Current portal location

PROTECTION OF YOUR PERSONAL DATA

Table of Contents

  1. Introduction
  2. Why do we process your data?
  3. Which data do we collect and process?
  4. How long do we keep your data?
  5. How do we protect your data?
  6. Who has access to your data and to whom is it disclosed?
  7. What are your rights and how can you exercise them?
  8. Contact information
  9. Where to find more detailed information

Introduction

This privacy statement explains the reason for the processing, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you may exercise in relation to your data (the right to access, rectify, block etc.).

The European institutions are committed to protecting and respecting your privacy. As this service/application collects and further processes personal data, Regulation (EC) N 45/2001 , of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.

This statement concerns the collection of personal data entered in the Market Access Database (MADB) undertaken by the European Commission, Directorate General for Trade.

Why do we process your data?

Head of Unit DG Trade G3 (referred to hereafter as Data Controller) collects and uses your personal information for the following purpose:

Personal data provided via the general contact form are requested in order

  1. to be able to reply to the request of information or
  2. to grant access to users who wish to have access to the protected parts of the MADB or to the restricted area of the MADB reserved for Commission staff, officials from EU Member States and also to some EU business organization who have access to selected parts of the restricted area of the MADB.

Personal data provided via the Trade Barrier notification form are requested in order to be able to analyse the request and reply to the complainant.

The processing operations on personal data linked to the organisation and management of this tool is necessary for the management and functioning of the Commission, as mandated by the Treaties, and more specifically Article 5 of the Treaty on European Union and Articles 244-250 of the Treaty on the Functioning of the European Union.

As the processing is carried out in the public interest under the indicated legal base, the processing is lawful for the indicated purpose based on Article 5(a) of Regulation (EC) No 45/2001.

The processing is carried out in the public interest under the following legal basis the Council Decision (98/552/EC) on the implementation by the Commission of activities relating to the Community market access strategy; Communication from the Commission to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions - The Global Challenge of International Trade: A Market Access Strategy for the European Union (COM(96)53 final);

Communication from the Commission to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions- Global Europe: A Stronger Partnership to deliver Market Access for European Exporters (COM(2007) 183 final).

Articles 20 "Exemptions and restrictions" and 27 "Prior checking" are not applicable.

Which data do we collect and process?

The personal data collected and further processed are:

General contact form:

  1. The general contact form allows users to send requests in relation to the information contained in the MADB. For this purpose users have to fill in a form. The data entered in the form (Name, organisation, address, email) is used to generate an email which goes in the Market Access Database functional mailbox. This information is stored in a ticket support system. Further information on its privacy statement https://webgate.ec.europa.eu/fpfis/wikis/display/SMT/Privacy+statement . The email as well as the answer to it are stored in the Market Access database mailbox and in the ticketing for one year.
  2. Free text fields: Information given in these "free text fields" may contain personal data (names, titles, company names). This information is treated confidentially by EU officials.
  3. When a user asks for a personal account, the user is requested to register via the Commission's authentication system EU-Login. Further information on EU-Login privacy statement in https://webgate.ec.europa.eu/cas/privacyStatement.html. The personal data provided is stored in a database and maintained as long as the authorization to access the protected sections of the MADB is valid. The complete information file is only available to the coordinator and system administrators inside DG Trade. No further details are disclosed and DG Trade staff will not divulge further information or further details of this personal data to any external party for any purpose whatsoever. Upon revocation of the account, all personal data is deleted.

Trade barrier notification form:

When a user fills in the Trade barrier notification form, DG TRADE requests personal data. The personal data requested include: company/organisation contact person, company or organisation name, address or registered office, e-mail address, phone, fax, type of company or organisation. This personal data will not be displayed publicly but only used internally by DG Trade officials to further analyse the trade barrier reported.

MADB does not process any personal data within the meaning of Article 10 of the Data Protection Regulation

How long do we keep your data?

Head of Unit G3 only keeps the data for the time necessary to fulfil the purpose of collection or further processing.

Personal data associated with users who lodge a request for information in the comment section (name, phone, email, organisation, address, free text field) as well as the e-mail and the answer to it are stored in the Market Access database mailbox and in the ticketing for one year.

Personal data associated with users requesting access to the protected sections of the MADB are stored in the EU-Login database and maintained as long as the authorization to access the protected sections of the MADB is valid. When a user does not need the access anymore, all personal data associated to the user are removed from the database.

Data on a complainant notifying a trade barrier are kept in the MADB complaint mailbox as long as the trade barrier has not been fully processed by the EU officials.

How do we protect your data?

All data in electronic format (e-mails, documents, uploaded batches of data etc.) are stored either on the servers of the European Commission or of its contractors; the operations of which abide by the European Commission's security decision of 16 August 2006 [C(2006) 3602] concerning the security of information systems used by the European Commission;

Who has access to your data and to whom is it disclosed?

Access to your data is provided to authorised staff according to the "need to know" principle. Such staff abide by statutory, and when required, additional confidentiality agreements.

All personal data is stored and processed in Brussels and is not transferred elsewhere.

What are your rights and how can you exercise them?

According to Regulation (EC) n 45/2001, you are entitled to access your personal data and rectify and/or block it in case the data is inaccurate or incomplete. You can exercise your rights by contacting the data controller, or in case of conflict the Data Protection Officer and if necessary the European Data Protection Supervisor using the contact information given at point 8 below.

Contact information

If you have comments or questions, any concerns or a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller using the following contact information:

The Data Controller:

  • DG Trade Unit G3, the Head of Unit
  • TRADE-G3-SEC@ec.europa.eu

The Data Protection Officer (DPO) of the Commission: DATA-PROTECTION-OFFICER@ec.europa.eu

The European Data Protection Supervisor (EDPS): edps@edps.europa.eu.

Where to find more detailed information?

The Commission Data Protection Officer publishes the register of all operations processing personal data. You can access the register on the following link : http://ec.europa.eu/dpo-register

This specific processing has been notified to the DPO with the following reference: DPO-1499.8