- PRIVACY STATEMENT
Privacy statement for ECB activities with Civil Society Organisations (CSOs)
What is our legal framework?
All personal data are processed in accordance with EU Data Protection Law, that is to say in line with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).
Why do we process personal data?
Personal data are processed for the following two purposes:
- Invitation and registration management
All personal data are collected and processed for the purposes of participant invitation and registration management in the context of European Central Bank (ECB) activities with Civil Society Organisations (CSOs), such as events, seminars, surveys etc, and related organisational matters, including contacting and providing participants with information related to such activities (before, during and after), preparing entry badges for the venue and registration on virtual event platforms.
- Use in public communications in the context of promoting and reporting on ECB activities for CSOs
The names of registered participants and affiliated institution may be published on the ECB’s website, any associated digital event apps and on the ECB’s social media channels (Instagram, YouTube, Twitter and LinkedIn).
By joining an activity, participants consent to having their photo taken and appearing in video and audio recordings, and to the publication of resulting media files by the ECB on its website and official social media channels (Instagram, YouTube, Twitter Flickr and LinkedIn).
The use of social media by the ECB does not in any way imply endorsement of individual social media sites or their privacy policies. The ECB recommends that users read the Instagram, YouTube, Twitter and LinkedIn privacy policies, which explain each company’s policy of data collection and processing, their use of data, user rights and the ways in which users can protect their privacy when using these services.
In the event that a participant does not consent or withdraws their consent, prior notification thereof to the ECB Directorate General Communications – Public Communication Division – Campaigns and Civil Society Team must be explicitly given via e-mail ([email protected]). In the case of a physical event, a photo/film-free zone, which photographers will respect, will be available.
What is the legal basis for processing your personal data?
Your personal data are being processed by the ECB because you consent to the processing by providing the personal data requested. You can withdraw your consent at any time by contacting [email protected]. All processing of your personal information will stop once you have withdrawn your consent, but any prior processing will remain lawful.
Who is responsible for processing your personal data?
The ECB is the controller for the processing of the personal data. The ECB Directorate General Communications – Public Communication Division – Campaigns and Civil Society Team is responsible for the processing.
Who will receive your personal data?
The recipients of the personal data are staff members of dedicated teams in the ECB Directorate General Communications in charge of the organisation of the activities, and other ECB staff members participating in/presenting during them.
The recipients of the data will be the teams in the aforementioned Directorate General responsible for the activities and contact management, including related services, such as the transportation of participants, processing of access badges and plausibility checks.
External service providers contracted by the ECB for registration and online conferencing purposes may also have access to the personal data.
Under certain conditions defined in law, the ECB may disclose your information to third parties (such as the European Anti-Fraud Office, the Court of Auditors, or law enforcement authorities) if it is necessary and proportionate for lawful, specific purposes.
The ECB will not share your personal data for direct marketing purposes.
The use of social media by the ECB does not in any way imply endorsement of their privacy policies. The ECB recommends that users read the privacy policies of the social media platforms, including, but not limited to, Facebook, Twitter, YouTube, LinkedIn and Instagram. Each company explains its policy of data collection and processing, its use of data, user rights, and the ways in which users can protect their privacy when using these services.
What type of personal data are collected?
The ECB processes the following personal data:
- contact details of participants (first name, surname, position, email, organisation, address of the organisation, phone number);
- photos/pictures and video recordings of speakers and participants, which may be published on the ECB’s website and social media channels. The ECB is not responsible for recordings (such as photos and videos) made by participants themselves.
Where are your data transferred to, processed and stored?
Your personal data are/will be processed by the ECB, stored in ECB secure servers located in Germany.
Your personal data may be stored by external service providers contracted by the ECB for registration and online conferencing purposes.
How long will the ECB keep personal data?
Personal data provided during registration are stored for a maximum of three years from the day on which the personal data were submitted, before being deleted.
Personal data such as photos and video recordings taken during ECB webinars/seminars for CSOs are stored for a maximum of five years from the day on which the personal data were received.
Personal data published on the ECB’s website or social media (for example, Instagram, YouTube, Twitter or LinkedIn) are stored for as long as the ECB’s website/social media channels indicate in their privacy policies.
What are your rights?
You have the right to access your personal data and correct any data that is inaccurate or incomplete. You also have (with some limitations) the right to delete your personal data, to object or to restrict the processing of your personal data in line with Regulation (EU) 2018/1725.
Who can you contact in case of queries or requests?
You can exercise your rights by contacting the Campaigns and Civil Society team at [email protected]. You can also directly contact the ECB’s Data Protection Officer at [email protected] regarding all queries relating to personal data.
Addressing the European Data Protection Supervisor
If you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data, you have the right to lodge a complaint with the European Data Protection Supervisor at any time.