/1725:

Article 5 (a):  processing is necessary for the performance of a task carried out in the public interest on the basis of the Treaties establishing the European Communities or other legal instruments adopted on the basis thereof.

Article 5 (d): the data subject has unambiguously given his or her consent.

Recital 22: Processing of personal data for the performance of tasks carried out in the public interest by the Union institutions and bodies includes the processing of personal data necessary for the management and functioning of those institutions and bodies.

No restrictions under Article 25 of Regulation (EU) 2018/1725 apply.

Which data do we collect and process?

Only data necessary to ensure the delivery of the service to the subscriber (subscriber's email address), as the mail alerts are sent by e-mail.

The optional personal data such as title, first name, last name, country of residence and sector of activity, etc. is useful to the Commission for statistical purposes and for better targeting the content of the newsletters.

How long do we keep your data?

All personal data will remain stored in the Newsroom application until the user decides to remove his/her account. Users can remove their account or modify their subscriptions by accessing their user profile, which is accessible via the link at the end of each newsletter issue.

The Newsroom keeps only the current state of data. No history is saved. Each change of your subscription erases instantly previous data; this includes also cancelling subscriptions.

All personal data will be deleted five years after the last interaction of the subject with the Commission Services.

How do we protect your data?

All data in electronic format (e-mails, documents, uploaded batches of data etc.) are stored on the servers of the European Commission;  the operations of which abide by the European Commission’s security decision of 16 August 2006 [C(2006) 3602] concerning the security of information systems used by the European Commission;

Who has access to your data and to whom is it disclosed?

Authorised staff of DG ECFIN, Unit A4, carrying out the processing of the subscription request, and dealing with the email alerts, the storage and dispatching of publication email alerts and related technical issues, have access to the data without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection task in accordance with Union legislation.

Newsroom users with administrator rights in the European Commission will also have access to the data.

What are your rights and how can you exercise them?

You can access, modify or delete your personal information in the "Portal Account" which is accessible via the link at the end of each email alert or by simply sending an e-mail to the address indicated in the email alert.

At any given moment if you no longer want to be contacted you can unsubscribe directly from within the ECFIN publication email alert.

According to Regulation (EU) 2018/1725, you are entitled to access your personal data and rectify, block or delete it in case the data is inaccurate or incomplete. You can exercise your rights by using the contact information below, or in case of conflict the Data Protection Officer and if necessary the European Data Protection Supervisor using the contact information given here below.

Contact information

If you have comments or questions or if you wish to exercise your rights please contact ECFIN A4:

Recourse: Complaints, in case of conflict, can be addressed to the European Data Protection Supervisorvia edps@edps.europa.eu.

You can also contact the Data Protection Officer (DPO) of the Commission: DATA-PROTECTION-OFFICER@ec.europa.eu