Privacy Policy

EU4Youth DAYS 2022 – Privacy policy

  1. Introduction

The EU4Youth Days 2022 are an initiative organised by the European Commission’s Directorate-General for Neighbourhood and Enlargement Negotiations (hereafter referred to as DG NEAR) in the framework of the 2022 European Year of Youth. The cross-regional event has the objectives to showcase and reflect on current and future EU support to youth and related initiatives in NEAR regions as well as foster knowledge sharing and networking among youth work practitioners within and between NEAR regions. The EU4Youth Days 2022 are being implemented by Ernst & Young Advisory Services SCRL/CVBA (company code: BE 0467.239.793, address: De Kleetlaan 2, B-1831 Diegem, Belgium) in collaboration with PRACSIS (Place Communale d'Auderghem 8, B-1160 Brussels, Belgium).

DG NEAR is the Data Controller and Ernst & Young Advisory Services SCRL/CVBA (hereafter referred to as the EU4Youth Coordination and Support Team) acts under instructions and on behalf of the European Commission as Data Processor for the EU4Youth Days 2022.

The EU4Youth Coordination and Support Team is committed to protect your personal data and to respect your privacy. The European Commission collects and further processes personal data pursuant to Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data (repealing Regulation (EC) No 45/2001).

This privacy statement explains the reasons for the processing of your personal data by the EU4Youth Coordination and Support Team, the way we collect, handle and ensure protection of all personal data provided, how that personal data is used and what rights you have in relation to your personal data. It also specifies the contact details of the responsible Data Controller with whom you may exercise your rights, the Data Protection Officer and the European Data Protection Supervisor. This statement concerns the EU4Youth Days 2022, undertaken by DG NEAR of the European Commission in its capacity of the Data Controller, which appointed the EU4Youth Coordination and Support Team to act as the Data Processor.

The Commission’s contractors are bound by a specific contractual clause for any processing operations of your personal data on behalf of the Commission, and by the confidentiality obligations deriving from the transposition of the General Data Protection Regulation in the EU Member States (‘GDPR’ Regulation (EU) 2016/679). Data subjects have the right to have recourse (i.e. can lodge a complaint) to the European Data Protection Supervisor (edps@edps.europa.eu) if they consider that their rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of their personal data by the Data Controller.

  1. Why and how do we process your personal data?

We exclusively collect and process your personal data in order to allow your attendance to the EU4Youth Days 2022 and gather related statistics. Personal data will be collected through the registration form on this website.

  1. On what legal ground(s) do we process your personal data?

In the context of data processing, Regulation (EC) No 2018/1725 applies. The processing of your personal data is lawful under Article 5 a) and d). 

We process your personal data, because:

  • 5(a) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
  • 5(d) the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
  1. Which personal data do we collect and further process?

We collect and process the following personal data directly from you:

Personal data

Purpose

Legal basis

Retention period

First name

Fulfill the registrations and send event related information to EU4Youth Days 2022 attendees, perform participant management

Regulation (EC) No 2018/1725

12 months

Last name

Fulfill the registrations and send event related information to EU4Youth Days 2022 attendees, perform participant management

Regulation (EC) No 2018/1725

12 months

Phone number (optional)

Fulfill the registrations and send event related information to EU4Youth Days 2022 attendees, perform participant management

Regulation (EC) No 2018/1725

12 months

E-mail address

Send event related information to EU4Youth Days 2022 attendees, perform participant management

Regulation (EC) No 2018/1725

12 months

Country of residence

Perform participant management

Regulation (EC) No 2018/1725

12 months

Organisation/institution

Perform participant management

Regulation (EC) No 2018/1725

12 months

Your position/role within your institution or main occupation  

Perform participant management

Regulation (EC) No 2018/1725

12 months

Collecting and processing this personal and contact data allows us to keep track of who attended the EU4Youth Days 2022 and keep participants informed about any updates regarding the event.

  • Cookies and web analytics

When you visit our website, we collect certain personal data automatically from your device, such as:

  • The domain name you requested.
  • The name of your internet service provider (ISP) is sometimes captured depending on the configuration of your ISP connection.
  • The date and time of your visit to the website.
  • The length of your session.
  • The pages which you have accessed.
  • The number of times you access our website within any month.
  • The file URL you look at and information relating to it.
  • The website which referred you to our website.
  • The operating system which your computer uses.

We are using Google Analytics for tracking of our website traffic and the user data retention period is 26 months.

Collecting this information enables us to better understand the visitors who come to our site, where they come from and what content on our site is of interest to them. We use this information for our internal analytics purposes, and to improve the quality and relevance of our site for future events. Information will be collected using cookies and similar tracking technology, as explained further in our Cookie Policy.

You also have choices about cookies, as described in our Cookie Policy. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies you may not be able to access all or parts of our website.

  1. How long do we keep your personal data?

We will keep your personal data for 12 months after the EU4Youth Days 2022 unless the data subject specifically requests the deletion of the personal data.

If you no longer want us to use your personal data or to provide you with any services, you can request that we erase your personal data by sending a request to eu4youth@be.ey.com. Please note that we are not always obliged to delete your personal data at your request – this right only applies in the cases and to the extent provided for by law.

  1. Who has access to your personal data and to whom is it disclosed?

Your personal data can be accessed by the Data Controller and the Data Processor. Under the authority of the Data Processor, the data can also be accessed by PRACSIS[1]. PRACSIS, a Brussels-based communications and public relations agency, operates as a subcontractor hired by the Data Processor for the purpose of the implementation of the EU4Youth Days 2022. We have taken the necessary technical and organisational measures to ensure compliance with data protection provisions and also require external service providers to do so. We have concluded a data processing agreement with PRACSIS, which contains the necessary guarantees with regard to the confidentiality and observance of privacy of your personal data.

  1. How do we protect and safeguard your personal data?

Your personal data are stored in a database at PRACSIS. All processing operations are carried out pursuant to the Commission Decision 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission. The Commission’s contractors are bound by a specific contractual clause for any processing operations of your data on behalf of the Commission, and by the confidentiality obligations deriving from the transposition of the General Data Protection Regulation in the EU Member States (‘GDPR’ Regulation (EU) 2016/679).

We are committed to making sure your personal data is secure. To prevent unauthorized access or disclosure, the Data Processor and its subcontractor have technical and organisational measures to safeguard and secure your personal data. All personnel and third parties engaged to process your personal data are obliged to respect your data’s confidentiality. Your personal data are not transferred outside the EEA.

Unauthorized access to personal data has been ensured through the implementation of a restricted access policy, limiting access to the database containing personal data to accredited persons based on necessity for the execution of their tasks.

We are committed to ensuring that your information is secure. To prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. 

  1. What are your rights and how can you exercise them?

You have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU) 2018/1725, in particular the right to access your personal data and to rectify them in case your personal data are inaccurate or incomplete.

Where applicable, you have the right to erase your personal data, to restrict the processing of your personal data, to object to the processing, and the right to data portability.

You have the right to object to the processing of your personal data, which is lawfully carried out pursuant to Article 5(1)(a) on grounds relating to your particular situation.

Where you have consented to provide your personal data to DG NEAR or directly to the EU4Youth Coordination and Support Team for the organisation of the EU4Youth Days 2022, you can withdraw your consent at any time by notifying the Data Controller. The withdrawal will not affect the lawfulness of the processing carried out before you have withdrawn the consent.

Data Subjects can request modification, correction or deletion of their personal data stored by the EU4Youth Coordination and Support Team by sending an e-mail to eu4youth@be.ey.com.

If you believe your data protection rights have been infringed by the EU institution you can lodge a complaint with the European Data Protection Supervising Authority (edps@edps.europa.eu).

  1. Contact information

If you have comments or questions, any concerns or complaints regarding the collection and use of your personal data, please feel free to contact us (the EU4Youth Coordination and Support Team), the Data Controller or the Data Protection Officer (DPO). If necessary, you can also address the European Data Protection Supervisor. Their contact information is given below:

The EU4Youth Coordination and Support Team

Functional mailbox: eu4youth@be.ey.com

The Data Controller:

European Commission, Directorate-General NEAR

Functional mailbox: NEAR-A2@ec.europa.eu

The European Data Protection Officer:

You may contact the Data Protection Officer with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725:
DATA-PROTECTIONOFFICER@ec.europa.eu

 

[1] PRACSIS - Communications and Public Relations Agency