An e-Service is made available on web pages in order to offer an online electronic registration for: the European Platform on Rare Diseases Registration and its components.
e-Services are tools on the internet websites of the Joint Research Centre (JRC) enabling a given research community (e.g. committee, working group, project group, etc.) geographically spread across Europe (and beyond) to maintain a private space on Internet where they can share information, documents, participate in discussion fora, download software, subscribe JRC publications etc.
Your personal data will be collected and further processed for the purposes detailed hereafter under point 2.This processing of personal data is under the responsibility of the Head of the Knowledge for thematic coordination Unit at the JRC.
The Unit Head of the Disease Prevention Unit – F.1 who manages the processing itself acts as personal data processor.
As this processing collects and further processes personal data, Regulation (EC) 45/2001, of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.
2. What personal information do we collect, what is the legal basis, for what purpose and through which technical means?
Web page registration forms can contain data fields of Data subjects such as:
Title, first name and last name of person, date and place of birth, position, name of organization, street name and number, postal code, city, country, e-mail address, website, phone, fax, preferred language, default language, fields of interest, information distribution format desired (e-mail or not). A username and password could also be set up at the first registration.
Legal Basis of processing:
- Regulation (EU) No 1291/2013 of the European Parliament and of the Council of 11 December 2013 establishing Horizon 2020 - the Framework Programme for Research and Innovation (2014-2020)
- Registration and participation of data subjects are provided on a purely voluntary basis.
Purpose of processing:
The purpose of the processing of personal data for the e-Services is to provide secure access and information exchange, management of databases, including management of: communications to users, reports, distribution of reports, information sharing within interest groups, etc.
The user data are collected through web forms.
3. Who has access to your information and to whom is it disclosed?
The access to all personal data is only granted through user_Id / Password to a defined population of users. These users typically are: the Unit Head acting as controller of the processing of personal data, the system administrator of the software. Regular registered and approved users by default have access to limited personal data of other users. No personal data is transmitted to parties, which are outside the recipients and the legal framework mentioned.
4. How do we protect and safeguard your information?
The collected personal data is stored on the servers of JRC and underlie the Commission Decision C (2006) 3602 of 17/08/2006 “concerning the security of information systems used by the European Commission” defines IT security measures in force. Annex I defines the security requirements of EC Information Systems. Annex II defines the different actors and their responsibilities. Annex III defines the rules applicable by users. See notification DPO-1946.
5. How can you verify, modify or delete your information?
Registered users have direct password-protected web access to their profile and are able to update it or to cancel their registration through their EU Login or to request to unsubscribe from specific interest groups and / or publications.
6. How long do we keep your data?
The time limit for storing personal data is fixed to. 4 years starting from filling in the registration form on the internet, unless the Controller launches an update of the registrations, asking the Data subjects to update or cancel the stored information including their personal data.
Registered users have password protected direct web access to their profile and can cancel their registration at any moment.
7. Contact Information.
Should you have any queries concerning the processing of your personal data, please address them to the controller.
On questions relating to the protection of personal data, you can contact:
- The Controller: email@example.com
- DG JRC Data Protection Co-ordinator: firstname.lastname@example.org
- Commission’s Data Protection Officer: email@example.com
In the event of a dispute, you can send a complaint to:
- European Data Protection Supervisor: firstname.lastname@example.org