Processing Activities

Search

Data subject categories

Fields

Purpose

Description

Processed data

Recipients

Supporting assets

reference number

Results

Activity: Access to Wi-Fi Guest network

Reference number	22
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), SESAR JU visitors
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is to give a temporary access (=expiring account) to the visitors of the SESAR JU to the internet by using the Wifi Guest network of the SESAR JU and to increase the level of security on the SESAR JU network. The automatically gathered data are used in order to protect the security and integrity of the SESAR JU network. Identification is needed for the strict purpose of prevention of possible abusive conducts (e.g. visit of prohibited websites, possible hacking).
Description	Ucopia is a layer that enables visitors to connect to the guest WiFi network of the SESAR JU, which is disconnected from the rest of the SESAR JU network. Ucopia will be used to grant access to the WIFI_Guest network only. The collection of data is partially manual and partially automated. Connection to Ucopia is only available from the internal network of the SESAR JU, at the SESAR JU premises. 1. Manual processing 1.1. Temporary users The SESAR JU Reception, and the ICT Support team as backup, generates a temporary user’s account on the guest-WiFi network, using the Ucopia solution. No personal data collection. 1.2. Frequent users Collection of personal data is only required in certain cases, namely while setting up accounts for certain frequent visitors. The name and surname of regular vistors who wish to maintain access to the guest-wifi account for future visits, will be kept for as long as the account is active. 1.3. Prevention of abusive conducts A user can be potentially identified by linking separate data elements such as the MAC address of the device used by the visitor and the username used to connect to the guest-wifi facility. This operation has to be done manually, only in case of alert related to a security threat. The automatically collected data elements do not allow to identify the user automatically if they are taken separately. We use a registration and access log to know the number of visitors connecting to the Wifi Guest network and we identify the devices connected to it. That way, we are able to identify misconducting activities performed on the SESAR JU environment and to investigate incidents in a more efficient way. 2. Automatic processing The collection of data is made by keeping a record of the MAC address of the electronic device used to connect to the guest-wifi network and the URL’s of the websites that were visited during the wifi-session. All data automatically collected are automatically deleted (from SESAR JU server hosted at Eurocontrol). Ucopia solution provides for four different types of access depending on the level of authorisation, accordingly: 1) Administrator: Responsible to supporting the application and managing overall application permissions and maintenance activities; Administrators have access to application’s log. (ATOS) 2) Local Administrator: Responsible to manage the local access rights and can create visitor accounts, Local Administrators have access to application’s log. (ATOS) 3) Registrors: Can create visitor accounts, registrors do not have access to application’s log (SESAR JU reception-Receptel) 4) Visitors (Users-data subjects): Registering in the application to get access to the Wifi Guest network and the Internet, they do not have access to the application’s log Both the SESAR JU and EUROCONTROL avail themselves of external contractors for activities that have a share in the processing operation. Below the list of contractors, which act as processors in this processing activity: 1. KeyStage Consulting SESAR JU contractor for ICT coordination services 2. Receptel SESAR JU contractor for reception services 3. Atos EUROCONTROL contractor for Ucopia
Processed data	Media Access Control (MAC) address of the device connected, URL of visited websites	Explicit consent article 5 d) of regulation 2018/1725, public interest article 5 a) of regulation 2018/1725	The collected personal data is retained from the moment when the user account is created until a maximum of 15 days after the deactivation of the user account. Upon deactivation of the account, data, which linked could become personal data, are automatically deleted.
	Personal details	Explicit consent article 5 d) of regulation 2018/1725, public interest article 5 a) of regulation 2018/1725	The collected personal data is retained from the moment when the user account is created until a maximum of 15 days after the deactivation of the user account. Upon deactivation of the account, data, which linked could become personal data, are automatically deleted.
Processors	database log of the application (Belgium)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of others, and foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Other: Administrators and Local Administrators of the application and Registrors, meaning on-site contractors or contractors from the SESAR JU hosting supplier (EUROCONTROL)
Joint controllers	EUROCONTROL
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	07.05.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Access to documents requests

Reference number	36
Data subject category	Any natural person or any individual acting on behalf of a legal person who submits a request for access to documents, Any natural person, identifiable in the documents requested
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	Processing of personal data is necessary for handling the access to documents requests, received by the SESAR Joint Undertaking and for providing access to the requested documents to the requester in accordance with Regulation (EC) No 1049/2001.
Description	When the SJU receives an access to documents request, personal data are processed manually in the following steps: An acknowledgment of receipt is sent to the applicant via the access to documents functional mailbox. The application is forwarded to the SJU staff member(s) (“document owner”),deemed as the appropriate person(s) to identify the documents falling under the scope of the request and assess their potential disclosure.A possible consultation of the EC services may take place, in particular with DG RTD, SG or DG MOVE. In this case, personal data of the applicant will be made available to the above DGs. Consequently, a decision is taken on whether to disclose fully or partially the documents or to refuse disclosure. The applicant is informed on the initial decision with a letter signed by the Chief of Administration Affairs. In case of a partial or full disclosure the applicant may submit a confirmatory request. Upon receipt of such request, an acknowledgment of receipt is sent to the applicant via the access to documents functional mailbox and a decision on the conﬁrmatory request is taken at the Executive Director level. The applicant is informed on the initial decision with a letter signed by the Executive Director. Unless access to personal data is specifically requested by the applicant, personal data are redacted by default from the SJU documents to be disclosed. Personal data that appear on the requested documents may be disclosed to the applicant following an assessment under Article 9(1)(b) of Regulation 2018/1725 provided that the data subjects have been informed about the processing and about their right to object (Articles 15-16 and 23 of the Regulation). Relevant documents, related to initial and confirmatory applications are stored in paper in the Legal & Procurement sector’s archives under lock and key, electronically in dedicated Outlook folders, IDMS public access to documents register, IDMS correspondence register and Legal sector’s IDMS area with restricted access rights.
Processed data	Personal details	Ed decision ref. sju/ed/683, laying down implementing rules for the application of decision adb(d)-12-011 “concerning the transparency and public access to the documents of the joint undertaking” , article 15(3) of the treaty on the functioning of european union, regulation (ec) no 1049/2001 of the european parliament and the council of 30 may 2001 regarding public access to european parliament, council and commission documents , decision adb(d)-12-011 of the administrative board of the sesar joint undertaking “concerning the transparency and public access to the documents of the joint undertaking”., public interest article 5 a) of regulation 2018/1725, legal obligation (article 5 (b) of regulation 2018/1725)	a) Data are retained for 5 years for files regarding an initial access to documents application b) Data are retained for 5 years for files regarding a confirmatory access to documents application years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedoms of other data subjects, and foreseen in the upcoming sju decision on restrictions.
Security measures	A paper copy is made and saved in a paper file. The paper file is archived in a locked cupboard., Access control and technical measures such as physical locks and/or secure connections and firewalls, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Data subject themselves: , Third countries: The SESAR JU may reply to an applicant residing in a country outside the EU. The SESAR JU only discloses personal data to an applicant residing outside the EU if the conditions for a transfer of personal data to a third country or an international organisation under Chapter V of Regulation (EU) 2018/1725 are met. Since the factual and legal circumstances, including the place of residence of the applicant, are different for each application for access to documents, the existence of a legal base for the transfer will be assessed case-by-case by the SESAR JU. , Designated SJU staff members: Members of the SJU access to documents team, Chief of Administration Affairs (for initial applications), Executive Director (for confirmatory applications), owner(s) of the identified documents inside the SJU, their managers; responsible staff members from the EC services. , European Commission and its services: DG RTD or SG could inter alia be consulted in cases where the SJU needs assistance on interpretation of the applicable rules, templates and procedures with regard to specific access to documents requests. DG MOVE shall be consulted on the basis of the General Agreement, signed between the SJU and the European Commission, mainly with regard to the requests, coming from non-EU countries.
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	16.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Access to the SJU premises

Reference number	41
Data subject category	SESAR JU visitors, SJU staff member organising the visit/meeting/event
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing activity is to: a) Record attendance to a visit/meeting/event at the SJU premises for security reasons b) secure access to the SJU premises to external visitors c) Conform with the applicable health and safety rules introduced with decision SJU/ED/750 “On the conditions to access the SJU premises specific to COVID pandemic measures”
Description	Data collection is done by the SJU staff member organizing a meeting at the SJU premises who will inform the reception and provide the number of people expected and their names. When booking a meeting room in Outlook, the responsible SJU staff member should inform reception of their meeting, the subject of it and the names of the participants. This is required in order for the receptionist to register them once they are received and to prepare the Wi-Fi passwords in advance should they require to use it. For further information regarding processing of personal data for access to the Wi-Fi guest network please consult the relevant record (record reference number: 22). The list of participants shall be provided at least 24 hours prior to the meeting. The SJU visitors list is stored in IDMS with restricted access rights to the facility team. Due to the Covid-19 pandemic, certain measures have been introduced with decision SJU/ED/750, when external visitors access the SJU premises. Visitors are requested to present a Covid-19 certificate to enter the SJU premises. Please refer to decision SJU/ED/750 for a detailed analysis on what an acceptable Covid-19 certificate should include. Whereas the possession of a certificate will be verified manually by means of a visual check, by the facility team or the SJU staff member in charge of the visit, the name of the visitor and the content of the certificate shall not be stored, transferred or processed in any way. Visitors are requested to sign an Informed Declaration on the conditions to access the SJU premises specific to the COVID pandemic measures, confirming they have been informed on the measures set out for accessing the SJU premises in decision SJU/ED/750. The declarations are stored by the facility team in a locked cabinet.
Processed data	Document produced	Sju/ed/750 on the conditions to access the sju premises specific to covid pandemic measures, public interest article 5 a) of regulation 2018/1725	The declarations on the conditions to access the SJU premises specific to the COVID pandemic measures are kept for as long as decision SJU/ED/750 and any future updates of it remain in force.
	Other	Sesar ju physical security policy, public interest article 5 a) of regulation 2018/1725	Once the procedure is finalised
	Personal details	Sesar ju physical security policy, public interest article 5 a) of regulation 2018/1725	The participants list will be kept for 5 years after the visit years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restrictions.
Security measures	A paper copy is made and saved in a paper file. The paper file is archived in a locked cupboard., Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Appropriate training, Physical security of the premises, Staff dealing with this processing operation is designated on a need-to-know basis, Standard clause for the processing of personal data included in the contract
Recipients	Designated SJU staff members: Facility team and staff members in charge of the visit
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	16.09.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Appointment of new representatives to the Administrative Board

Reference number	35
Data subject category	Administrative Board Members (main and alternates)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing activity is to (a) collect the necessary information via the “Personal Information form” to contact the appointed to the Administrative Board Members and send them relevant information via e-mail or post, (b) ensure that persons involved in the activities of the Administrative Board act independently of any external influence when they are appointed as members by signing the “Declaration of Commitment and Confidentiality” form, (c) comply with transparency principles by publishing their short biography in the SESAR JU website.
Description	When a new person is appointed as Member of the Administrative Board, they are requested to fill in, sign and send the “Personal Information form”, the “Declaration of Commitment and Confidentiality” and their CV to the Administrative Board (ADB) functional mailbox. Access to the ADB functional mailbox is granted to the Secretary of the Administrative Board, the Executive Director and the Deputy Executive Director. The Secretary of the ADB sends the short bio information to the Communications team for publication in the SJU website. The documents are stored in IDMS with restricted access rights to the Secretary of the Administrative Board and limited staff of the Legal and Financial Team. The shared drive contains information related to former ADB members. Paper versions of the above forms are stored in a locked cupboard.
Processed data	Personal details	Council regulation (ec) n° 219/2007 of 27.02.2007 as amended by council regulation (ec) n° 1361/2008 of 16/12/2008 and council regulation (eu) 721/2014 of 16 june 2014, (the “sju regulation), and in particular article 3 (1) of the statutes of the sesar joint undertaking annexed to the sju regulation and article 6 of annex 1 of the sju regulation , rules of procedure of the administrative board , administrative board decision on conflict of interest adb(d)-10-2008 as modified by decision adb(d)-03- 2012 , legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	(a) Declaration of Commitment and Confidentiality: 5 years after the discharge for the budgetary years to which the Declaration relates (b) Personal Information Form: As long as the data subject remains a member of the Administrative Board
	Political preferences	Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	As long as the data subject remains a member of the Administrative Board.
	cv	Administrative board meeting of june 2014 (adb 30) item 7b, legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	As long as the data subject remains a member of the Administrative Board.
Processors	TMAB Business Events (EEA)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	A paper copy is made and saved in a paper file. The paper file is archived in a locked cupboard., Access control and technical measures such as physical locks and/or secure connections and firewalls, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	The general public: Only with regards to the CVs published in the SJU website, Designated SJU staff members: Secretary of the Administrative Board, Executive Director, Deputy Executive Director, members of the Legal and Finance team
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	07.05.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Assessment and reporting on probationary periods

Reference number
Data subject category	JU staff
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The processing for reasons related to staff probationary periods, namely the assessment of person-job match in order to confirm the engagement of staff, to extend the probationary period or to terminate the contract of employment as needed.
Description	The operation is launched by email from the reporting officer to the staff under probation. Exchange of the self-assessment and assessment between the reporting officer and the probationary staff may be done through email. The finalised report is manually given to the HR Sector by sealed confidential internal mail. The final report on paper is scanned and stored on dedicated HR shared drive accessible to HR staff only. The paper reports are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe.
Processed data	Other	Public interest article 5 a) of regulation 2018/1725	10 years after the termination of employment or the last financial transaction, the latest prevailing.
	Personal details	Public interest article 5 a) of regulation 2018/1725	10 years after the termination of employment or the last financial transaction, the latest prevailing.
	Profession	Public interest article 5 a) of regulation 2018/1725	10 years after the termination of employment or the last financial transaction, the latest prevailing.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Other: reporting officer, Other: countersigning officers, Other: Executive director and deputy executive director, Designated SJU staff members: Human resources staff, EU institutions and bodies: European Court of Auditors; OLAF; IAS; Civil Service Tribunal; Ombudsman.
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Audit to SJU Members and beneficiaries

Reference number
Data subject category	Beneficiaries of EU funds
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	Processing personal data in the framework of an on-the-spot audit or desk review of financial statements claimed for co-financing by the SJU Members and beneficiaries of EU funds. As an example, these may consist of employment contracts, payslips, timesheets, bank statements.
Description	Manual processing: Personal data as part of an audit assignment is stored in the Project Audit archives (physical files). Access to these archives is limited to the Project Auditor. Automated processing: All EC IT systems are compliant with the Commission Decision of 16 August 2006 C (2006) 3602[1] concerning the security of information systems used by the European Commission. The processing of personal data in the frame of the selection and management of experts is mainly automated. [1] http://ec.europa.eu/internal_market/imi-net/docs/decision_3602_2006_en.pdf SECURITY measures specific to this processing: Electronic system being put into place for the storage of personal data in the SJU shared drive (on the home computer network) and the management of the access rights: specific folders per audit report and containing the hereto related personal data (name, position, hourly rate, hours worked in the project.) has been created. For each audit report, by default, the access rights (read & write) are limited to the following persons: person(s) appointed as project auditor and back-up. In principle, personal data contained in documents and files that are consulted / accessed / collected as part of the evidence during the audit will not be mentioned in the final Report (unless relevant for the purpose of the audit / for the understanding of the findings). ON JOINT CONTROLLERSHIP: The European Court of Auditors and the European Commission (CAS) act as joint controllers. Contact point for the CAS: RTD-External-Audits@ec.europa.eu There is an MoU currently being developed by EC services in cooperation with European Institutions and Bodies (Executive Agencies and Joint Undertakings).
Processed data	Financial information	Legal obligation article 5 b) of regulation 2018/1725, contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	5 years
	Personal details	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725, legal obligation article 5 b) of regulation 2018/1725	5 years
	Profession	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725, legal obligation article 5 b) of regulation 2018/1725	5 years
	payrolls, payslips, bank statements, contracts, time records (timesheets) and any personal data contained in documents and files that are consulted / accessed / collected as part of the evidence during the audit	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725, legal obligation article 5 b) of regulation 2018/1725	5 years
Processors	EC's audit tools like AUDEX (Belgium) EC's audit tools like AUDEX (Belgium)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
Recipients	Designated SJU staff members: , EU institutions and bodies: When transfer of personal data to other EU institutions are foreseen, the following text applies: **Recital 21 and Article 6 of the Regulation apply: - Transfer is required and necessary for the legitimate performance of tasks of the SESAR JU, accordingly: Transfer of the data to the European Commission is de facto as the EC is responsible for launching, monitoring and managing the audits. - The purpose of the transfer is compatible with the purpose of the collection. Accordingly: • Purpose of the data collection: • Purpose of the transfer: • Compatibility of the purposes: e.g. Both purposes are compatible as the purpose of the transfer is covered by the purpose of the collection (e.g.: data submitted in the offer are necessary for the processing of payment obligations).
Joint controllers	European Commission (CAS), European Court of Auditors
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	07.07.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Award procedures for procurement and selection of experts, and managing legal aspects of contractual execution - Outside the scope of Horizon 2020/Europe

Reference number	10
Data subject category	Individuals as tenderers and its personnel (as staff or management), including members of a consortium and subcontractors participating in procurement procedures and entering into a contractual relation with the SESAR JU
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	(a) Managing award procedures for procurement and the selection of experts, (b) Managing legal aspects of contractual execution
Description	Procurement procedures The submitted tenders (which may contain personal data) are stored in the legal archives until the opening session. The following documents, part of an award procedure regarding procurement,or the selection of experts may contain personal data: Administrative offer: Cover letter from the tenderer Legal and financial identification forms Bank account form Financial statements for a period equal to or less than the last three financial years for which accounts have been closed A statement of the economic operator’s overall turnover Declaration of honor Supporting evidence on exclusion criteria (article 136 and 137 Financial Regulation) Descriptive bio of each member of the team CVs Staff form Financial offer is normally signed by an authorised representative of the tenderer Technical offer Tenders are made available to the duly appointed members of the opening committee in hard copies, for opening of the tenders, and to the members of the evaluation committee. Electronic versions of the tenders are normally available to the evaluation team through a dedicated restricted space in the IDMS. For opening whenever tenders are submitted through email boxes, tenders are potentially available to the owner of the email box or to those having permissions to access a functional email box. Upon termination of the evaluation process, the Legal & Procurement sector recovers all copies of the tenders and stores them in the Legal archives, in case of paper submission. The electronic version of the tender is saved in IDMS. Only members of IDMS groups having access to the relevant sites and libraries therein may handle the tender documentation. As an outcome of ex-post publicity obligations (Article 163 (1) (b) Financial Regulation) information (namely, name and address) on the awarded tenderer, as well as the amount of the contract, is published in section S of the Official Journal of the European Union (http://ted.europa.eu) and/or on the website of the SJU (www.sesarju.eu). Financial Identification Form and Legal Entity Form of the awarded are transmitted to the European Commission in order to be included in the third party file of the ABAC System for electronic transactions. This transmission between institutions is made on the basis of recital 21 and Article 6 of the Regulation. Furthermore, information provided may lead to an entry in the Early Detection and Exclusion System Database (the “EDES”) managed by the European Commission, in line with Article 135 of the Financial Regulation. Information exchanged within the EDES will be centralised in this database. The database may contain information on economic operators that could represent a threat to the Union's financial interests, economic operators who are in one of the exclusion situations listed in Article 136 (1) of the Financial Regulation and economic operators on which financial penalties are imposed - Article 138 of the Financial Regulation, in the form of cases created therein. The EDES foresees the right of the economic operator to be informed of the data stored in the database upon its request to the EC. The information contained in the database shall be updated, where appropriate, following a request for rectification or erasure of the data stored. For more information, please visit: http://ec.europa.eu/dpo-register/details.htm?id=42815 Drafting of contracts (procurement, experts) and amendments Contracts may contain personal data for the particular purpose of identification of the tenderer, namely: Name and signature of the person empowered to signed contract on behalf of the contractor, or the contract her or himself in case it is a natural person. Annex B of the contract, or technical offer, may contain a list of personnel identified to carry out the tasks. Neither CVs nor Declarations of Honour (including its supporting evidence) are part of a contract. Tenders, as described supra, in their paper version are stored in their integrity in the Legal & Procurement archives and in the relevant space of the IDMS (contract’s register). Different retention periods (see infra) apply. Personal data as part of offer is stored in the Legal & Contracts Sector archives and/or in the Legal & Contracts Sector safe. In addition, personal data are processed when it is necessary to amend the contract based on offer for additional services and when it is necessary to add new subcontractors (re-assessment against exclusion and selection criteria).
Processed data	Juridic data	Legal obligation article 5 b) of regulation 2018/1725, public interest article 5 a) of regulation 2018/1725	2 years
	Personal details	Regulation (eu, euratom) 2018/1046 of the european parliament and of the council of 18 july 2018 on the financial rules applicable to the general budget of the union (financial regulation) and in particular articles 160-179 for the procurement procedures, articles 180-200 for the grant application and articles 237-238 for selection of experts and point 20 of annex 1 of the financial regulation on selection criteria, contractual obligation article 5 c) of regulation 2018/1725 , legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	For a procurement award procedure, data are retained for a period of 10 years following the procedure’s closure, although: for unsuccessful tenderers, data specific to the tenderer are retained for 5 years following the closure of the procedure; for unsuccessful candidates in response to an invitation to request to participate or successful candidates who did not subsequently tender, data specific to the candidate are retained for 5 years following the closure of the procedure; and for candidates to a Call for Expressions of Interest, data specific to the candidate are retained for, whichever is later: 1) 5 years after the list’s validity end date; 2) 5 years after the signature of the last contract concluded with a procedure based on the list; 3) 10 years after the signature of the last contract concluded with a procedure based on the list for which the candidate was a successful tenderer. As regards data collected when managing the execution of the contract, these are retained for 10 years following last payment made under the contract.Data regarding the drawing up and maintaining of experts’ lists and the management of experts’ contracts are retained for 10 years, while data related to unsuccessful experts are eliminated five years after the closure of the procedure. In addition to the above periods, data are also retained until the end of a possible audit if an audit started before the end of the above periods. years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of others, and as foreseen in the upcoming sju decision on restriction. restrictions are also foreseen in art. 142 (1) of the financial regulation.
Security measures	A paper copy is made and saved in a paper file. The paper file is archived in a locked cupboard., Data kept according to the security measures adopted by the European Commission, Obligation of confidentiality of the staff, Segregation of duties, Staff dealing with this processing operation is designated on a need-to-know basis, Standard clause for the processing of personal data included in the contract
Recipients	EU institutions and bodies: Early Warning System (“EWS”) and the EDES when appropriate and provided that the conditions in Art. 135 of the Financial Regulation are met. , Designated SJU staff members: Legal & Procurement team, finance team, Evaluators and/or contract managers, [members of the institutions, agencies and bodies participating in the award procedure in the case of inter-institutional procurement] as well as external experts and contractors who work on behalf of the SJU for the purposes of: 1) managing award procedures for procurement and the selection of experts; 2) managing the execution of (procurement and experts) contracts 3) developing, maintaining and supporting the use of corporate eProcurement IT systems. For contracts awarded as part of a procurement procedure, SJU staff members who may use the contract or may use the information (excluding personal data) related to the contract for the sole purpose of future procurement procedures;, European Commission and its services: DG BUDGEDG BUDG and DG DIGIT, The general public: Only in the rare case that a natural person is awarded a contract of high value, the name and surname will be published in the Official Journal
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Business Continuity Plan staff contact list

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), Person to contact in case of emergency
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	To permit the SJU, within the context of the Business Continuity Plan, to contact each SJU staff member in case of unforeseen event susceptible to affecting the integrity of SJU's assets and/or people, or when work conditions at the SJU premises are damaged or at risk. All personal data submitted will be used for the sole and exclusive purpose of informing staff in case of a business continuity event.
Description	The Business Continuity Contact List is maintained as a SharePoint list in IDMS (an internal platform for sharing information amongst SJU staff). Data subjects enter and maintain their own personal data. In addition to the data subject, personal data is accessible in read mode by: The data subject’s team manager (“Head of” as per the current organisation chart) The data subject’s area manager ( “Chief” as per the current organisation chart) The business continuity manager and his/her substitute (As defined per the QMS process “Business Continuity Management”) The Business Continuity Contact List in IDMS is configured in such a way that Data subject have access to their personal data only Team managers have access to their team’s personal data only Area managers have access to their area’s personal data only Only the business continuity manager and his/her substitute has access to personal data of the entire SJU As the business continuity contact list data are stored on the SESAR JU’s IDMS, access to data is granted by default to the persons having administration role and access permissions to IDMS, i.e. staff with IDMS System Administrator rights and other users such as ICT support team. The above-mentioned people are invited to print out a hard copy of personal data of their team(s) on a regular basis (typically once per month). The objective of this is to have an up-to-date information and to be able to contact staff as per the contact procedure in the case any event would arise resulting in limited or no electronic access to IDMS. This is described in the BC contact list guidance document, especially in its section 2.
Processed data	Personal details	Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
	Profession	Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	n/a
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	28.07.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: COVID-19 Pandemic – Booking system Voluntary Return to Office

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	While teleworking remain the norm during at least Phase 1 of the SJU return to office strategy, presence at SJU premises is allowed on an exceptional basis, when so agreed with the line manager, and respecting all sanitary measures indicated by the Belgium Authorities and by the European Commission. In this context, the purpose of the processing operations is to control the level of occupation of its premises set as “open space” and to organise the progressive and voluntary return in a way that allows the SJU staff to be closely managed in order to take reasonable precautionary measures and ensure compliance with the applicable sanitary measures to date.
Description	The collection of personal data and establishment of the list is made electronically (i.e. by e-mail) by the Facility team. Every week, the persons willing to come to the SJU premises shall send to the Facility and ICT mailboxes a request to be present at the SJU premises for a given period of time and clarify if he/she consents to the publication of his/her name, date, and period of presence on I-DMS (see below) according to the template provided by the Facility team. The staff allowed to return to the office shall receive an e-mail of confirmation of the booking of a space at the SJU premises at the requested period of time if his/her request complies with all the measures and restrictions contained in IC 20/077 and any other EC guidance applicable to the situation. As a result of this process, every Friday after 15:00 and until general de-confinement (Phase 4 under IC 20/077), the Facility team will compile the received data of the persons that have required to be at the SJU premises on the following week and whose requests are compatible with all measures mentioned in IC ref. 20-077 in the following documents: 1. A “*safety and security register”: this database will contain all names, functions and time period of presence of staff at the SJU premises with restricted access by the Facility team, ICT team, LISO and LSO. 2. A “weekly contact table”: this database - accessible to all SJU employees, PMU staff, ICT Coordination, ICT Support, Reception and D&D SDSS Team (hereafter referred to as “intramuros staff*”) on IDMS - will identify people exceptionally present at the office on a weekly basis.
Processed data	Other	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
	Personal details	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
Recipients	n/a
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	22.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Flexitime

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of recording the working hours is: a)To allow staff to manage their daily working hours in order to conciliate their private and professional life, taking into consideration the core hours and respecting the 40-hours working week. b) To ensure that a continued, effective service is provided and the overall work assigned to the staff members is manageable.
Description	Before the Time Management Application (‘TIM’) of SYSPER is in place, the process is the following: Manual processing: Staff member will record their hours worked in an excel sheet created for this purpose. In this respect, they will have to insert the time of arrival, departure and daily breaks. The total amount of hours worked daily and weekly as well as the credit and debit hours are calculated automatically. This excel sheet is personal and will be handled on a daily basis by the staff member concerned. They will be send by e-mail to the hierarchical superior who will verify and approve them at the beginning of each month. The hierarchical superior will then send them approved via e-mail to HR with the concerned staff member in copy and will then delete them according to the instructions given to the staff. HR will store the e-mail and the timesheets electronically in the share drive until their destruction. HR will check them in case a day of recuperation is requested. This day will be requested via a template created for this purpose, accessible through IDMS and managed by the HR Sector. After the Time Management Application (‘TIM’) of SYSPER is in place, the process is the following: Automated processing: The staff member, following the same principle as in the manual processing, will record only the hours worked and breaks taken in TIM and the system will do the calculations automatically. Only the staff member, their hierarchical superior and HR will have access to this data until their destruction. In the last two cases, this will only consist of a read access. Recuperation days will be requested and approved by the hierarchical superior through the system.
Processed data	Other	Public interest article 5 a) of regulation 2018/1725	3 years
	Personal details	Public interest article 5 a) of regulation 2018/1725	3 years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	n/a
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	23.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Internal staff survey

Reference number
Data subject category	SJU staff respondents to the survey
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The main purpose of the survey is to collect in an anonymous way information, opinions, user experience from colleagues on any matter impacting the strategic objectives of the SJU (e.g.: use of IDMS, risk management process).
Description	The data collected is processed both electronically via IDMS and manually when the person responsible for the survey will analyse the data. When processing electronically, though I-DMS using the survey tool through the following process: The link to the survey is sent to respondents (data subjects) via e-mail with 7-10 days to provide answers on a voluntary basis. After the period, the survey cannot be responded to, (which is not managed automatically but through a transaction of the System Administrator (e.g. setting the corresponding page to Read-only) upon instruction of the responsible Team. Any respondent can use the link to get access to the questionnaire via the I-DMS. The survey is also directly accessible through the I-DMS navigation bar Living Together -> Surveys. Permissions and accesses are controlled through the standard I-DMS permission management system. When processing electronically, aggregated data are: Collected and extracted to an excel file at the date set by the Responsible team corresponding to the end of the survey period. The excel file is stored both by the responsible team and/or HR. Initially analysed by the responsible team. May be clustered and re-arrange to come up with quantitative information and group free text answers. The Corporate Management Team may be provided with a synthesis from that analysis.
Processed data	Other	Public interest article 5 a) of regulation 2018/1725	It will be deleted once the survey is closed and the results of the survey have been aggregated.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Obligation of confidentiality of the staff
Recipients	Other: As conducted through the I-DMS tool, other users such as ICT support team (located in the SJU premises and with ICT service desk), EUROCONTROL IT Service Desk Team or the MCS support team also have technical access to the database.
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	04.12.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Management of leave

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	Assessing the entitlement to annual leave, special leave, parental leave, family leave, leave under personal grounds, credit-time leave for temporary agents and contract agents and in some cases seconded national experts (annual and special leave).
Description	The data collected is processed either manually or electronically. When processing manually, the paper files are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe (until destruction) or by the EC PMO/ Medical Service. When processing electronically, the data is stored in IT management applications developed specifically for this purpose. Access to the IT application is protected by access rights granted to SJU authorized staff (HR service).
Processed data	Family composition	Public interest article 5 a) of regulation 2018/1725	3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
	Health data	Public interest article 5 a) of regulation 2018/1725	3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
	Personal details	Public interest article 5 a) of regulation 2018/1725	3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
	Profession	Public interest article 5 a) of regulation 2018/1725	3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	EU institutions and bodies: European Court of Auditors, European Court of Justice, lawyers (external on behalf of the SJU), the SJU Internal Auditor (Internal Audit Service of the European Commission), may also access to relevant personal data for audit control or appeal purposes.
Joint controllers	European Commission
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Missions workflow and e-invoices tool

Reference number
Data subject category	On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Staff JU and other EUIs (temporary agents, contract agents, seconded national experts)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is to provide the travel services required to make sure that SJU staff will be able to travel away from their place of employement for professional reasons (missions and authorised travels).
Description	Staff on Mission prepares the Mission Request for his/her Hierarchical Supervisor’s(s’), if any, and Authorising Officer’s approval. There are two ways of collecting personal data and processing this information under missions' bookings, both provided by American Express GBT (processor): 1. Reservations via the Online Booking Tool (‘OBT’): The Staff on Mission books his/her flight and/or train tickets and/or makes car rental reservations in the OBT. The information collected by the OBT includes the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. Hotel bookings can be done either via the OBT provided by the agreed Travel Agency or through other preferred channels (e.g. personal credit card payment to guarantee hotel room, payment at the hotel with bank card or cash, depending on hotel policy). Low Cost reservations can be made either via the the OBT or offline with the Travel Agency (AMEX Corporate Credit Card is used) or via the low-cost Airline directly using the Mission Performer's private credit card. The OBT is a tool provided by the processor, American Express GBT. The staff can then go to the Amex GBT Mobile app to see the details of the booking done in the OBT (applicable privacy statement available here: https://privacy.amexgbt.com/statement). The mission performer can also optionally check his/her travel (print a confirmation of travel details) using the website "Checkmytrip". For this purpose, the mission performer has to create an account to get access to the tool and enter his/her last name and booking reference. Please find the privacy statement: https://www.checkmytrip.com/cmtweb/#/cmt/privacy-policy 2. Reservation via the Travel Agency: The Staff on Mission sends an e-mail to the agreed Travel Agency requesting flight/rail options and price quotes. The information provided contains the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. In both cases, the Hierarchical Supervisor confirms the eligibility of the mission according to the applicable rules. If the Mission Request is approved by the first Hierarchical Supervisor, it will go for approval to the second Hierarchical Supervisor, if applicable, and then it will be further transferred to the Authorising Officer for approval. Upon confirmation of the trip American Express GBT sends through a system called “E-Invoicing tool” the invoice containing the name of the Mission Performer, the travel destination, travel date and the amount to be paid. Access to this tool, as well as to the document itself is restricted to the Facility & Mission coordination team. Please find the privacy statement: https://privacy.amexgbt.com/statement. Upon return from the mission The Mission Performer has to write a Mission Report and to collect other documentation including the supporting evidence for the reimbursement, any document that certifies the attendance in the event as well as duly filled in the Statement of Expenses. These documents (signed travel order, statement of expenses, mission report, etc) are then uploaded in the IDMS. The prepared Mission File is then transferred to the Mission Coordinator. Upon approval from the Authorising Officer, the Mission Coordinator retrieves the scanned Mission File from the IDMS and sends it to the PMO for the calculation of mission expenses. The data is stored electronically and the documents are kept in IDMS accessible with restricted access rights.
Processed data	Education	Public interest article 5 a) of regulation 2018/1725	5 years
	Financial information	Public interest article 5 a) of regulation 2018/1725	5 years
	Other	Public interest article 5 a) of regulation 2018/1725	5 years
	Personal details	Public interest article 5 a) of regulation 2018/1725	5 years
	Profession	Public interest article 5 a) of regulation 2018/1725	5 years
Processors	American Express Global Business Travel (‘GBT’) servers (USA, Standard contractual clauses & binding corporate rules) Checkmytrip website (EEA)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
Recipients	EU institutions and bodies: The PMO will receive the information necessary to determine the entitlements of staff when they are on mission under the Staff Regulation and CEOS. If appropriate, access will also be provided to the EC Court of Auditors, the SJU Internal Auditor, the European Ombudsman, the Civil Service Tribunal, the European Anti-Fraud Office and the European Data Protection Supervisor, Third parties in third countries no adequacy decision but additional safeguards: As the personal data of the SJU staff is transferred to American Express GBT with the objective of providing the travel requested, the data will be processed by them. American Express GBT data centers are located in the United States and Germany. Please refer to the privacy statement of GBT for more information: http://privacy.amexgbt.com/statement
Joint controllers	European Commission
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	14.10.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Occupational health and medical data

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), Trainees (blue book and atypical), Relatives of the data subject
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	Personal data is collected and managed for the purpose of complying with certain mandatory obligations under the Staff Regulations, notably: a) performance of the pre-recruitment medical examination b) issuance of medical certificates (justifying sick leave, special leave, working condition for TA and CA or reimbursement of medical expenses) c) performance of the annual medical visit
Description	Health data in the strict sense of staff members and candidates for recruitment are exclusively processed by the European Commission Medical Service, which keeps the medical files. No medical data stricto sensu are processed by the SJU; the information the SJU has access to do not contain any diagnosis, details of examinations undergone, or vaccination details). The communication flow is limited to the staff members and the medical service of the European Commission in accordance with the procedures established. For what concerns data managed directly by SJU: the HR team collects and stores the data that can be made accessible to other Institutions and authorized auditors when appropriate to fulfill auditing and controlling duties. The data is stored electronically and manually and access is protected by the management of access rights.
Processed data	Family composition	Public interest article 5 a) of regulation 2018/1725	Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
	Other	Public interest article 5 a) of regulation 2018/1725	Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
	Personal details	Public interest article 5 a) of regulation 2018/1725	Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
	Profession	Public interest article 5 a) of regulation 2018/1725	Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Health data processed with the principles of medical confidentiality by HR officer, Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	EU institutions and bodies:
Joint controllers	European Commission, PMO
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	23.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Organisation of physical events

Reference number	15
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), Complainants, correspondents and enquirers, Participants at the event
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	a) Create audio/video recordings and pictures of the event; b) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); c) Publish event recordings and pictures on SESAR JU website, newsletter, YouTube and online social media channels.
Description	Physical events may take place at the SESAR JU premises or elsewhere. In any case, the SESAR JU ensures that there is a “no photography” area in the event venue, so that participants not consenting to their pictures/video taken can place themselves there. The recordings and pictures of the events are stored on the SESAR JU shared communications drive with restricted access rights to the External Affairs and Communication Team and may published in the SESAR JU website, newsletter social media channels and YouTube channel. In some cases, specifically for internal meetings, involving exclusively SJU staff and detached employees and direct intra-muros contractors, the SESAR JU may ask participants to voluntarily send their own pictures/videos from the event. An email explaining the purpose of collection (e.g. upload in SESAR JU website, intranet etc.) and containing a relevant privacy notice will be distributed to the participants. Should participants reply by sending the relevant pictures/videos, it will be deemed that they consent to the purpose of their collection. EXTERNAL PROCESSORS: On some occasions, the SESAR JU entrusts external service providers to process personal data for the purpose of managing the event. - TMAB Business Events, on the terms described in the FW service contract SJU/LC/0352-CRT Lot 3 on event communications https://tmabevents.be/TMAB_PrivacyPolicy.pdf - 20 Seconds to Midnight (20STM) on the terms described in the FW service contract SJU/LC/0352-CRT Lot 2 Digital communications, specifically, on the audio-visual coverage of events https://20stm.com/studio
Processed data	Video tapes and photographs	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	For the lifetime of SESAR JU
Processors	20 Seconds to Midnight (20STM) (EEA) TMAB Business Events (EEA)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Data subject themselves: , Designated SJU staff members: Managing the event on a need to know basis, The general public: For the pictures and videos uploaded on the SJU website, YouTube and social media channels, Other: External experts and contractors involved in the event management
Joint controllers	European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	11.10.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Personal file

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is a) to comply with the rules laid down in the Staff Regulations b) to follow the procedure for the establishment and exercise by employees of their rights and obligations under the Staff Regulations and to manage their career performance.
Description	Data is collected and managed by the HR Sector, in order to create a personal file for each staff member. The personal file consists on the following: Data relating to the exercise by the employees of their individual rights and obligations (i.e. allowances, pension rights), the staff member has to send the form concerned to the HR Sector who is then responsible for submitting the request to the Office for the Administration and Payment of Individual Entitlements (“PMO”) for its management. The PMO notifies the outcome to the HR Sector and the latter one communicates it to the employee concerned and files the document in the personal file; Data provided by the employee during the pre-recruitment process for the purpose of signature of the contract in compliance with article 26 of the Staff Regulation; Data for the management of the career development (appraisal report). This data is collected by the HR Sector and stored in the personal file. The data is stored manually and electronically. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The documents are also kept in electronic version in SJU share drive protected by management of access rights. Interimaires description of processing The SJU HR collects the data on education and employment detailed of interimaires (CVs) furnished by the interimaires provider, for the purpose of their engagement. Once the interimaires arrive at the SJU, HR collects data containing contact details. Blue book and atypical trainees description of processing In the case of blue book trainees, HR collects data containing contact details. HR has also access to a database managed by the European Commission that contains data relating to education and employment for the purpose of selecting a blue book trainee. All the documentation relating to their engagement is directly managed by the traineeship office of the European Commission. In the case of atypical trainees, HR collects CV’s for the purpose of their engagement and on their arrival the same personal data as for blue book trainees (mostly contact details).
Processed data	Education	Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	10 years after end of contract
	Family composition	Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	10 years after end of contract
	Financial information	Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	10 years after end of contract
	Personal details	Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	10 years after end of contract
	Profession	Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725	10 years after end of contract
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members.
Recipients	EU institutions and bodies: If appropriate, access can be provided to the Court of Justice, European Court of Auditors, the SJU Internal Auditor, the European Ombudsman the European Anti-Fraud Office
Joint controllers	European Commission
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	23.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Prizes

Reference number	38
Data subject category	Participants applying for a prize
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	Selection, award (and payment) of prizes, participation in on-site or virtual award ceremony and publicity activities, related to the promotion of the prize.
Description	Personal data are processed by the SESAR JU in the following steps: Applicants for a prize send their application electronically to the dedicated SJU functional mailbox. The following documents, part of a prize application may contain personal data: · Application Form including a description of the scientific achievements and the necessary references and details of the supervisor/tutor of a Bachelor, Master or PhD Thesis · Declaration on honour · Copy of Diplomas/student certificates · Legal entity form · Extracts of publications/papers, recommendations and the thesis referenced in the Application form · Official ID or a residency permit (or equivalent document) The evaluation of applications will be carried out in three consecutive phases: 1) Administrative phase - by SJU staff members. 2) Award phase – by an evaluation panel composed by SJU staff members or/and experts of the SJU Scientific Committee providing the SJU Executive Director (ED) with ranking of short-listed applicants. Applicants which are requested by the evaluation panel, shall send an original declaration on honour, and the documentary proofs (originals and recent), including, for example: a recent extract from the judicial record, documents providing evidence that demonstrates payment of all taxes and social security contributions. The ED makes the final decision on the shortlisted applicants and the prize winner. 3) Post-award phase - The winner(s) sends a financial identification form and as a next step the signed letter accepting the award. Publication of participants’ personal data upon consent The SJU may publish upon consent of applicants, in whatever form and on or by whatever medium, the following information: a) the name of the short-listed applicants; b) the general purpose of the activities of the short-listed Applicants and/or the winner in relation to the award of the Prize in the form of the summary provided by the short-listed Applicants and/or the winner; c) the geographic location of the activities carried out; d) videos or other promotional material from the award ceremony; e) present their research at SESAR JU events The name of the winner and amount of prize awarded shall be published according to article 207(5)(1) of the Financial Regulation. Applications are made available to appointed members of the evaluation committee in electronic versions. Upon termination of the evaluation process, the Legal & Procurement sector stores all copies of the applications and originals, as applicable, in the Legal archives. The electronic version of the application is saved in IDMS. Only members of IDMS groups having access to the relevant sites and libraries therein may handle the prize documentation.
Processed data	Education	Legal obligation (article 5 (b) of regulation 2018/1725), decision of the administrative board, ref. adb (d) 21-2019 of 9 october 2019 (the “sju financial rules”), regulation (eu, euratom) 2018/1046 on the financial rules applicable to the general budget of the union, public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	Data regarding non-selected applicants are kept for 5 years. Data regarding short-listed applicants and winners are kept for 10 years. Declaration of honour and its supporting documents are deleted after 2 years. years
	Financial information	Legal obligation (article 5 (b) of regulation 2018/1725), decision of the administrative board, ref. adb (d) 21-2019 of 9 october 2019 (the “sju financial rules”), regulation (eu, euratom) 2018/1046 on the financial rules applicable to the general budget of the union, public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	Data regarding non-selected applicants are kept for 5 years. Data regarding short-listed applicants and winners are kept for 10 years. Declaration of honour and its supporting documents are deleted after 2 years. years
	Juridic data	Legal obligation (article 5 (b) of regulation 2018/1725)	Data regarding non-selected applicants are kept for 5 years. Data regarding short-listed applicants and winners are kept for 10 years. Declaration of honour and its supporting documents are deleted after 2 years. years
	Personal details	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725, decision of the administrative board, ref. adb (d) 21-2019 of 9 october 2019 (the “sju financial rules”), regulation (eu, euratom) 2018/1046 on the financial rules applicable to the general budget of the union, legal obligation (article 5 (b) of regulation 2018/1725)	Data regarding non-selected applicants are kept for 5 years. Data regarding short-listed applicants and winners are kept for 10 years. Declaration of honour and its supporting documents are deleted after 2 years. years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	A paper copy is made and saved in a paper file. The paper file is archived in a locked cupboard., Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Obligation of confidentiality of the staff, Signature of absence of conflict of interest , Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	EU institutions and bodies: Financial Identification Form and Legal Entity Form of the awarded are transmitted to the European Commission in order to be included in the third party file of the ABAC System for electronic transactions., The general public: In case the SJU shall publish the information mentioned above in the description of processing, Designated SJU staff members:
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	29.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Recruitment of temporary agents and contract agents and renewal, or not, of their contracts

Reference number	2
Data subject category	Contractual and temporary agents whose contract is renewed or not, Selected candidates for recruitment as contractual agents and temporary agents
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is the recruitment of temporary and contractual agents and the renewal of their contracts in compliance with Staff Regulations and CEOS as well as the implementing rules of selection and recruitment of the indicated staff.
Description	Recruitment: Data is collected by the HR Sector both by the application form and the recruited candidate and used by the HR team to prepare the contract of the recruited candidate and to collect the information required by the Staff Regulation and CEOS. The data is sent by email to the Office for the Administration and payment of individual entitlement (PMO) for the calculation of the employee’s rights and it is received also by the Appointing Authority. The data is stored manually and electronically. Paper documents are stored safely in a locked cabinet in the HR secured office, birth certificate and criminal records have to be provided in paper as originals. The rest of the documents might be received as electronic files and they are stored in SJU share drive protected by management of access rights. Renewal/non-renewal at the request of the service: The line manager of the concerned staff drafts an evaluation note containing inter alia an opinion on whether the jobholder is suited to continue to occupy the post based, in particular, on the latest available Careen development Review as well as the previous ones. The HR sector submits the proposal and evaluation note together with its comments to the Authority Authorised to Conclude Contracts (AACC). The AACC drafts a letter of intention specifying the reasons of non-renewal to be addressed to the person concerned indicating that comments can be provided within a specified time frame. Comments can be provided by email or hardcopy and are stored in the personal file of the staff member, the shared drive and the HR office safe. Upon expiry of the deadline, the AACC takes a decision. The HR sector informs the jobholder of the outcome of the decision and provides the jobholder with the renewal of his/her contract or the letter confirming the ceasing date of the contract. Non-renewal at the request of the agent (‘voluntary non-renewal’) When the agent does not wish his/her contract to be renewed the person concerned signs a declaration. Subsequently the HR Sector files the signed declaration in the personal file and sends a copy to the EC Office of Administration and Payments (‘PMO’) to allow the establishment of the staff’s entitlements under the Staff Regulation and CEOS. Non-renewal of contract and maternity leave/pay Where the contract cannot be renewed, the HR Sector should assist the person concerned in ensuring her rights to maternity leave and pay. As soon as the beginning of maternity leave is known, the HR Sector sends an e-mail to the PMO providing the following information under article 17 of the CEOS: 1) The date of the beginning and the end of maternity leave; 2) The end date of the contract. Medical aspects When the SESAR JU believes that a person is physically or mentally sick and the SESAR JU wishes to proceed with the non-renewal procedure, the AACC has to obtain proof that the person concerned is capable of effectively (mentally and physically) taking part in the procedure. In such cases, the HR Sector requests the Medical Service to issue a written opinion, that the person is able to take part in the procedure. Determining the whereabouts of the person Any staff member is required to notify his/her address (article 20 of the Staff Regulations). When sending letters to the private address of an absent colleague, the HR Sector ensures that the person concerned has not requested and obtained permission from the AACC to spend sick leave elsewhere than at the place of employment (article 60 of the Staff Regulations).
Processed data	Health data	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding recruited staff and staff whose contract is not renewed will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and destroyed earlier if they have been checked by the Court of Auditors. years
	Juridic data	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding recruited staff and staff whose contract is not renewed will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and destroyed earlier if they have been checked by the Court of Auditors. years
	Profession	Article 2 (a) and (f), 3(a), 12, 82 and 86 of the conditions of employment of other servants of the eu (ceos) , decision 25 of sju administrative board of 9 october 2009 on general implementing provisions on the procedure governing the engagement and the use of temporary agents at the sesar joint undertaking , decision 27 of sju administrative board on general implementing provision on the procedure governing the engagement and the use of contract staff at sesar joint undertaking , decision 06 of sju administrative board of 16 june 2016 laying down general implementing provisions on the procedure governing the engagement and use of temporary staff under article 2(f) of the conditions of employment of other servants of the european union , articles 8 and 47 for temporary agents and articles 85 and 119 for contract agents of the ceos , decision 06 of the sju administrative board of 16 june 2016 on general implementing provisions on the procedure governing the engagement and use of temporary agents under art 2(f) ceos, decision 27 of sju administrative board on general implementing provision on the procedure governing the engagement and the use of contract staff at sesar joint undertaking and in particular its article 2a, contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding recruited staff and staff whose contract is not renewed will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and destroyed earlier if they have been checked by the Court of Auditors. years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	EU institutions and bodies: The PMO will receive the information necessary to define the establishment of the recruited staff entitlements under the Staff Regulation and CEOS., Designated SJU staff members: Appointing Authority, HR team, managers of staff concerned
Joint controllers	European Commission
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	22.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Registration of participants to SJU events (physical, online or hybrid)

Reference number	51
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), General audience, in particular, data subjects receiving the event invitation
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	a) Register participants to the SJU physical, online or hybrid events b) Contact participants via email, SESAR mobile app, SESAR e-marketing tool, in advance of and after the event to provide relevant information; c) Create networking opportunities through the sharing of participants contact details d) Store registration details of participants for maintenance of SESAR JU historical database of past events
Description	The processing of personal data starts from the moment that a data subject receives an informative email on the event. Interested participants enter their registration data into a form on the SESAR JU website. These data are stored on the SJU website. The SJU External Affairs & Communication team can download the data and export it into excel. This export is required to retrieve the data for sending the pre/post event related content as mentioned above. In the case of webinars, registration may be done directly in Livestorm. In this case, registration data are stored within Livestorm. The SESAR JU uses this data to contact participants about the event. The registration is sent to the participants using either: Flexmail (our e-marketing tool) as an individual email or Outlook - in this case, the “resource” function (BCC effects) is used, so that the email addresses are not visible to other participants or With certain platforms (e.g. Livestorm or Zoom) links can be sent only directly via the web-conferencing platform Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless consent is given by the participants in advance, in the registration form. The registration form may include the following opt in options: Consent to be added to the SESAR JU newsletter Consent to share details with the other event participants (name, organisation, job title and email) Consent to have photos/video of participants taken and uploaded in the SJU website, newsletter, YouTube and social media channels On some occasions, the SESAR JU entrusts external service providers to process personal data for the purpose of registering participants to the event: Flexmail is normally used to send the invitation to the participants (https://flexmail.be/en/privacy-policy) Livestorm is used for webinars (https://livestorm.imgix.net/1127/1622464115-privacy-policy-livestorm.pdf) In certain cases the link will be sent directly via the web-conferencing platform (e.g. Zoom, Webex etc.). In such cases the platform will act as a processor. You will be notified prior to the event in such case and the platform's specific privacy notice will be shared with you.
Processed data	Personal details	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	For the lifetime of SESAR JU
Processors	Livestorm platform (EEA)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedoms of other data subjects, and foreseen in the upcoming sju decision on restrictions.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Data subject themselves: , Designated SJU staff members: Staff members of the SJU External Affairs & Communication team, Processor: Flexmail
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	11.10.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: SESAR JU newsletter

Reference number	18
Data subject category	General public subscribed to the SESAR JU newsletter
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The processing of personal data serves the purpose of establishing a list of email addresses to which the newsletter is sent in order to keep SESAR JU stakeholders and interested parties up to date with the latest news, activities and upcoming events of the SESAR JU with the possibility of more targeted ad-hoc mailings based on the company that the subscriber is working for (e.g. sending an email to all subscribers that are part of SJU members' organisations).
Description	The processing of personal data in the frame of e-news is automated and starts from the moment that data subject subscribe to it. Initial registration of interested parties and stakeholders is performed via an opt-in form on the SESAR JU web site. Data subjects may also be included in the newsletter list when registering for an event. In the event registration form data subjects have the choice to consent and opt-in to receiving the SESAR JU newsletter. The mandatory information consists of data subject’s name, email address and company name. Function in the company is optional. The registration form fully describes the purpose of the registration and contains links to Data protection and Legal notice as well as an “I accept” button. Once completed, an email is sent to the data subject that recaps all information entered by the data subject, inviting them to confirm registration. The data subject information is then added to the e-news list. The SESAR JU uses this data to sent monthly newsletters and other announcements to the subscribed. Email addresses will not be shared for other purposes other than sending the newsletters. The SESAR Joint Undertaking uses the online platform Flexmail (privacy policy) for creating and distributing the newsletter. For each contact, the “source” of the consent is indicated in Flexmail in order to trace back to the source of how and when consent was provided. The service with Flexmail is managed via the SESAR JU’s service contract with 20 STM. Data subjects can at any time: - Check and update their personal data via the ‘edit profile’ link available on every e-mail being sent out by the Flexmail system. - Unsubscribe from the newsletter via the ‘unsubscribe’ link available on every e-mail being sent out by the Flexmail system. The SESAR JU entrusts external service providers to process personal data for the purpose of the newsletter: 20 Seconds to Midnight (20STM) on the terms described in the FW service contract SJU/LC/0352-CRT https://20stm.cdn.prismic.io/20stm/61e149b2-6ac3-4399-ab99-c05592353490_privacy_and_cookie_policy_for_20_Seconds_to_Midnight.pdf Flexmail for creating and distributing the newsletter (https://flexmail.be/en/privacy-policy)
Processed data	Personal details	Explicit consent article 5 d) of regulation 2018/1725	Subscribers’ contact data are stored until a subscriber asks to be removed from the list.
Processors	Flexmail platform (EEA)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedoms of other data subjects, and foreseen in the upcoming sju decision on restrictions.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure communication channel between server and client, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	External contractors under framework contract with the European Commission : 20STM (Flexmail tool), Designated SJU staff members: Members of the SESAR JU External Affairs and Communications team
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	11.10.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: SESAR JU whistleblowing procedure

Reference number	48
Data subject category	Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), JU Staff: temporary, JU Staff: contractual, Interim staff, Seconded national experts, Seconded personnel from SJU Member
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The reporting of irregularities (illegal activities, including fraud and corruption, and serious professional wrongdoings) by staff members in line with ADB Decision 12-2018 on Guidelines on Whistleblowing
Description	The processing activity involves guiding potential whistleblowers, establishing reporting channels for whistleblowers, managing and following-up reports of wrongdoings and ensuring protection for whistleblowers, the alleged wrongdoers, the witnesses and the third parties appearing in the report. Whistleblowers may proceed anonymously, but they are encouraged to mention their identity to allow their effective protection against retaliation. This will also allow a better management of the file if further information would be necessary. The identity of the whistleblower who reports serious wrongdoings or irregularities in good faith shall be treated with the utmost confidentiality. This means that their name will not be revealed to the person(s) potentially implicated in the alleged wrongdoings, or to any other person without a strict need to know basis, except in certain exceptional circumstances if the whistleblower personally authorises the disclosure of his/her identity or if this is a requirement in any subsequent criminal law proceedings. Particular care will be taken during staff appraisal and reclassification procedures to ensure that the whistleblower suffers no adverse consequences in this context. Accordingly, the appraisal system provides for the possibility of the whistleblower to ask that the role of appeal assessor is taken on by the Chair of the SJU Administrative Board. The reporting of wrongdoings can be done internally to an immediate superior or to the Executive Director or, alternatively, to the Chair of the Administrative Board or to OLAF. The receiver of this information is obliged to transmit it to OLAF. As a last resort, whistleblowers may turn to other entities from other EU institutions (the President of the Council, or of the European Commission, or of the European Parliament, or of the European Court of Auditors, or the European Ombudsman).
Processed data	Personal details	Public interest article 5 a) of regulation 2018/1725, articles 22a and 22b of the staff regulations, sju administrative board decision (d)12-2018 ‘guidelines on whistleblowing’	Personal data will be retained until the case is closed by OLAF and no appeals are possible. If a judicial or administrative procedure is still ongoing, personal data will be retained until their closure and end of any possible appeal.
Processors	n/a
Restrictions of data subject rights	in certain cases, informing the person against whom an allegation has been made at an early stage may be detrimental to the case. the provision of a possible restriction in this manner is foreseen in the upcoming sju decision on restrictions, as laid down in article 25 of regulation (ec) 1725/2018 only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of others. deferral of information will be decided on a case by case basis.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Data not displayed to the wider public, Obligation of confidentiality of the staff, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis, Whistleblower can request the Chair of the SJU Administrative Board to act as appeal assessor within the frame of staff appraisal and reclassification procedures
Recipients	Designated SJU staff members: Authorised staff members of the Human Resources Department, immediate superior of whistleblower, Executive Director, Internal Audit Capability, alleged wrongdoer (only if the whistleblower personally authorises the disclosure of their identity to them). If the alleged wrongdoer belongs to one of these recipient groups, information will be disclosed to him/her only upon the whistleblower's authorisation., EU institutions and bodies: OLAF, President of the Commission, the Council, the Parliament, the Court of Auditors or the Ombudsman, Other: Chair of the SJU Administrative Board
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	30.07.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: SESAR mobile App

Reference number
Data subject category	Participants at the event
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	For SJU most important events, this app will be used to help participants to plan, attend, follow the event as well providing them opportunities for networking with other participants.
Description	For SESAR JU most important events (two to three per year) the SESAR mobile app is available for download/access to anyone interested in following the SESAR event activities online. The use of SESAR JU mobile app is NOT mandatory, it is a complement offered by the SJU, and helps participants to plan, attend, follow the event as well providing them opportunities for networking with other participants. When downloading and signing-up for the mobile app, users will provide their email address and their name. Only the name is shared by default with other participants. If a user wants to share more information, he or she can add other personal data such as organisation, function, linkedin account, etc. An attendee can also choose not to be visible to another attendees. Information stored in the SESAR JU mobile app will not be used for any other purpose. The SESAR mobile application is hosted on a platform created by a company called Whova. The SJU’s contract with this company is managed by 20STM. Users of the SESAR mobile application are asked to adhere to the privacy policy terms set by Whova and that describes how data are used and stored and how to remove their data from the SESAR JU mobile app (you can read their privacy policy in: https://whova.com/privacy/).
Processed data	Other	Explicit consent article 5 d) of regulation 2018/1725	Registration data in SESAR mobile App is stored on the mobile application for a period of 12 months. After which, it is deleted.
	Personal details	Contractual obligation article 5 c) of regulation 2018/1725 , explicit consent article 5 d) of regulation 2018/1725	Registration data in SESAR mobile App is stored on the mobile application for a period of 12 months. After which, it is deleted.
	Profession	Explicit consent article 5 d) of regulation 2018/1725	Registration data in SESAR mobile App is stored on the mobile application for a period of 12 months. After which, it is deleted.
Processors	Whova platform (EEA)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure communication channel between server and client
Recipients	Data subject themselves: , External contractors under framework contract with the European Commission : 20STM and/or TMAB, Other: Other attendees to the event, but only for those personal details that the Data Subject agreed to share with other attendees, Other: Users of SESAR Mobile App (limited data)
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: SESAR virtual challenge

Reference number
Data subject category	On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), Staff JU and other EUIs (temporary agents, contract agents, seconded national experts)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	During 60 days (between 13/10/2020 and 10/12/2020), SJU staff members are invited to participate and contribute to the SESAR 2020 Virtual challenge. Under this challenge, SJU staff may accumulate kilometres by engaging in a number of sport and social activities.
Description	During the time of confinement and teleworking given the social distancing constraints posed by the Covid-19 sanitary crisis, the SJU Communication team decided to launch challenge that would engage the staff collectively: the SESAR 2020 Virtual Challenge – a virtual tour of SESAR JU members in 60 days. The registration of the data subject, with the voluntary indication of personal data (name and SESAR JU email), is intended to enable the processor to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. By registering on the website, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.The registration of the data subject, with the voluntary indication of personal data, is intended to enable the processor to offer the data subject specific contents or services regarding the SESAR virtual challenge. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted by the processor.The data processor shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data processor shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations. The challenge is open for all SESAR JU staff to join and accumulate kilometres by engaging in a number of activities i.e. Team sports (e.g. football, rugby, basketball…), individual sports (e.g. cycling, gym session, yoga, Pilates, tennis, badminton…), water sports (e.g. swimming, sailing, aqua aerobics…), coming to the office by bike or on foot instead of taking the car or other social activities within the SESAR JU (e.g. joining the SESAR social coffee, helping out a colleague, having a face-to-face socially distanced coffee with a colleague). This challenge is an optional activity and staff are free to choose how much or how little information they choose to enter into the system. If the staff wishes, the virtual challenge may be set up as a fundraiser for the European Food Banks Federation to help people who are in need as a consequence of the COVID-19 crisis. Data subjects are requested to set their privacy settings within their account to ensure that the data is not publicly visible. This is done via: “My account” > “My settings” > “Privacy” > Set a restricted or private activity
Processed data	Hobbies and interests	Explicit consent article 5 d) of regulation 2018/1725	Personal data will be deleted after the end date of the initiative i.e. December 10
	Personal details	Explicit consent article 5 d) of regulation 2018/1725	Personal data will be deleted after the end date of the initiative i.e. December 10
Processors	20 Seconds to Midnight (20STM) (EEA) www.myvirtualmission.com and www.theconqueror.events servers
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
Recipients	The general public: Some photos and imagery will be shared on SESAR JU social media pages – LinkedIn and Twitter – as well as the SESAR eNews, Countries for which there is an adequacy decision: New Zealand, where the processor's servers are located
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	04.12.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: SJU Learning & Development Database

Reference number	33
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), Interim staff
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operation is the creation and management of the SESAR JU Learning & Development database: (a) to follow-up on attendance of SJU employees in mandatory Learning Courses in order to: - keep a training history of the SESAR JU staff, - ensure that staff members have equal training opportunities by attending the same number of trainings, and - ensure that staff members have participated in the mandatory trainings foreseen in the IC/20-082 Learning and Development Policy of the SESAR JU (b) to monitor the training budget and ensure that the budget threshold dedicated to the organisation's trainings is not exceeded.
Description	The SESAR JU Learning & Development database is an excel table stored in IDMS with restricted access rights and contains the personal data mentioned below. Personal data is extracted from the EU Learn platform (privacy policy). HR Officers have access to all trainings booked in EU Learn by SJU staff and can extract excel reports with the staff’s training information. Subsequently this data is entered in the SESAR JU Learning & Development Database. In certain cases, staff undertake trainings organised by third parties for which they subscribe in the framework of a mission. In these cases, the finance team provides information related to the training provided, dates and associated costs. Subsequently this data is entered in the SESAR JU Learning & Development Database. When information is not available in the above sources, personal data may be collected from hard copies related to training activities, which are archived in the HR office, or directly by asking the staff member concerned. Personal data collected from the sources above, are only stored locally by the staff member responsible for completing the SESAR JU Learning & Development Database and until the information is entered therein. They are deleted right after their entry in the database and not processed for further purposes. The SESAR JU processes data related to trainings undertaken by contractual agents, temporary agents, trainees, seconded national experts, interim staff, programme management unit staff and staff seconded from members. On an exceptional basis, contractors' staff working at SESAR JU premises may attend specific SESAR JU mandatory trainings in the interest of service. This data is also processed by the SESAR JU.
Processed data	Personal details	Administrative board decision adb (d) 17-2019, establishing the framework of the sesar ju learning and development policy, public interest article 5 a) of regulation 2018/1725	1 year after the end of the employment contract within the SESAR JU or mission at the SESAR JU (in case of contractor, interim staff or PMU staff) year
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Designated SJU staff members: HR officers and designated staff members responsible for completing the database
Joint controllers	European Commission
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	22.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Selection of the SJU Members for secondment of their staff and implementation of secondment agreement

Reference number	29
Data subject category	Staff member, employed by the SJU member
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is a) assessment of applications, submitted by the SJU Members in response to the calls for expression of interest for secondment in the SJU; b) implementation of secondment agreements.
Description	Initially, the data is collected electronically through the dedicated functional mailbox cei@sesarju.eu. The SJU Members, interested in the call for expression of interest for the selection of SJU Members for provision of seconded staff in the relevant domains of expertise, submit their applications. Applications include personal, professional and educational data through CVs, relevant education and training supporting documents (diplomas, certificates etc.). The Evaluation Committee is appointed by the SJU’s Authorizing Officer and composed of SJU staff and of EUROCONTROL staff for those cases where the application received relates to a EUROCONTROL staff. The Evaluation Committee has access to these applications for the purpose of their evaluation and recommendation of the SJU Member for award of a secondment agreement. Such access is restricted and is provided through IDMS or Outlook, as necessary. A specific annex to the secondment agreement, signed with the selected SJU Member, includes financial and employment related personal data (such as salaries, allowances of the seconded staff). Such data is also provided in the SJU Member’s cost claims, which are processed by the responsible OIA/OVA and Finance sector. Invoices are registered by the SJU Reception services. Personal data, related to SJU Members’ applications, is stored electronically in the relevant Outlook folders and IDMS with restricted access to Legal sector’s members and the appointed Evaluation Committee members and OIAs. Paper copies of the applications are store in the SJU Procurement and Legal Sector’s archives under lock and key. The signed secondment agreement is locked in the Legal safe. The cost claims/invoices of the SJU Members are kept by the Finance sector in the locked cupboards only accessible to them.
Processed data	Education	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding selected applications will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding the implementation of the secondment agreement (invoices) will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding non-selected applications will be kept for five years from the date of the notification of the outcomes of the evaluation procedure. years
	Financial information	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding selected applications will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding the implementation of the secondment agreement (invoices) will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding non-selected applications will be kept for five years from the date of the notification of the outcomes of the evaluation procedure. years
	Personal details	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding selected applications will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding the implementation of the secondment agreement (invoices) will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding non-selected applications will be kept for five years from the date of the notification of the outcomes of the evaluation procedure. years
	Profession	Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725	Data regarding selected applications will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding the implementation of the secondment agreement (invoices) will be kept for ten years after the last financial transaction or the termination of secondment agreement, the latest date prevailing. Data regarding non-selected applications will be kept for five years from the date of the notification of the outcomes of the evaluation procedure. years
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of others, and foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Designated SJU staff members: Designated members of the Legal & Procurement team, members of the Evaluation Committee, designated members of the Finance sector, responsible agents as per the financial workflow defined in the matrix, Other: Eurocontrol PMU, when the responsible OIA/OVA is a member of Eurocontrol PMU
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Skype for Business

Reference number	39
Data subject category	Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff), Interim staff, Seconded personnel from SJU Member, SJU Staff (temporary agents, contract agents) and seconded national experts, On-site contractors at SJU premises
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing activity is the internal communication (calls, meetings, chats) between SESAR JU staff
Description	*Call Logs* What This Feature Does: Call Logs enables the user to store a record of their Skype for Business voice calls in a Microsoft Outlook folder. Information Collected, Processed, or Transmitted: Information about voice calls, such as the start time, end time, duration, and call participants, will be stored in the Outlook Conversation History folder. Meeting subject and location can also be logged by selecting Outlook as the personal information manager on the Personal tab of the Options dialog box. Call Logs does not store the content of voice calls. No information is sent to Microsoft. Use of Information: The user can use Call Logs to track and view their call history. The content of voice calls is not stored. *Contact Card* What This Feature Does: The Contact Card displays contact, presence, and location information about you and the people within your organization, in both Skype for Business and recent versions of Outlook. The contact card also provides one-click access to communicate with someone. For example, you can send an instant message, start a call, or send an email message directly from someone’s contact card. Information Collected, Processed, or Transmitted: The static information in the Contact Card is collected from the enterprise’s corporate directory (such as Active Directory). The dynamic information, such as calendar free/busy information is retrieved from Microsoft Exchange Server; telephone numbers can be retrieved from the corporate directory or entered manually by the user; and presence information is managed by Skype for Business using the Outlook Calendar (if enabled by the user) or entered manually by the user. The Lync server shares this information with other people within the organization. No information is sent to Microsoft. Use of Information: The Contact Card is used to view the contact, location and presence information of people within the organization. The amount of information displayed to a user’s Skype for Business and Outlook contacts can be controlled by setting “privacy relationships” and enabling or disabling Privacy Mode Calendar information: You can control if users see your calendar information via the “Change permissions for viewing Free/Busy information" in the Microsoft Outlook options menu. *Conversation History* What This Feature Does: Conversation History allows you to store previous, recent, or missed instant message conversations and statistics about your voice conversations (such as date, time, duration and caller information) in the conversation history folder of Microsoft Outlook and retrieve them via the Conversations tab in Skype for Business. Information Collected, Processed, or Transmitted: The content of instant-message conversations and statistics about voice conversations (such as date, time, duration and caller information). The content of voice calls and presentations is not stored. No information is sent to Microsoft.
Processed data	Personal details	Public interest article 5 a) of regulation 2018/1725	Chat messages are stored in the Skype for Business client, only until the user closes the client or the computer is restarted. Unread Skype for Business messages are sent to MS Outlook as a notification, and chat conversations are stored in the conversation history folder of MS Outlook. This data is stored in the user's mailbox and retained until users delete them or their MS Outlook account is terminated. The content of voice calls and presentations is not stored.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of others, and as foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis, Windows 10 access to an active user account: Password renewed every 40 days
Recipients	Data subject themselves: , EUROCONTROL: Designated staff of SJU IT responsible of SJU ICT supplier (=EUROCONTROL) for system operation and maintenance, in case of troubleshooting or investigation of security incidents
Joint controllers	EUROCONTROL
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	07.05.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Social media monitoring

Reference number	26
Data subject category	Internet users whose posts and other social media activity are analysed
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The SESAR JU monitors social media in order to understand how it is discussed and perceived in social media so that we can take into account the needs of the general public in our communications. To this end, like other public institutions, we analyse social media activity related to our tasks and monitor the use of our own social media channels. The conclusions drawn from this processing help shape the SJU’s reputation, communication strategy and a more effective and efficient public communication.
Description	The external provider collects and analyses data from public posts by social media users on different social media channels, and tracks different online sources including fora, blogs and online news websites. The external provider (privacy policy) only processes information that is publicly available. While the external provider collects the categories of personal data listed, SESAR JU only analyses some of these data. We mostly use aggregate data for this analysis, in the shape of a daily alert and annual report from the contractor. However, individual quotes may be captured as examples and used to describe the general attitude towards the SESAR JU in social media. These quotes will be limited to those of individuals who publish posts about the SESAR JU in their professional capacity or those of influencers. The daily and annual report is safely stored in restricted areas of the share drive and document management system (IDMS) of the SJU, stored locally. Only members of the External Relations Communication & Global Outreach team and the Executive Director have access to these areas of the share drive and IDMS.
Processed data	Other	Public interest article 5 a) of regulation 2018/1725	Reports containing personal data will be stored for a maximum of five years and will then be destroyed/deleted. Upon the instructions of the SESAR JU, the external provider will delete the results of searches after a period of six months. Automatic backups will also be deleted from the provider’s servers after six months. days
	Personal details	Public interest article 5 a) of regulation 2018/1725	Reports containing personal data will be stored for a maximum of five years and will then be destroyed/deleted. Upon the instructions of the SESAR JU, the external provider will delete the results of searches after a period of six months. Automatic backups will also be deleted from the provider’s servers after six months. days
Processors	Servers of external provider: Web server, Twitter, Youtube, Mobile App, LinkedIn (EEA, External contractors are bound by data protection clauses standard to all contracts issued by the European institutions and other bodies when processing personal data on behalf of the SJU.)
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedoms of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Obligation of confidentiality of the staff, Secure communication channel between server and client, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Designated SJU staff members: Members of the External Relations Communication & Global Outreach team and the Executive Director , Processor: EU-Turn on the terms described in the FW service contract SJU/LC/0352-CRT Lot 1 on Strategic communications and its subcontractor Talkwalker
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	16.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Staff Appraisal

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is to meet the requirements of the Staff Regulations related to the assessment of the staff member’s efficiency, competencies and conduct in the service. It is intended to provide regular and structured feedback in order to improve performance and contribute to the future professional development of the staff. Every temporary, contract agent and SNE staff is subject of a yearly appraisal exercise.
Description	The processing operation is conducted yearly both manually and electronically. The launch of the exercise is made electronically (by e-mail). The staff member/ jobholder receives in his e-mail an invitation from the reporting officer to complete a self-assessment within a certain time frame (template is provided). The staff member and the reporting officer hold a dialogue and this report is updated in light of the agreed objectives and job description of the staff member. The finalised report is handed over personally by the jobholder to the HR service. The finalised report (hard copy signed by all parties) is filed by HR in a folder containing all the reports and which forms part of the staff member's personal file. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The staff member keeps a copy of this file. A scanned copy is also stored in the share drive which is protected by a restricted access to the HR Service, including HR management.
Processed data	Education	Public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
	Other	Public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
	Personal details	Public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
	Profession	Public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	EU institutions and bodies: European Court of Auditors, European Court of Justice, SJU internal auditor, Internal Audit Service of the EC.
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Staff reclassification (TA-CA)

Reference number	6
Data subject category	JU Staff: temporary, JU Staff: contractual
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	Personal data are processed solely for the purpose of the performance of the reclassification exercise, that is to assess the efficiency and eligibility of the staff members (Temporary Agents and Contract Agents) for their reclassification following the appraisal procedure.
Description	The reclassification exercise is organised every year and launched by the Administration Affairs by an information circular, only once the appraisal exercise organised in the same year has been finalised. Personal data are processed in a manual way. The Executive Director and the Chiefs examine the comparative merits of the staff members eligible for reclassification, prepare a list of staff members proposed for reclassification, communicate this list to staff concerned (TAs and CAs) and forward it to the Joint Reclassification Committee. Staff concerned may submit complaints by email (stored in the reclassification exercise file in a restricted folder in the share drive ) or hardcopy in a sealed envelope (stored in a locked cabinet in the HR office). The Joint Reclassification Committee sends the list of staff members recommended for reclassification and any complaint received to the Authority Authorised to Conclude Contracts of Employment (AACCE). The AACCE carries out a final comparison of the merits of the eligible staff members and adopts the list of staff members reclassified. The list of staff members reclassified is published by means of an information circular. The Joint Committee shall examine each reclassification exercise. Members of the Joint Committee may have access only to limited data such as name and contract type shared with the information circulars as described above.
Processed data	Education	Decisions adb (d) 14/2019 and adb (d) 15/2019, adopted on 4 november 2019, laying down general implementing provisions regarding article 54 and 87(3) of the ceos , article 82(3)(e) of the ceos , public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
	Personal details	Article 54 and 87(3) of the conditions of employment of other servants of the european union (ceos) , decisions adb (d) 14/2019 and adb (d) 15/2019, adopted on 4 november 2019, laying down general implementing provisions regarding article 54 and 87(3) of the ceos , public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
	Profession	Article 54 and 87(3) of the conditions of employment of other servants of the european union (ceos) , decisions adb (d) 14/2019 and adb (d) 15/2019, adopted on 4 november 2019, laying down general implementing provisions regarding article 54 and 87(3) of the ceos , public interest article 5 a) of regulation 2018/1725	Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	A paper copy is made and saved in a paper file. The paper file is archived in a locked cupboard., Access control and technical measures such as physical locks and/or secure connections and firewalls, Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Data subject themselves: , Designated SJU staff members: Human Resources staff members, Chiefs of the teams, Joint Reclassification Committee, Joint Committee and contract and temporary agents of the SJU (only the list of the staff proposed and being reclassified)
Joint controllers	n/a
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	22.04.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Staff selection- Temporary agents, Contract Agents, Seconded National Experts and trainees

Reference number	1
Data subject category	Applicants for contract agents, temporary agents, seconded national experts and trainees positions according to vacancy notices or call for interest within the SJU.
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is to conduct the procedure leading to the selection of contractual agents, temporary agents, seconded national experts and trainees.
Description	In the context of a call for interests, applicants send their CVs containing personal data to a functional mail box created specifically for each vacancy notice. In case of spontaneous application, CVs are normally sent to the functional mailbox indicated in the website of SJU for this purpose. Occasionally, mails can be received directly by HR officers that then forward the email to the functional mailbox for spontaneous application. Spontaneous applicants receive an acknowledgement of receipt of the email, containing also information about data protection. The data is collected by the HR Sector and used by the HR team for the purposes of the selection process. Members of the Selection Boards and the Appointing Authority receive the CVs by email and proceed with the evaluation of the candidates. Occasionally members of the Selection Board might be external to SJU (it might be representatives of DG MOVE or EUROCONTROL staff members working at SJU). In case of reserve list, also the Line Manager (relevant Chief or Head of team) has access to the data. Once the evaluation is concluded, the Appointing Authority receives the Recommendation of the Selection Board containing an evaluation of the applicants and the CVs of both pre-selected and non-selected candidates. Digital versions of the CVs and of the evaluation grids are stored in the SJU network share drive, accessible only to HR team members. A paper copy of the documents are stored safely in a locked cabinet in the HR secured office. The data are also present in the functional mailboxes; these mailboxes stay available for members of the HR team and are then archived by the ICT services of SJU once a year.
Processed data	Education	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	Data regarding recruited applicants will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Data regarding non-recruited applicants but placed on a reserve list will be kept for five years after the end of validity of the reserve list and possible extension Data regarding non-recruited applicants will be kept for five years from the date the data subject becomes aware of the result of the selection procedure. Data received through spontaneous applications will be kept for two years. Data are deleted after the above referred periods.
	Personal details	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	Data regarding recruited applicants will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Data regarding non-recruited applicants but placed on a reserve list will be kept for five years after the end of validity of the reserve list and possible extension Data regarding non-recruited applicants will be kept for five years from the date the data subject becomes aware of the result of the selection procedure. Data received through spontaneous applications will be kept for two years. Data are deleted after the above referred periods.
	Profession	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	Data regarding recruited applicants will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Data regarding non-recruited applicants but placed on a reserve list will be kept for five years after the end of validity of the reserve list and possible extension Data regarding non-recruited applicants will be kept for five years from the date the data subject becomes aware of the result of the selection procedure. Data received through spontaneous applications will be kept for two years. Data are deleted after the above referred periods.
	Results of the selection process	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	Data regarding recruited applicants will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Data regarding non-recruited applicants but placed on a reserve list will be kept for five years after the end of validity of the reserve list and possible extension Data regarding non-recruited applicants will be kept for five years from the date the data subject becomes aware of the result of the selection procedure. Data received through spontaneous applications will be kept for two years. Data are deleted after the above referred periods.
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
Recipients	Designated SJU staff members: Members of Selection Boards, Appointing Authority, In case of reserve list, Line Managers, EU institutions and bodies: If appropriate, other EU institutions process the data: Representatives of DG MOVE may be appointed as members of the Board of Selection and they receive all the data contained in CVs and contributed to the evaluation grids. The purpose of this transfer is to ensure the selection of staff according to Article 2 of the Annex of Decision 06-2016. The European Court of Justice in case of disputes, and the European Court of Auditors and the SJU Internal Audit (the IAS of the EC) and the SJU Internal Audit Capability in the context of the audit work they perform. , European Commission and its services: DG EAC only with regards to blue book trainees
Joint controllers	EPSO, European Commission (DG EAC)
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	01.02.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: Webinars and online events conducted via web conferencing platforms

Reference number	17
Data subject category	Participants at the online event/webinar, Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member), On-site contractors and interim staff at JU premises, Trainees (blue book and atypical), Programme Management Unit (EUROCONTROL staff)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	a) Create audio/video recordings of the online event(s) b) Publish event recordings on SESAR JU website, newsletter, YouTube and online social media channels c) Store the video and audio recordings of the event d) Enable the SESAR JU to track and analyse participation at its online event(s) in order to better manage webinars in the future
Description	Webinars of virtual/online events are conducted using different web conferencing platforms. The recordings of the events are stored on the SESAR JU shared communications drive (only the External Affairs and Communication Team has access to this drive) and may be published in the SESAR JU website, newsletter, social media channels and YouTube channel. Participant information is not shown in the recordings, only the speaker names and organisation. We may also ask the contractor to do an analysis of the event participants after the event, for example average length of time attending the virtual event, stakeholder type or geographic reach of the event participants. The report is anonymous and only aggregated data are used to compile it. The web conferencing platform used may collect some data on the browser experience of participants, such as their IP address, the event they visited, when they visited, the webpage they were redirected from and for how long they attended the event. More information can be found in the platform’s respective privacy notice. When completing the registration form, participants are asked to adhere to SESAR JU's terms and conditions, as well to confirm having read the specific privacy notices for webinars and the specific web conferencing tool used at the time of the event (for example: Livestorm, Webex, Zoom ). Their respective privacy notice with detailed information on how they process personal data is shared with the participants before the event. On some occasions, the SESAR JU entrusts external service providers to process personal data for the purpose of managing the event: TMAB Business Events, on the terms described in the FW service contract SJU/LC/0352-CRT Lot 3 on event communications. 20 Seconds to Midnight (20STM) on the terms described in the FW service contract SJU/LC/0352-CRT Lot 2 Digital communications, specifically, on the audio-visual coverage of events. The web conferencing platform used for the event will also act as processor. Below a non-exhaustive list of the platforms used for the SJU events so far: Livestorm: https://livestorm.co/privacy-policy/ Webex: https://trustportal.cisco.com/c/dam/r/ctp/docs/privacydatasheet/collaboration/cisco-webex-meetings-privacy-data-sheet.pdf Zoom: https://www.zoom.us/legal
Processed data	Video tapes and photographs	Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725	For the lifetime of SESAR JU
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Each event/webinar is assigned to a meeting ID and password which will be communicated to the invited participants. Unauthorized participants are prevented to join the event by the contractor. The record function is only available to the host of the event and will only be used when there is no risk of disclosing any confidential information., Participants are reminded to open the Zoom meetings via the browser rather than via the fat client which is installed automatically when the application is run for the first time, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis, Standard clause for the processing of personal data included in the contract
Recipients	Data subject themselves: The recording of the event is sent to the participants, Processor: External contractor supporting the SESAR JU in the production of the event and the web conferencing platforms used, The general public: In case the event recording is published in the SESAR JU website, YouTube or social media channels, Designated SJU staff members: Members of the SESAR JU External Affairs and Communications team
Joint controllers	European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	11.10.2021
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection

Activity: requests for part-time work

Reference number
Data subject category	Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
Controller	Single European Sky ATM Research 3 Joint Undertaking (Brussels)
Data protection officer	laura.Gomez@sesarju.eu
Purpose	The purpose of the processing operations is to manage the part-time requests of SJU staff members including temporary and contractual agents, as well as related individual decisions allowing them to work part-time under the conditions laid down in Article 55(a) and Annex IVa of the Staff Regulations.
Description	The data is collected by SJU staff in the HR sector that also use them together with appropriate hierarchical superiors and the appointing authority (executive director of the SJU or delegates). When appropriate the data are made available to the EC PMO/Medical Service for the processing of medical data stricto sensu (SJU does not in principle collect medical data). Other EU institutions have also access to the data: European Court of Justice in case of disputes, and the European Court of Auditors and the SJU Internal Audit (the IAS of the EC) and the SJU Internal Audit Capability in the context of the audit work they perform. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The processing is done mainly manually and where suitable electronically.
Processed data	Family composition	Public interest article 5 a) of regulation 2018/1725	Data regarding part-time will be kept for 10 years after the last financial transaction or the termination of employment or date of retirement, the latest date prevailing
	Other	Public interest article 5 a) of regulation 2018/1725	10 years after the extinction of all rights of the staff member and any dependents
	Personal details	Public interest article 5 a) of regulation 2018/1725	Data regarding part-time will be kept for 10 years after the last financial transaction or the termination of employment or date of retirement, the latest date prevailing
	Profession	Public interest article 5 a) of regulation 2018/1725	Data regarding part-time will be kept for 10 years after the last financial transaction or the termination of employment or date of retirement, the latest date prevailing
Processors	n/a
Restrictions of data subject rights	possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions.
Security measures	Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members.
Recipients	EU institutions and bodies:
Joint controllers	European Commission
privacy policy url	https://www.sesarju.eu/dataprotection
Last updated	09.09.2020
internal reference
Exercising your rights	https://www.sesarju.eu/dataprotection