Data protection notice on the processing of personal data related to the website set up for the European IP Helpdesk
Protecting your privacy is of the utmost importance to the European IP Helpdesk (‘European IP Helpdesk’). The European IP Helpdesk is committed to respecting and protecting your personal data and ensuring your rights as a data subject. All data of a personal nature that identifies you directly or indirectly will be handled fairly, lawfully and with due care.
This processing operation is subject to Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data.
1. What is the nature of the processing operation and what does European IP Helpdesk do with your data?
Personal data is processed for the purposes of communication/transparency to provide and make available information on the projects’ activities/initiatives/events, etc.
Based on the above, European IP Helpdeskuses your data to:
- Compile project statistics for project reporting purposes;
- If you are using the Helpline service, to ask for more information about your query in the case that clarifications are needed; to send an answer to your IP question; ask your feedback about the usefulness of the answers provided; and in limited instances, to follow up on your case; use of pictures and/or audio-visual items on social media and on the project’s website;
- If you choose to subscribe to the Newsletter, to send you a Newsletter via e-mail;
- If you attend a training session or awareness-raising event, to send you information about the services or the event as well as a follow-up email containing useful material (if relevant);
2. What personal data does European IP Helpdesk process?
The categories/types of mandatory personal data processed are the following:
- First Name and Last Name
- Core business
- Zip Code
- Website address
- Official photos of events
- Multimedia items showing the people participating in official events, their image, voices, statements, opinions, etc.
3. Who is responsible for processing the data?
The data controller of the processing operation is the Head of Unit A.1 COSME of the Executive Agency for Small and Medium-sized Enterprises (EASME), who acts under the powers delegated by the European Commission.
On behalf of the data controller personal data is processed by Eurice GmbH, the University of Alicante, University of Navarra and TUM-Tech GmbH, referred to collectively as the ‘European IP Helpdesk’ for the implementation of the European IP Helpdesk service.
4. Who has access to your personal data and to whom is it disclosed?
Images and other audio-visual items are published on the websites and via social media and are available to general public.
Other personal data is only accessible by the authorised staff of the European IP Helpdesk, EASME and the European Commission on a need to know basis, as well as the bodies charged with monitoring or inspection tasks in application of EU law (e.g. internal audits, Court of Auditors, European Anti-fraud Office (OLAF)). Personal data is not used for any other purposes as outlined above or disclosed to any other recipient nor third countries or international organisations.
5. How does European IP Helpdesk protect and safeguard your information?
European IP Helpdesktakes appropriate technical and organisational measures to safeguard and protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.
All personal data related to the implementation of the European IP Helpdesk tasks is stored in secure IT applications according to the European IP Helpdesk quality management and data security standards, as well as in specific electronic folders accessible to authorised recipients only. Appropriate levels of access are granted individually only to the abovementioned authorised recipients.
6. How can you access your personal information and, if necessary, correct it? How can you receive your data? How can you request your personal data to be erased?
You have the right to access, rectify, erase, and receive your personal data, as well as restrict its processing or object to the same, as provided in Articles 17 to 24 of Regulation (EU) 2018/1725.
European IP Helpdeskwants to make sure that your personal information is accurate and up to date. You may ask European IP Helpdeskto correct or remove information you think is inaccurate. You also have the right to have your data completely removed from European IP Helpdeskdatabase. To modify or remove your personal information completely from European IP Helpdeskwebsite and database, please send an email to:
Your request will be answered without undue delay, and in any event within one month of receipt of the request. However, according to Article 14(3) of Regulation (EU) 2018/1725, this period may be extended by up to two months where necessary, taking into account the complexity and number of requests. The European IP Helpdesk will inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.
Alternatively, note that you can log in to your profile and edit or delete your own personal data at any time.
7. What is the legal basis for processing your data?
Regarding mandatory data (First Name and Last Name; Email; Telephone; Country; Organization; Core business; Sector; Address; Zip Code; City; Website address; Official photos of events; Multimedia items showing the people participating in official events, their image, voices, statements, opinions, etc.), it is processed in accordance with Article 5(1)(a) of Regulation (EU) 2018/1725, because the ‘processing is necessary for the performance of a task carried out in the public interest’ by EASME
Other personal data (non-mandatory) is processed in accordance with Article 5(1)(d) of Regulation (EU) 2018/1725, because the ‘the data subject has given consent to the processing of his or her personal data for one or more specific purposes’ by EASME. The non-mandatory data processed is:
- EEN membership – yes or no
- Number of employees
- Company annual turnover
Personal data is collected and processed in accordance with the contract signed between the Executive Agency for Small and Medium-sized Enterprises (EASME), and Eurice GmbH, the University of Alicante, the University of Navarra and TUM-Tech GmbH.
8. How long can data be kept?
Personal data will be kept only for the time needed to achieve the purpose for which it is processed.
All data related to the project will be stored for the duration of the project. This is normally five years from the start date of the contract. Information will be shared on the website and in the media.
In the event of a formal appeal, all data held at the time of the appeal will be retained until the completion of the appeal process.
Finally, it may be possible that the European IP Helpdesk webpage contains links to other sites whose data processing practices are different from European IP Helpdesk. Neither the European IP Helpdesk nor EASME or the European Union are responsible for the privacy practices implemented on any of these external sites. You should be aware of this when leaving the European IP Helpdeskwebsite and European IP Helpdeskencourages you to read the privacy statements on such external websites, as European IP Helpdeskhas no control over the information that is submitted to or collected by these third parties.
European IP Helpdeskalso uses third-party platforms to carry out some of European IP Helpdesk services for you and you can find their privacy policies separately on their website, namely:
9. Contact information
If you have any queries concerning the processing of your personal data, you may address them to the Head of EASME Unit A.1 COSME (entity acting as data controller), at the following email: EASME-COSME-DP@ec.europa.eu or of course to the data processor, ‘European IP Helpdesk’ who will inform the data controller at email@example.com.
European IP Helpdesk reserves its right to modify this Privacy Notice at any time. Any modification about this privacy notice will be updated in this web site to inform users.
Act of Establishment: Commission Implementing Decision C(2013/771/EU) of 17 December 2013 establishing the 'Executive Agency for Small and Medium-sized Enterprises' and repealing Decisions 2004/20/EC and 2007/372/EC, and by the decision of the Council of the European Union 3 December 2013 establishing specific programme implementing Horizon 2020 - the Framework Programme for Research and Innovation (2014-2020) and repealing Decisions 2006/971/EC, 2006/972/EC, 2006/973/EC, 2006/974/EC and 2006/975/EC