Skip to main content

Specific Privacy Statement – European Youth Portal

 

PROTECTION OF YOUR PERSONAL DATA
This privacy statement provides information about 
the processing and the protection of your personal data.

 

Processing operation: Specific Privacy Statement – European Youth Portal (EYP)

Data Controller: DG.EAC.B3 – Directorate-General for Education, Youth, Sport and Culture (DG EAC)/ Directorate B – Youth, Education and Erasmus+/ Unit B.3 – Youth and Volunteer Solidarity

Record reference: DPR-EC-00371.3

 

1.    INTRODUCTION

The European Commission (hereafter ‘the Commission’) is committed to protect your personal data and to respect your privacy. The Commission collects and further processes personal data pursuant to Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data (repealing Regulation (EC) No 45/2001).

This privacy statement explains the reason for the processing of your personal data, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you have in relation to your personal data. It also specifies the contact details of the responsible Data Controller with whom you may exercise your rights, the Data Protection Officer and the European Data Protection Supervisor.

The information in relation to processing operation DPR-EC-00371.3, regarding the European Youth Portal (EYP) and its associated online services such as websites and mobile phone applications, undertaken by the Directorate-General for Education, Youth, Sport and Culture (DG EAC)/ Directorate B – Youth, Education and Erasmus+/ Unit B.3 – Youth and Volunteer Solidarity (DG.EAC.B.3), is presented below.

 

2.    WHY AND HOW DO WE PROCESS YOUR PERSONAL DATA?

Purpose of the processing operation: DG.EAC.B.3 collects and uses personal data to provide information and opportunities to young people across the wider Europe around the themes of the EU Youth Programmes.

The purposes of the data collection are:

  • Information provision

    • Provide contact information (in the form of first names and family names and / or email addresses of people associated with articles, events or news items) to members of the public.

    • Enable authorised users to be registered on the EYP as authors / editors, and to provide technical assistance when necessary.

  • Ask a question form

    • Enable individuals to ask a question via the EYP and to receive a reply from Eurodesk Brussels Link, the Eurodesk network and/or EYP administrators.

  • European Solidarity Corps

    • Enable young people to register to participate in the Corps by providing their basic personal information and contact details. Also enable Corps registrants to voluntarily provide additional contact information, details of their preferences for the types of activities they would be interested in, and the skills and experience they can bring to activities, a summary of their education and employment and any previous volunteering experience.

    • Enable Corps registrants to receive emails, newsletters and other notifications related to the Corps and other European Commission / non-European Commission initiatives targeting youth, as well as surveys and other methods of gathering feedback from registrants. It is possible for Corps registrants to define which communications they wish to receive.

    • Enable the Corps to provide training opportunities to Corps registrants.

    • Enable Corps registrants to provide feedback on services and processes.

    • Enable Corps participants to record their non-formal learning outcomes in the external “Youthpass” tool.

    • Enable Corps registrants to communicate with each other through the community building features of the Corps mobile app. This includes the ability to post user generated content related to their Corps experiences, as well as view and make comments on the posts of other registrants, share their own posts on social media, search/apply for activities, take part in contests and use the one-to-one chat feature. They may also report posts related to themselves to the Corps administrators. These posts must comply with the Terms and Conditions of use of the European Youth Portal, available online. They may also upload an avatar to their profile and indicate their current location.

    • Enable authorised representatives of organisations authorised to run Corps activities to maintain profiles of their organisations, including first names and family names and / or email addresses of people associated with the organisations and their Corps activities.

    • Enable authorised representatives of organisations authorised to run Corps activities to search the database of Corps registrants in order to find potential volunteers for Corps activities, by matching details of the proposed activity against the personal data and preferences provided by Corps registrants.

    • Enable these authorised representatives to contact selected candidates, if these registered candidates agree to be contacted by the organisation.

    • Enable these authorised representatives to offer specific activities to Corps registered candidates and manage the offers that have been made.

    • Enable Corps administrators to manage the database of Corps registrants and provide assistance to Corps registrants.

    • Enable National Agencies responsible for the implementation of Erasmus+ and the European Solidarity Corps to carry out the checks, audits and evaluations of projects receiving EU support in which the registrants are involved and to provide assistance to authorised representatives of organisations through access to the Corps database.

    • Enable Corps administrators to manage Corps activities and the Corps searching / matching processes and provide assistance to authorised representatives of organisations authorised to run Corps activities.

    • Enable Corps administrators and other trusted parties to send information and notifications about the Corps and other related activities to Corps registrants and the authorised representatives of organisations.

    • Enable Corps administrators to analyse data on registrants and to analyse feedback received from them.

    • Enable Corps administrators to review posts and comments submitted or reported by registrants, and take necessary action if these do not comply with the Terms and Conditions of use of the European Youth Portal.

    • Enable EU Delegations to be informed about Corps participants deployed in the countries where these Delegations are located.

  • Database of organisations and opportunities

    • Provide contact information (in the form of first names and family names and / or email addresses of people associated to European Solidarity Corps organisations holding a Quality Label) to members of the public.

    • Enable European Solidarity Corps organisations holding a Quality Label to manage the published contact details of their organisations.

    • Enable European Solidarity Corps organisations holding a Quality Label to advertise their opportunities to potential candidates and enable young people to contact these organisations.

    • Enable EYP administrators to provide technical assistance to organisations.

  • DiscoverEU

    • Enable young people to apply for the initiative by providing their basic personal information, contact details, as well as additional information related to travelling (cf. Section "What personal data do we collect in the EYP?").

    • Enable applicants to receive emails and other notifications related to DiscoverEU and other European Commission / non-European Commission initiatives targeting youth, as well as surveys and other methods of gathering feedback from applicants, to receive further communication, campaign materials, event invitations related to EC/non-EC initiatives, only after applicants provide their respective explicit consent for the European Commission and its authorised contractors to contact them.

    • Enable DiscoverEU administrators and the authorised contractor to contact selected and reserve list applicants by e-mail or by phone.

    • Enable National Agencies responsible for the implementation of Erasmus+ to contact selected applicants and applicants on the reserve list by email or by phone for the purpose of sending event invites.

    • Enable print, TV or radio media outlets selected by the European Commission to contact selected applicants, only after selected applicants provide their explicit consent to be contacted.

    • Enable the authorised contractor to offer a travel pass to each selected applicant.

    • Enable DiscoverEU administrators to have access to the online stored data of applicants and proceed with the selection of applicants as well as provide assistance to DiscoverEU applicants (2nd level of support). First level of support will be done by the Eurodesks.

    • Enable DiscoverEU administrators to analyse data of applicants and to analyse feedback received from applicants.

    • Enable the authorised contractor to offer a European Youth Card (EYCA) to each non-selected applicant (based on their consent).

Common considerations:

For some of the abovementioned features, the European Youth Portal and its sub-portals host, from time to time, competitions, which may necessitate the submission of personal data. Participation in such competitions is entirely optional; prospective participants are informed about any personal data implications ahead of submission.

To access some functionalities, users may be asked to login and authenticate before they can use these features. To do so, the EYP may use the European Commission's Identity Management System (IMS), through the EU Login system. That system has its own Privacy Statement.

The European Commission and the organisations responsible for the implementation of the European Youth Portal features will not process the collected personal data for any other purpose than those described above.

Your personal data will not be used for an automated decision-making including profiling.

 

The main legal bases for the processing of personal data for the European Youth Portal features are Regulation (EU) 2021/888 establishing the European Solidarity Corps programme and repealing Regulations (EU) 2018/1475 and (EU) No 375/2014, Regulation (EU) 2021/817 establishing the Erasmus+ programme and repealing Regulation (EU) No 1288/2013, and the European Commission Decision on the 2018, 2019 and 2020 annual work programmes for the preparatory action “DiscoverEU: Free travel passes for Europeans turning 18”.

We process your personal data, because: 

(a) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

(b) processing is necessary for compliance with a legal obligation to which the controller is subject;

(d) the data subject has given consent to the processing of his or her personal data for one or more specific purposes.

The following processing activities are based on participants' explicit consent: 

  • Use participants' contact details (email addresses) to enable them to receive emails and other notifications related to DiscoverEU and other European Commission / non-European Commission initiatives targeting youth, as well as surveys and other methods of gathering feedback from applicants, to receive further communication, campaign materials, event invitations related to EC/non-EC initiatives, only after applicants provide their respective explicit consent for the European Commission and its authorised contractors to contact them.

  • Enable print, TV or radio media outlets selected by the European Commission to contact selected applicants, after these applicants give their explicit consent to be contacted.

  • Process participants' personal data to enable the authorised contractor to offer a European Youth Card (EYCA) to each non-selected applicant (based on their consent).

  • Provide information for articles, news, events and stories. These are entered and maintained manually by Eurodesk Brussels Link and the network of national Eurodesk organisations. Display and publication of personal data in these articles, news, events and stories are subject to the explicit consent of those concerned.

  • Allow Corps registrants/participants to follow contests via the app. The European Solidarity Corps mobile phone application mirrors some of the features of the EYP. This privacy statement covers therefore also the app. As soon as registrants/participants participate in the contest, their consent will be actively requested in the app.

Consent on having personal data processed for the purposes identified above is given by data subjects the moment they register in the Corps or apply to DiscoverEU by ticking a box, which is not ticked by default. Regarding content published on the European Youth Portal, consent is given using consent forms, which are signed before content is published.

 

4.    WHICH PERSONAL DATA DO WE COLLECT AND FURTHER PROCESS? 

In order to carry out this processing operation DG.EAC.B.3 collects the following categories of personal data:

  • Information provision

    • Individual members of the public linked to an article, event or news item: first name, family name, email address.

    • Staff from Eurodesk Brussels Link or from the network of national Eurodesk organisations: first name, family name, email address, country.

  • Ask a question form

    • Individual members of the public who decide to ask a question via the specific form need to provide their first name and email address.

  • European Solidarity Corps

    • Individual members of the public who decide to join the Corps must provide the following basic information: first name, family name, date of birth, gender, country of legal residence, nationality, email address, preferred contact language, types of Corps activities they are interested in, prior knowledge and experience, and an indication that they accept the Mission and Principles of the Corps.

    • After the initial registration process to join the Corps, they can voluntarily provide additional information about themselves: postal address, telephone numbers, summary of education and employment, details of previous volunteering experiences, language skills, availability for Corps activities, motivation to volunteer on a Corps activity, motivation to participate in a Corps activity, desired countries where to volunteer, desired occupations, any additional information the user wishes to provide, willingness to receive emails, newsletters, notifications and  other communications from the Corps. When applying to an opportunity advertised by organisations, they may also provide additional information that organisations may be asking for.

    • They may also upload a personal CV in the form of a document, with the understanding that all of the information contained within the CV, including contact details and any other personal data, will be made available to the representatives of organisations authorised to run Corps activities, who may use it as part of their processes to select registrants for their activities.

    • Via the Corps mobile app, they may also post user generated content related to their Corps experience and submit comments on posts made by other registrants. These posts must comply with the Terms and Conditions of use of the European Youth Portal.

    • They can also upload an avatar to their profile on the Corps mobile app, indicate their current location and search and apply for activities.

    • By using the Corps mobile app, additional data linked to the user’s identifiers (user ID, device ID), usage (product interaction: app launches and viewed pages as well as other usage data: device and browser type) and diagnostics (crash data) are collected.

    • The European Solidarity Corps will serve as a platform in order to facilitate organisations and individuals to come together and there will be no evaluation conducted by DG EAC of personal aspects of the data subject.

    • Authorised representatives of organisations authorised to run Corps activities: first name, family name, username, email address, organisation(s) the person is entitled to administer, acceptance of the Mission and Principles of the Corps.

  • Database of organisations and opportunities

    • Individual members of the public linked to European Solidarity Corps organisations holding a Quality Label: first name, family name, email address.

    • Organisation Managers: first name, family name, username, email address, organisation(s) the person is entitled to administer.

  • DiscoverEU

    • Individual members or group leaders, who decide to apply must provide the following basic information: first name, family name, date of birth, gender, country of legal residence, nationality, email address, ID or passport number, telephone number, occupation. Applicants must also answer a set of questions related to travelling such as their desired time period of travelling, if it is the first time they are travelling to another EU country, if it is the first time they are travelling without their parents/caregivers, what they would like to learn from this experience, what activities they would like to do during their trip, how they would finance their costs, and how did they find out about the initiative.

    • In case of a group application, the leader of the group must provide the same information, after which a code will be generated and used by the other members of the group to fill in their personal data.

    • The email address and telephone number of the selected applicants can be shared with media outlets selected by the European Commission following the explicit agreement from the applicants to be contacted by media outlets as well as with the European Commission Representations and the European Commission's Spokesperson Service (SPP). Once the applicants agree to provide their emails to the media outlets, they need to be aware that they are subject to the respective privacy statement of the specific media outlet in charge.

    • The European Commission may share selected DiscoverEU applicants’ personal data (specifically first name, family name, email address, telephone number, date of birth, country) with its authorised contractor in charge of communication activities such as for the purpose of sending event invites or booking a travel ticket to attend an event.

    • The European Commission may share selected and on the reserve list DiscoverEU applicant’s personal data (specifically first name, family name, email address, telephone number, date of birth, country) with the Erasmus+ National Agencies for the purpose of sending event invites.

    • The European Commission may share non-selected DiscoverEU applicants personal data (specifically name, email address, telephone number, date of birth, country) with the contractor so they can be granted the EYCA card

The provision of personal data is mandatory only to meet the requirements to participate in the programmes DiscoverEU and European Solidarity Corps. If you do not provide your personal data, you will not be allowed to participate in the programmes.

 
5.    HOW LONG DO WE KEEP YOUR PERSONAL DATA?

DG.EAC.B.3 only keeps your personal data for the time necessary to fulfil the purpose of collection or further processing.

Personal data included in articles, news, stories and events will be archived, along with the original content item, within two years of the item passing its unpublished date. 

Personal data contained within user accounts created for editors and authors held in the European Youth Portal will be archived two years after the last time the users logged in to the EYP using these accounts.

Personal data contained within user accounts of the European Solidarity Corps will be deleted three years after they reach the upper age limit of eligibility for participation in the Corps, unless the user has agreed to join any alumni scheme that may be in place at that time, has expressed via email an interest in keeping the user account or has benefited from EU funding through participating in the programme in which case the data is kept for 5 years from the last financial transaction according to the common retention list.

Personal data contained within non-selected user applications for DiscoverEU will be deleted two years after they submitted their application, unless they have expressed interest in being informed about / involved in other EYP services in which case the data is kept for maximum five years. After that time, their personal data will be anonymised and only be kept for statistical purpose. 

Personal data contained within selected user applications for DiscoverEU will be deleted five years from the travel booking date according to the common retention list, unless the user has expressed his interest to withdraw from the ‘selected user’ status and has not benefited from EU funding through the initiative, in which case the data is kept for maximum two years.

 
6.    HOW DO WE PROTECT AND SAFEGUARD YOUR PERSONAL DATA?

All personal data in electronic format (e-mails, documents, databases, uploaded batches of data, etc.) are stored either on the servers of the European Commission. All processing operations are carried out pursuant to the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission.

The Commission’s contractors are bound by a specific contractual clause for any processing operations of your data on behalf of the Commission, and by the confidentiality obligations deriving from the General Data Protection Regulation (‘GDPR’ Regulation (EU) 2016/679).

European Solidarity Corps:

By accepting this Specific Privacy Statement, an organisation authorised to run Corps activities agrees to use the European Solidarity Corps IT systems solely to search for Corps registrants for activities, as well as to contact and make offers of an activity to Corps registrants. These activities may be of their own undertaking, or the undertaking of another organisation which the authorised organisation is officially representing.

Specifically, the authorised organisation undertakes to adopt technical and operational security measures relevant to the risk inherent in their processing of the personal data of registrants, in order to:

  • prevent any unauthorised person from gaining access to computer systems processing personal data, and especially

    • unauthorised reading, copying, alteration or removal of storage media;

    • unauthorised data input as well as any unauthorised disclosure, alteration or erasure of stored personal data;

    • unauthorised persons from using data-processing systems by means of data transmission facilities;

  • ensure that authorised users of a data-processing system can access only the personal data to which their access right refers;

  • record which personal data have been communicated, when and to whom;

  • ensure that personal data is being process in accordance with the data protection provisions laid down in national legislation;

  • ensure that, during communication of personal data and transport of storage media, the data cannot be read, copied or erased without authorisation;

  • design its organisational structure in such a way that it meets data protection requirements.
    In order to protect your personal data, the Commission has put in place a number of technical and organisational measures in place. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to the personal data solely to authorised persons with a legitimate need to know for the purposes of this processing operation.

 
7.    WHO HAS ACCESS TO YOUR PERSONAL DATA AND TO WHOM IS IT DISCLOSED?

Access to your personal data is provided to the Commission staff responsible for carrying out this processing operation and to authorised staff according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements.

  • Information provision

    • The general public will see the relevant personal contact details of any people added by authorised EYP editors to articles, news items or events, for instance the public contact person for an event or a news item.

    • These details are also accessible by Eurodesk staff at Eurodesk Brussels Link and the network of national Eurodesk organisations.

    • EYP administrators also have access to this information.

  • Ask a question form

    • The contact details will be accessible to Eurodesk Brussels Link, the network of national Eurodesk organisations and EYP administrators.

  • European Solidarity Corps

    • The general public will see the personal contact details of representatives of organisations authorised to run Corps activities, if the organisation itself adds this information to its Corps profile published on the Corps webpages.

    • The general public will also see the user generated content and comments posted and shared by Corps registrants about their Corps experience, along with their avatar and location, if these have been specified.

    • Corps registrants can view and maintain their personal data by logging into their European Solidarity Corps account. They are responsible for the quality of their own data and have the right to delete their account at any time.

    • Via the Corps mobile app, Corps registrants can also view, share, edit and delete the posts they submit about their Corps experience. They may also view and comment upon the posts submitted by other registrants, and report posts to the Corps administrators if they feel they break the Terms and Conditions of use. Corps registrants can also upload, amend or delete their profile avatar and location on the Corps mobile app.

    • Personal data of Corps registrants are accessible to the authorised representatives of organisations authorised to run Corps

    • Personal data of Corps registrants are accessible to the National Agencies responsible for the implementation of Erasmus+ and the European Solidarity Corps to provide assistance to authorised representatives of organisations, as well as for the purpose of carrying out the checks, audits and evaluations of projects receiving EU support in which the registrants are involved.

    • Personal data of Corps registrants are also accessible to Corps administrators and the administrators of the different EU programmes through which authorised organisations provide European Solidarity Corps activities.

    • Personal data can be shared with other European Commission services that might have an interest in contacting the registrants.

    • Personal data of the selected candidates can be shared with print, TV or radio media outlets selected by the European Commission following explicit agreement of the selected applicants.

    • Limited personal data of Corps registrants (first name, last name, date of birth, country of residence, nationality, e-mail address) may be sent to other tools managed by DG EAC and accessible to authorised organisations, National Agencies and Corps administrators.

    • Limited personal data of Corps participants (first name, last name, date of birth, country of residence, nationality, e-mail address, gender) will be sent to the European Solidarity Corps contractor to manage the insurance coverage of European Solidarity Corps participants. Participants will be covered by a different insurance provider depending on the period their project takes place. The Data Protection Notice of CIGNA insurance is valid for 2018-2020 projects that are taking place under the Multiannual Financial Framework (MFF) 2014-2020 and for projects that started before 7 February 2023 under the current MFF 2021-2027. The Data Protection Notice of Henner insurance is valid for projects taking place under the current MFF 2021-2027 that started on 7 February 2023.

    • Limited personal data of Corps participants (first name, last name, date of birth, email address, country of residence) will be sent to the external tool “Youthpass” to enable participants to record their non-formal learning outcomes if they wish so.

    • Limited personal data of Corps registrants/participants (first name, last name, email address, EU Login username, contact language, country of residence, city (if defined)) interested in following the General Online Training courses or the Humanitarian Aid Volunteering training will be sent to the EU Academy platform to enable registrants/participants to have access to these trainings. Corps registrants/participants will be informed about the Data Protection Notice of the General Online Training before having their data transferred from the EYP to the EU Academy platform. This platform has its own Privacy Statement available on its webpage. Moreover, European Solidarity Corps registrants having expressed their interest in Humanitarian Aid Volunteering will have the possibility to follow a specific training on the EU Academy platform, accessible through their Corps profile. Registrants will be informed about the Data Protection Notice of this Humanitarian Aid Training before having their data transferred from the EYP to the EU Academy platform.

    • The user generated content and comments posted by Corps registrants about their Corps experience are also accessible to Corps administrators.

    • Limited personal data of Corps participants (first name, last name, gender, email address, nationality, country of residence) may be sent to the EU Delegations to keep them informed about who is deployed in the countries where these Delegations are located.

  • Database of organisations and opportunities

    • Personal contact details of people linked to European Solidarity Corps organisations holding a Quality Label, being the opportunities viewable by the general public.

    • The authorised representatives of European Solidarity Corps organisations holding a Quality Label can access the personal contact details of people linked to these particular organisations and their projects.

  • DiscoverEU

    • The applicant is responsible for the quality of his/her own data.

    • Personal data of applicants are accessible to DiscoverEU administrators.

    • Personal data can be shared with other European Commission services that might have an interest in contacting the registrants.

    • Personal data of the selected applicants can be shared with print, TV or radio media outlets selected by the European Commission following explicit agreement of the selected applicants.

    • Applicants selected by the European Commission, may be contacted by e-mail or by phone by the Erasmus+ National Agencies or by the European Commission’s authorised contractor in charge of communication activities. When applicable, and if the selected applicant agrees, contractor may book a travel ticket for the selected applicant to attend an event. The contractor will choose the most competitive and suitable third party transport operators (in principal railway).

    • For the purpose of booking the travel tickets, the contractor may share with the applicants the identified travel operator and link to that third party transport operator online booking forms and to their applicable privacy statement. The applicant will need to fill out these booking forms to book tickets and check-in online. Note that such transport operator third parties do not operate under the European Commission’s or the European Commission’s authorised contractor’s control and those third parties privacy practices may differ from this privacy statement. Neither the European Commission nor the authorised contractor is responsible for these third parties’ privacy practices or related privacy statements. Selected applicants must be and remain aware of these third parties’ privacy statements when selected applicants consent to purchases or bookings through the transport operator website or application. We encourage you to read transport third parties’ respective privacy statements for greater details regarding their respective privacy practices.

    • In order to obtain the travel pass and the ancillary services, including the travel booking, the selected participants (including people in the reserve list when used) will be informed about the DiscoverEU Data Protection Notice before having their data transferred to the authorised contractor.

    • Personal data of non-selected applicants may be transmitted to the contractor for the purpose of receiving the EYCA card.

In addition, all personal data will be accessible to:

  • Staff of the DG EAC units responsible for the implementation of services through the European Youth Portal;

  • Staff of the DG EAC Informatics (IT) unit.

  • Staff of other competent European Commission Services co-responsible for implementation of services through the European Youth Portal.

Personal data may also be disclosed, if necessary, to:

  • Staff of the Internal Audit Capacity of DG EAC

  • Staff of DG IAS

  • Staff of OLAF

The following external processors may access personal data as they are authorised by the European Commission:

  • Eurodesk Brussels Link;

  • National Eurodesk organisations;

  • European Solidarity Corps authorised organisations;

  • European Solidarity Corps insurance contractor;

  • EU Youth Dialogue National Working Groups;

  • DiscoverEU contractors and sub-contractors;

  • National Agencies for Erasmus+ and the European Solidarity Corps (including their RAY Network);

  • National Agencies' authorised sub-processors;

  • EU Delegations.

You can find the contact details of these external processors via the following link: https://youth.europa.eu/privacy/external-processors_en.  

Furthermore, DG EAC and EACEA act as joint controllers in relation to DiscoverEU because they jointly process the personal data of applicants submitting an application on the European Youth Portal in order to receive DiscoverEU travel passes.

International data transfer: 

Personal data of Corps registrants are transferred to organisations from third countries outside EU/EEA carrying the European Solidarity Corps Quality Label (programme and partner countries) but for which there is no adequacy decision (including to programme countries – Turkey, Serbia and North Macedonia). In this case, the level of protection of your personal data will depend on the law or practice of that third country. However, your rights as regards data protection might not be equivalent to those in and EU/EEA country or a country with an adequacy decision.

 

8.    WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?

You have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU) 2018/1725, in particular the right to access, your personal data and to rectify them in case your personal data are inaccurate or incomplete. Where applicable, you have the right to erase your personal data, to restrict the processing of your personal data, to object to the processing, and the right to data portability.

You have consented to provide your personal data to DG.EAC.B.3 for the present processing operation. You can withdraw your consent at any time by notifying the Data Controller. The withdrawal will not affect the lawfulness of the processing carried out before you have withdrawn the consent.

You can exercise your rights by contacting the Data Controller, or in case of conflict the Data Protection Officer. If necessary, you can also address the European Data Protection Supervisor. Their contact information is given under Heading 9 below. 

Where you wish to exercise your rights in the context of one or several specific processing operations, please provide their description (i.e. their Record reference(s) as specified under Heading 10 below) in your request.

Once ready and published, this privacy statement can be consulted on the European Youth Portal (https://youth.europa.eu/privacy_en), in the "Privacy" section in the footer. Furthermore, the privacy statement will be shared with the data subjects immediately once their e-mail address is known.

 
9.    CONTACT INFORMATION
  • The Data Controller
    If you would like to exercise your rights under Regulation (EU) 2018/1725, or if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller: Head of Unit, Youth, Volunteer Solidarity and Traineeships Office, Rue Joseph II 70, B-1049, Brussels, email: EAC-EYP@ec.europa.eu.

  • The Data Protection Officer (DPO) of the Commission
    You may contact the Data Protection Officer (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.

  • The European Data Protection Supervisor (EDPS)

You have the right to have recourse (i.e. you can lodge a complaint) to the European Data Protection Supervisor (edps@edps.europa.eu) if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data by the Data Controller.

 
10.    WHERE TO FIND MORE DETAILED INFORMATION?

The Commission Data Protection Officer (DPO) publishes the register of all processing operations on personal data by the Commission, which have been documented and notified to him. You may access the register via the following link: http://ec.europa.eu/dpo-register. 

This specific processing operation has been included in the DPO’s public register with the following Record reference: DPR-EC-00371.3.

Este conteúdo não está atualmente disponível em Português