Processing Activities

Search


Data subject categories

Fields

Purpose
Description
Processed data
Recipients
Supporting assets
reference number

Results

  • Activity: Business Continuity Plan staff contact list
    Reference number
    Data subject category On-site contractors and interim staff at JU premises
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose To permit the SJU, within the context of the Business Continuity Plan, to contact each SJU staff member in case of unforeseen event susceptible to affecting the integrity of SJU's assets and/or people, or when work conditions at the SJU premises are damaged or at risk. All personal data submitted will be used for the sole and exclusive purpose of informing staff in case of a business continuity event.
    Description
    The Business Continuity Contact List is maintained as a SharePoint list in IDMS (an internal platform for sharing information amongst SJU staff). Data subjects enter and maintain their own personal data. In addition to the data subject, personal data is accessible in read mode by:

    •  The data subject’s team manager (“Head of” as per the current organisation chart)
    • The data subject’s area manager ( “Chief” as per the current organisation chart)
    • The business continuity manager and his/her substitute (As defined per the QMS process “Business Continuity Management”)

    The Business Continuity Contact List in IDMS is configured in such a way that 
    • Data subject have access to their personal data only
    •  Team managers have access to their team’s personal data only
    • Area managers have access to their area’s personal data only
    • Only the business continuity manager and his/her substitute has access to personal data of the entire SJU

    As the business continuity contact list data are stored on the SESAR JU’s IDMS, access to data is granted by default to the persons having administration role and access permissions to IDMS, i.e. staff with IDMS System Administrator rights and other users such as ICT support team.

    The above-mentioned people are invited to print out a hard copy of personal data of their team(s) on a regular basis (typically once per month). The objective of this is to have an up-to-date information and to be able to contact staff as per the contact procedure in the case any event would arise resulting in limited or no electronic access to IDMS. This is described in the BC contact list guidance document, especially in its section 2.
    Processed data Personal details Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Profession Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 28.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: COVID-19 Pandemic – Booking system Voluntary Return to Office
    Reference number
    Data subject category On-site contractors and interim staff at JU premises
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose While teleworking remain the norm during at least Phase 1 of the SJU return to office strategy, presence at SJU premises is allowed on an exceptional basis, when so agreed with the line manager, and respecting all sanitary measures indicated by the Belgium Authorities and by the European Commission. In this context, the purpose of the processing operations is to control the level of occupation of its premises set as “open space” and to organise the progressive and voluntary return in a way that allows the SJU staff to be closely managed in order to take reasonable precautionary measures and ensure compliance with the applicable sanitary measures to date.
    Description
    The collection of personal data and establishment of the list is made electronically (i.e. by e-mail) by the Facility team. 
     
    Every week, the persons willing to come to the SJU premises shall send to the Facility and ICT mailboxes a request to be present at the SJU premises for a given period of time and clarify if he/she consents to the publication of his/her name, date, and period of presence on I-DMS (see below) according to the template provided by the Facility team. 
     
    The staff allowed to return to the office shall receive an e-mail of confirmation of the booking of a space at the SJU premises at the requested period of time if his/her request complies with all the measures and restrictions contained in IC 20/077 and any other EC guidance applicable to the situation.
     
    As a result of this process, every Friday after 15:00 and until general de-confinement (Phase 4 under IC 20/077), the Facility team will compile the received data of the persons that have required to be at the SJU premises on the following week and whose requests are compatible with all measures mentioned in IC ref. 20-077 in the following documents:
     
    1. A “safety and security register”: this database will contain all names, functions and time period of presence of staff at the SJU premises with restricted access by the Facility team, ICT team, LISO and LSO. 
    2.  A “weekly contact table”: this database - accessible to all SJU employees, PMU staff, ICT Coordination, ICT Support, Reception and D&D SDSS Team (hereafter referred to as “intramuros staff”) on IDMS - will identify people exceptionally present at the office on a weekly basis.
    Processed data Other Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Personal details Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 07.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Missions workflow and e-invoices tool
    Reference number
    Data subject category On-site contractors and interim staff at JU premises
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is to provide the travel services required to make sure that SJU staff will be able to travel away from their place of employement for professional reasons (missions and authorised travels).
    Description
    Staff on Mission prepares the Mission Request for his/her Hierarchical Supervisor’s(s’), if any, and Authorising Officer’s approval. There are two ways of collecting personal data and processing this information under missions' bookings, both provided by American Express GBT (processor):

    1. Reservations via the Online Booking Tool (‘OBT’):

    The Staff on Mission  books his/her flight and/or train tickets and/or makes car rental reservations in the OBT. The information collected by the OBT includes the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. Hotel bookings can be done either via the OBT provided by the agreed Travel Agency or through other preferred channels (e.g. personal credit card payment to guarantee hotel room, payment at the hotel with bank card or cash, depending on hotel policy). Low Cost reservations can be made either via the the OBT or offline with the Travel Agency (AMEX Corporate Credit Card is used) or via the low-cost Airline directly using the Mission Performer's private credit card. 

    The OBT is a tool provided by the processor, American Express GBT. 
    The staff can then go to the Amex GBT Mobile app to see the details of the booking done in the OBT (applicable privacy statement available here: https://privacy.amexgbt.com/statement).

    The mission performer can also optionally check his/her travel (print a confirmation of travel details) using the website "Checkmytrip". For this purpose, the mission performer has to create an account to get access to the tool and enter his/her last name and booking reference. Please find the privacy statement: https://www.checkmytrip.com/cmtweb/#/cmt/privacy-policy

    2. Reservation via the Travel Agency:

    The Staff on Mission sends an e-mail to the agreed Travel Agency requesting flight/rail options and price quotes. The information provided contains the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. 

    In both cases, the Hierarchical Supervisor confirms the eligibility of the mission according to the applicable rules. If the Mission Request is approved by the first Hierarchical Supervisor, it will go for approval to the second Hierarchical Supervisor, if applicable, and then it will be further transferred to the Authorising Officer for approval.

    • Upon confirmation of the trip

    American Express GBT sends through a system called “E-Invoicing tool” the invoice containing the name of the Mission Performer, the travel destination, travel date and the amount to be paid. Access to this tool, as well as to the document itself is restricted to the Facility & Mission coordination team. Please find the privacy statement: https://privacy.amexgbt.com/statement.  

    • Upon return from the mission

    The Mission Performer has to write a Mission Report and to collect other documentation including the supporting evidence for the reimbursement, any document that certifies the attendance in the event as well as duly filled in the Statement of Expenses. These documents (signed travel order, statement of expenses, mission report, etc) are then uploaded in the IDMS. The prepared Mission File is then transferred to the Mission Coordinator.

    Upon approval from the Authorising Officer, the Mission Coordinator retrieves the scanned Mission File from the IDMS and sends it to the PMO for the calculation of mission expenses. 

    The data is stored electronically and the documents are kept in IDMS accessible with restricted access rights.
    Processed data Education Public interest article 5 a) of regulation 2018/1725 5 years
    Financial information Public interest article 5 a) of regulation 2018/1725 5 years
    Other Public interest article 5 a) of regulation 2018/1725 5 years
    Personal details Public interest article 5 a) of regulation 2018/1725 5 years
    Profession Public interest article 5 a) of regulation 2018/1725 5 years
    Processors
    • American Express Global Business Travel (‘GBT’) servers (USA, Standard contractual clauses & binding corporate rules)
    • Checkmytrip website (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients EU institutions and bodies: The PMO will receive the information necessary to determine the entitlements of staff when they are on mission under the Staff Regulation and CEOS. If appropriate, access will also be provided to the EC Court of Auditors, the SJU Internal Auditor, the European Ombudsman, the Civil Service Tribunal, the European Anti-Fraud Office and the European Data Protection Supervisor, Third parties in third countries no adequacy decision but additional safeguards: As the personal data of the SJU staff is transferred to American Express GBT with the objective of providing the travel requested, the data will be processed by them. American Express GBT data centers are located in the United States and Germany. Please refer to the privacy statement of GBT for more information: http://privacy.amexgbt.com/statement
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 14.10.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Organisation of events
    Reference number
    Data subject category On-site contractors and interim staff at JU premises
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external events/communications (involving participants beyond simply the SJU staff) is: a) Register participants for events; b) Secure access to the SJU premises or to the premises where the event is held. c) Contact participants via email, SESAR mobile app, SESAR e-marketing tool (Flexmail), in advance of and after events to provide further relevant information/notifications d) Create networking opportunities through the sharing of participants lists only upon express consent by the participant in the registration form and limited to contact details e) Enable the SESAR JU to track participation levels/participation at its events in order to better manage events in the future; f) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); g) Contact audiences in the future in the context of relevant SESAR JU activities.
    Description
    The processing of personal data in the frame of organisation of events is automated and starts from the moment that a Data subject receives an informative email on the event. 

    Initial registration data is entered by interested participants into a form on the SESAR JU website, which generates a registration list that can be downloaded (only by the controller or the processor’s authorised personnel) in a tabular format. 

    The SESAR JU uses this data to contact participants about the event. Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless express consent is given by the event participants in advance, in the registration form.    

    Participants can opt-out from receiving such information through clicking on “unsubscribe” in the newsletter. 
    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • TMAB Business Events (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Data subject themselves: , Other: Participants in events only upon express consent by the participant in the registration form and limited to personal identification data, EU institutions and bodies: , Other: External experts and contractors involved in the event management/content management/website Security access controllers (only limited to the data strictly necessary)
    Joint controllers European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Personal file
    Reference number
    Data subject category On-site contractors and interim staff at JU premises
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is a) to comply with the rules laid down in the Staff Regulations b) to follow the procedure for the establishment and exercise by employees of their rights and obligations under the Staff Regulations and to manage their career performance.
    Description
    Data is collected and managed by the HR Sector, in order to create a personal file for each staff member. The personal file consists on the following: 

    • Data relating to the exercise by the employees of their individual rights and obligations (i.e. allowances, pension rights), the staff member has to send the form concerned to the HR Sector who is then responsible for submitting the request to the Office for the Administration and Payment of Individual Entitlements (“PMO”) for its management. The PMO notifies the outcome to the HR Sector and the latter one communicates it to the employee concerned and files the document in the personal file;

    • Data provided by the employee during the pre-recruitment process for the purpose of signature of the contract in compliance with article 26 of the Staff Regulation; 

    • Data for the management of the career development (appraisal report).

    This data is collected by the HR Sector and stored in the personal file. The data is stored manually and electronically. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The documents are also kept in electronic version in SJU share drive protected by management of access rights.

    Interimaires description of processing

    The SJU HR collects the data on education and employment detailed of interimaires (CVs) furnished by the interimaires provider, for the purpose of their engagement. Once the interimaires arrive at the SJU, HR collects data containing contact details.

    Blue book and atypical trainees description of processing

    In the case of blue book trainees, HR collects data containing contact details. HR has also access to a database managed by the European Commission that contains data relating to education and employment for the purpose of selecting a blue book trainee. All the documentation relating to their engagement is directly managed by the traineeship office of the European Commission.

    In the case of atypical trainees, HR collects CV’s for the purpose of their engagement and on their arrival the same personal data as for blue book trainees (mostly contact details).

    Processed data Education Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Family composition Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Financial information Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Personal details Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Profession Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members.
    Recipients EU institutions and bodies: If appropriate, access can be provided to the Court of Justice, European Court of Auditors, the SJU Internal Auditor, the European Ombudsman the European Anti-Fraud Office
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: SESAR virtual challenge
    Reference number
    Data subject category On-site contractors and interim staff at JU premises
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose During 60 days (between 13/10/2020 and 10/12/2020), SJU staff members are invited to participate and contribute to the SESAR 2020 Virtual challenge. Under this challenge, SJU staff may accumulate kilometres by engaging in a number of sport and social activities.
    Description

    During the time of confinement and teleworking given the social distancing constraints posed by the Covid-19 sanitary crisis, the SJU Communication team decided to launch challenge that would engage the staff collectively: the SESAR 2020 Virtual Challenge – a virtual tour of SESAR JU members in 60 days. 

    The registration of the data subject, with the voluntary indication of personal data (name and SESAR JU email), is intended to enable the processor to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. By registering on the website, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.The registration of the data subject, with the voluntary indication of personal data, is intended to enable the processor to offer the data subject specific contents or services regarding the SESAR virtual challenge. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted by the processor.The data processor shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data processor shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations.

    The challenge is open for all SESAR JU staff to join and accumulate kilometres by engaging in a number of activities i.e. Team sports (e.g. football, rugby, basketball…), individual sports (e.g. cycling, gym session, yoga, Pilates, tennis, badminton…), water sports (e.g. swimming, sailing, aqua aerobics…), coming to the office by bike or on foot instead of taking the car or other social activities within the SESAR JU (e.g. joining the SESAR social coffee, helping out a colleague, having a face-to-face socially distanced coffee with a colleague).

    This challenge is an optional activity and staff are free to choose how much or how little information they choose to enter into the system.  If the staff wishes, the virtual challenge may be set up as a fundraiser for the European Food Banks Federation to help people who are in need as a consequence of the COVID-19 crisis.

    Data subjects are requested to set their privacy settings within their account to ensure that the data is not publicly visible. This is done via: “My account” > “My settings” > “Privacy” > Set a restricted or private activity



    Processed data Hobbies and interests Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Personal details Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • www.myvirtualmission.com and www.theconqueror.events servers
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients The general public: Some photos and imagery will be shared on SESAR JU social media pages – LinkedIn and Twitter – as well as the SESAR eNews, Countries for which there is an adequacy decision: New Zealand, where the processor's servers are located
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 04.12.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Business Continuity Plan staff contact list
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose To permit the SJU, within the context of the Business Continuity Plan, to contact each SJU staff member in case of unforeseen event susceptible to affecting the integrity of SJU's assets and/or people, or when work conditions at the SJU premises are damaged or at risk. All personal data submitted will be used for the sole and exclusive purpose of informing staff in case of a business continuity event.
    Description
    The Business Continuity Contact List is maintained as a SharePoint list in IDMS (an internal platform for sharing information amongst SJU staff). Data subjects enter and maintain their own personal data. In addition to the data subject, personal data is accessible in read mode by:

    •  The data subject’s team manager (“Head of” as per the current organisation chart)
    • The data subject’s area manager ( “Chief” as per the current organisation chart)
    • The business continuity manager and his/her substitute (As defined per the QMS process “Business Continuity Management”)

    The Business Continuity Contact List in IDMS is configured in such a way that 
    • Data subject have access to their personal data only
    •  Team managers have access to their team’s personal data only
    • Area managers have access to their area’s personal data only
    • Only the business continuity manager and his/her substitute has access to personal data of the entire SJU

    As the business continuity contact list data are stored on the SESAR JU’s IDMS, access to data is granted by default to the persons having administration role and access permissions to IDMS, i.e. staff with IDMS System Administrator rights and other users such as ICT support team.

    The above-mentioned people are invited to print out a hard copy of personal data of their team(s) on a regular basis (typically once per month). The objective of this is to have an up-to-date information and to be able to contact staff as per the contact procedure in the case any event would arise resulting in limited or no electronic access to IDMS. This is described in the BC contact list guidance document, especially in its section 2.
    Processed data Personal details Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Profession Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 28.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: COVID-19 Pandemic – Booking system Voluntary Return to Office
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose While teleworking remain the norm during at least Phase 1 of the SJU return to office strategy, presence at SJU premises is allowed on an exceptional basis, when so agreed with the line manager, and respecting all sanitary measures indicated by the Belgium Authorities and by the European Commission. In this context, the purpose of the processing operations is to control the level of occupation of its premises set as “open space” and to organise the progressive and voluntary return in a way that allows the SJU staff to be closely managed in order to take reasonable precautionary measures and ensure compliance with the applicable sanitary measures to date.
    Description
    The collection of personal data and establishment of the list is made electronically (i.e. by e-mail) by the Facility team. 
     
    Every week, the persons willing to come to the SJU premises shall send to the Facility and ICT mailboxes a request to be present at the SJU premises for a given period of time and clarify if he/she consents to the publication of his/her name, date, and period of presence on I-DMS (see below) according to the template provided by the Facility team. 
     
    The staff allowed to return to the office shall receive an e-mail of confirmation of the booking of a space at the SJU premises at the requested period of time if his/her request complies with all the measures and restrictions contained in IC 20/077 and any other EC guidance applicable to the situation.
     
    As a result of this process, every Friday after 15:00 and until general de-confinement (Phase 4 under IC 20/077), the Facility team will compile the received data of the persons that have required to be at the SJU premises on the following week and whose requests are compatible with all measures mentioned in IC ref. 20-077 in the following documents:
     
    1. A “safety and security register”: this database will contain all names, functions and time period of presence of staff at the SJU premises with restricted access by the Facility team, ICT team, LISO and LSO. 
    2.  A “weekly contact table”: this database - accessible to all SJU employees, PMU staff, ICT Coordination, ICT Support, Reception and D&D SDSS Team (hereafter referred to as “intramuros staff”) on IDMS - will identify people exceptionally present at the office on a weekly basis.
    Processed data Other Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Personal details Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 07.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Missions workflow and e-invoices tool
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is to provide the travel services required to make sure that SJU staff will be able to travel away from their place of employement for professional reasons (missions and authorised travels).
    Description
    Staff on Mission prepares the Mission Request for his/her Hierarchical Supervisor’s(s’), if any, and Authorising Officer’s approval. There are two ways of collecting personal data and processing this information under missions' bookings, both provided by American Express GBT (processor):

    1. Reservations via the Online Booking Tool (‘OBT’):

    The Staff on Mission  books his/her flight and/or train tickets and/or makes car rental reservations in the OBT. The information collected by the OBT includes the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. Hotel bookings can be done either via the OBT provided by the agreed Travel Agency or through other preferred channels (e.g. personal credit card payment to guarantee hotel room, payment at the hotel with bank card or cash, depending on hotel policy). Low Cost reservations can be made either via the the OBT or offline with the Travel Agency (AMEX Corporate Credit Card is used) or via the low-cost Airline directly using the Mission Performer's private credit card. 

    The OBT is a tool provided by the processor, American Express GBT. 
    The staff can then go to the Amex GBT Mobile app to see the details of the booking done in the OBT (applicable privacy statement available here: https://privacy.amexgbt.com/statement).

    The mission performer can also optionally check his/her travel (print a confirmation of travel details) using the website "Checkmytrip". For this purpose, the mission performer has to create an account to get access to the tool and enter his/her last name and booking reference. Please find the privacy statement: https://www.checkmytrip.com/cmtweb/#/cmt/privacy-policy

    2. Reservation via the Travel Agency:

    The Staff on Mission sends an e-mail to the agreed Travel Agency requesting flight/rail options and price quotes. The information provided contains the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. 

    In both cases, the Hierarchical Supervisor confirms the eligibility of the mission according to the applicable rules. If the Mission Request is approved by the first Hierarchical Supervisor, it will go for approval to the second Hierarchical Supervisor, if applicable, and then it will be further transferred to the Authorising Officer for approval.

    • Upon confirmation of the trip

    American Express GBT sends through a system called “E-Invoicing tool” the invoice containing the name of the Mission Performer, the travel destination, travel date and the amount to be paid. Access to this tool, as well as to the document itself is restricted to the Facility & Mission coordination team. Please find the privacy statement: https://privacy.amexgbt.com/statement.  

    • Upon return from the mission

    The Mission Performer has to write a Mission Report and to collect other documentation including the supporting evidence for the reimbursement, any document that certifies the attendance in the event as well as duly filled in the Statement of Expenses. These documents (signed travel order, statement of expenses, mission report, etc) are then uploaded in the IDMS. The prepared Mission File is then transferred to the Mission Coordinator.

    Upon approval from the Authorising Officer, the Mission Coordinator retrieves the scanned Mission File from the IDMS and sends it to the PMO for the calculation of mission expenses. 

    The data is stored electronically and the documents are kept in IDMS accessible with restricted access rights.
    Processed data Education Public interest article 5 a) of regulation 2018/1725 5 years
    Financial information Public interest article 5 a) of regulation 2018/1725 5 years
    Other Public interest article 5 a) of regulation 2018/1725 5 years
    Personal details Public interest article 5 a) of regulation 2018/1725 5 years
    Profession Public interest article 5 a) of regulation 2018/1725 5 years
    Processors
    • American Express Global Business Travel (‘GBT’) servers (USA, Standard contractual clauses & binding corporate rules)
    • Checkmytrip website (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients EU institutions and bodies: The PMO will receive the information necessary to determine the entitlements of staff when they are on mission under the Staff Regulation and CEOS. If appropriate, access will also be provided to the EC Court of Auditors, the SJU Internal Auditor, the European Ombudsman, the Civil Service Tribunal, the European Anti-Fraud Office and the European Data Protection Supervisor, Third parties in third countries no adequacy decision but additional safeguards: As the personal data of the SJU staff is transferred to American Express GBT with the objective of providing the travel requested, the data will be processed by them. American Express GBT data centers are located in the United States and Germany. Please refer to the privacy statement of GBT for more information: http://privacy.amexgbt.com/statement
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 14.10.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Occupational health and medical data
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose Personal data is collected and managed for the purpose of complying with certain mandatory obligations under the Staff Regulations, notably: a) performance of the pre-recruitment medical examination b) issuance of medical certificates (justifying sick leave, special leave, working condition for TA and CA or reimbursement of medical expenses) c) performance of the annual medical visit
    Description
    Health data in the strict sense of staff members and candidates for recruitment are exclusively processed by the European Commission Medical Service, which keeps the medical files. No medical data stricto sensu are processed by the SJU; the information the SJU has access to do not contain any diagnosis, details of examinations undergone, or vaccination details). The communication flow is limited to the staff members and the medical service of the European Commission in accordance with the procedures established.
     

    For what concerns data managed directly by SJU: the HR team collects and stores the data that can be made accessible to other Institutions and authorized auditors when appropriate to fulfill auditing and controlling duties. The data is stored electronically and manually and access is protected by the management of access rights. 
    Processed data Family composition Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Other Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Personal details Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Profession Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Health data processed with the principles of medical confidentiality by HR officer, Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients EU institutions and bodies:
    Joint controllers European Commission, PMO
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Organisation of events
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external events/communications (involving participants beyond simply the SJU staff) is: a) Register participants for events; b) Secure access to the SJU premises or to the premises where the event is held. c) Contact participants via email, SESAR mobile app, SESAR e-marketing tool (Flexmail), in advance of and after events to provide further relevant information/notifications d) Create networking opportunities through the sharing of participants lists only upon express consent by the participant in the registration form and limited to contact details e) Enable the SESAR JU to track participation levels/participation at its events in order to better manage events in the future; f) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); g) Contact audiences in the future in the context of relevant SESAR JU activities.
    Description
    The processing of personal data in the frame of organisation of events is automated and starts from the moment that a Data subject receives an informative email on the event. 

    Initial registration data is entered by interested participants into a form on the SESAR JU website, which generates a registration list that can be downloaded (only by the controller or the processor’s authorised personnel) in a tabular format. 

    The SESAR JU uses this data to contact participants about the event. Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless express consent is given by the event participants in advance, in the registration form.    

    Participants can opt-out from receiving such information through clicking on “unsubscribe” in the newsletter. 
    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • TMAB Business Events (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Data subject themselves: , Other: Participants in events only upon express consent by the participant in the registration form and limited to personal identification data, EU institutions and bodies: , Other: External experts and contractors involved in the event management/content management/website Security access controllers (only limited to the data strictly necessary)
    Joint controllers European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Personal file
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is a) to comply with the rules laid down in the Staff Regulations b) to follow the procedure for the establishment and exercise by employees of their rights and obligations under the Staff Regulations and to manage their career performance.
    Description
    Data is collected and managed by the HR Sector, in order to create a personal file for each staff member. The personal file consists on the following: 

    • Data relating to the exercise by the employees of their individual rights and obligations (i.e. allowances, pension rights), the staff member has to send the form concerned to the HR Sector who is then responsible for submitting the request to the Office for the Administration and Payment of Individual Entitlements (“PMO”) for its management. The PMO notifies the outcome to the HR Sector and the latter one communicates it to the employee concerned and files the document in the personal file;

    • Data provided by the employee during the pre-recruitment process for the purpose of signature of the contract in compliance with article 26 of the Staff Regulation; 

    • Data for the management of the career development (appraisal report).

    This data is collected by the HR Sector and stored in the personal file. The data is stored manually and electronically. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The documents are also kept in electronic version in SJU share drive protected by management of access rights.

    Interimaires description of processing

    The SJU HR collects the data on education and employment detailed of interimaires (CVs) furnished by the interimaires provider, for the purpose of their engagement. Once the interimaires arrive at the SJU, HR collects data containing contact details.

    Blue book and atypical trainees description of processing

    In the case of blue book trainees, HR collects data containing contact details. HR has also access to a database managed by the European Commission that contains data relating to education and employment for the purpose of selecting a blue book trainee. All the documentation relating to their engagement is directly managed by the traineeship office of the European Commission.

    In the case of atypical trainees, HR collects CV’s for the purpose of their engagement and on their arrival the same personal data as for blue book trainees (mostly contact details).

    Processed data Education Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Family composition Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Financial information Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Personal details Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Profession Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members.
    Recipients EU institutions and bodies: If appropriate, access can be provided to the Court of Justice, European Court of Auditors, the SJU Internal Auditor, the European Ombudsman the European Anti-Fraud Office
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: SESAR virtual challenge
    Reference number
    Data subject category Trainees (blue book and atypical)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose During 60 days (between 13/10/2020 and 10/12/2020), SJU staff members are invited to participate and contribute to the SESAR 2020 Virtual challenge. Under this challenge, SJU staff may accumulate kilometres by engaging in a number of sport and social activities.
    Description

    During the time of confinement and teleworking given the social distancing constraints posed by the Covid-19 sanitary crisis, the SJU Communication team decided to launch challenge that would engage the staff collectively: the SESAR 2020 Virtual Challenge – a virtual tour of SESAR JU members in 60 days. 

    The registration of the data subject, with the voluntary indication of personal data (name and SESAR JU email), is intended to enable the processor to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. By registering on the website, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.The registration of the data subject, with the voluntary indication of personal data, is intended to enable the processor to offer the data subject specific contents or services regarding the SESAR virtual challenge. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted by the processor.The data processor shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data processor shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations.

    The challenge is open for all SESAR JU staff to join and accumulate kilometres by engaging in a number of activities i.e. Team sports (e.g. football, rugby, basketball…), individual sports (e.g. cycling, gym session, yoga, Pilates, tennis, badminton…), water sports (e.g. swimming, sailing, aqua aerobics…), coming to the office by bike or on foot instead of taking the car or other social activities within the SESAR JU (e.g. joining the SESAR social coffee, helping out a colleague, having a face-to-face socially distanced coffee with a colleague).

    This challenge is an optional activity and staff are free to choose how much or how little information they choose to enter into the system.  If the staff wishes, the virtual challenge may be set up as a fundraiser for the European Food Banks Federation to help people who are in need as a consequence of the COVID-19 crisis.

    Data subjects are requested to set their privacy settings within their account to ensure that the data is not publicly visible. This is done via: “My account” > “My settings” > “Privacy” > Set a restricted or private activity



    Processed data Hobbies and interests Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Personal details Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • www.myvirtualmission.com and www.theconqueror.events servers
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients The general public: Some photos and imagery will be shared on SESAR JU social media pages – LinkedIn and Twitter – as well as the SESAR eNews, Countries for which there is an adequacy decision: New Zealand, where the processor's servers are located
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 04.12.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Business Continuity Plan staff contact list
    Reference number
    Data subject category Programme Management Unit (EUROCONTROL staff)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose To permit the SJU, within the context of the Business Continuity Plan, to contact each SJU staff member in case of unforeseen event susceptible to affecting the integrity of SJU's assets and/or people, or when work conditions at the SJU premises are damaged or at risk. All personal data submitted will be used for the sole and exclusive purpose of informing staff in case of a business continuity event.
    Description
    The Business Continuity Contact List is maintained as a SharePoint list in IDMS (an internal platform for sharing information amongst SJU staff). Data subjects enter and maintain their own personal data. In addition to the data subject, personal data is accessible in read mode by:

    •  The data subject’s team manager (“Head of” as per the current organisation chart)
    • The data subject’s area manager ( “Chief” as per the current organisation chart)
    • The business continuity manager and his/her substitute (As defined per the QMS process “Business Continuity Management”)

    The Business Continuity Contact List in IDMS is configured in such a way that 
    • Data subject have access to their personal data only
    •  Team managers have access to their team’s personal data only
    • Area managers have access to their area’s personal data only
    • Only the business continuity manager and his/her substitute has access to personal data of the entire SJU

    As the business continuity contact list data are stored on the SESAR JU’s IDMS, access to data is granted by default to the persons having administration role and access permissions to IDMS, i.e. staff with IDMS System Administrator rights and other users such as ICT support team.

    The above-mentioned people are invited to print out a hard copy of personal data of their team(s) on a regular basis (typically once per month). The objective of this is to have an up-to-date information and to be able to contact staff as per the contact procedure in the case any event would arise resulting in limited or no electronic access to IDMS. This is described in the BC contact list guidance document, especially in its section 2.
    Processed data Personal details Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Profession Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 28.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: COVID-19 Pandemic – Booking system Voluntary Return to Office
    Reference number
    Data subject category Programme Management Unit (EUROCONTROL staff)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose While teleworking remain the norm during at least Phase 1 of the SJU return to office strategy, presence at SJU premises is allowed on an exceptional basis, when so agreed with the line manager, and respecting all sanitary measures indicated by the Belgium Authorities and by the European Commission. In this context, the purpose of the processing operations is to control the level of occupation of its premises set as “open space” and to organise the progressive and voluntary return in a way that allows the SJU staff to be closely managed in order to take reasonable precautionary measures and ensure compliance with the applicable sanitary measures to date.
    Description
    The collection of personal data and establishment of the list is made electronically (i.e. by e-mail) by the Facility team. 
     
    Every week, the persons willing to come to the SJU premises shall send to the Facility and ICT mailboxes a request to be present at the SJU premises for a given period of time and clarify if he/she consents to the publication of his/her name, date, and period of presence on I-DMS (see below) according to the template provided by the Facility team. 
     
    The staff allowed to return to the office shall receive an e-mail of confirmation of the booking of a space at the SJU premises at the requested period of time if his/her request complies with all the measures and restrictions contained in IC 20/077 and any other EC guidance applicable to the situation.
     
    As a result of this process, every Friday after 15:00 and until general de-confinement (Phase 4 under IC 20/077), the Facility team will compile the received data of the persons that have required to be at the SJU premises on the following week and whose requests are compatible with all measures mentioned in IC ref. 20-077 in the following documents:
     
    1. A “safety and security register”: this database will contain all names, functions and time period of presence of staff at the SJU premises with restricted access by the Facility team, ICT team, LISO and LSO. 
    2.  A “weekly contact table”: this database - accessible to all SJU employees, PMU staff, ICT Coordination, ICT Support, Reception and D&D SDSS Team (hereafter referred to as “intramuros staff”) on IDMS - will identify people exceptionally present at the office on a weekly basis.
    Processed data Other Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Personal details Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 07.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Organisation of events
    Reference number
    Data subject category Programme Management Unit (EUROCONTROL staff)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external events/communications (involving participants beyond simply the SJU staff) is: a) Register participants for events; b) Secure access to the SJU premises or to the premises where the event is held. c) Contact participants via email, SESAR mobile app, SESAR e-marketing tool (Flexmail), in advance of and after events to provide further relevant information/notifications d) Create networking opportunities through the sharing of participants lists only upon express consent by the participant in the registration form and limited to contact details e) Enable the SESAR JU to track participation levels/participation at its events in order to better manage events in the future; f) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); g) Contact audiences in the future in the context of relevant SESAR JU activities.
    Description
    The processing of personal data in the frame of organisation of events is automated and starts from the moment that a Data subject receives an informative email on the event. 

    Initial registration data is entered by interested participants into a form on the SESAR JU website, which generates a registration list that can be downloaded (only by the controller or the processor’s authorised personnel) in a tabular format. 

    The SESAR JU uses this data to contact participants about the event. Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless express consent is given by the event participants in advance, in the registration form.    

    Participants can opt-out from receiving such information through clicking on “unsubscribe” in the newsletter. 
    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • TMAB Business Events (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Data subject themselves: , Other: Participants in events only upon express consent by the participant in the registration form and limited to personal identification data, EU institutions and bodies: , Other: External experts and contractors involved in the event management/content management/website Security access controllers (only limited to the data strictly necessary)
    Joint controllers European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: SESAR virtual challenge
    Reference number
    Data subject category Programme Management Unit (EUROCONTROL staff)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose During 60 days (between 13/10/2020 and 10/12/2020), SJU staff members are invited to participate and contribute to the SESAR 2020 Virtual challenge. Under this challenge, SJU staff may accumulate kilometres by engaging in a number of sport and social activities.
    Description

    During the time of confinement and teleworking given the social distancing constraints posed by the Covid-19 sanitary crisis, the SJU Communication team decided to launch challenge that would engage the staff collectively: the SESAR 2020 Virtual Challenge – a virtual tour of SESAR JU members in 60 days. 

    The registration of the data subject, with the voluntary indication of personal data (name and SESAR JU email), is intended to enable the processor to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. By registering on the website, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.The registration of the data subject, with the voluntary indication of personal data, is intended to enable the processor to offer the data subject specific contents or services regarding the SESAR virtual challenge. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted by the processor.The data processor shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data processor shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations.

    The challenge is open for all SESAR JU staff to join and accumulate kilometres by engaging in a number of activities i.e. Team sports (e.g. football, rugby, basketball…), individual sports (e.g. cycling, gym session, yoga, Pilates, tennis, badminton…), water sports (e.g. swimming, sailing, aqua aerobics…), coming to the office by bike or on foot instead of taking the car or other social activities within the SESAR JU (e.g. joining the SESAR social coffee, helping out a colleague, having a face-to-face socially distanced coffee with a colleague).

    This challenge is an optional activity and staff are free to choose how much or how little information they choose to enter into the system.  If the staff wishes, the virtual challenge may be set up as a fundraiser for the European Food Banks Federation to help people who are in need as a consequence of the COVID-19 crisis.

    Data subjects are requested to set their privacy settings within their account to ensure that the data is not publicly visible. This is done via: “My account” > “My settings” > “Privacy” > Set a restricted or private activity



    Processed data Hobbies and interests Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Personal details Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • www.myvirtualmission.com and www.theconqueror.events servers
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients The general public: Some photos and imagery will be shared on SESAR JU social media pages – LinkedIn and Twitter – as well as the SESAR eNews, Countries for which there is an adequacy decision: New Zealand, where the processor's servers are located
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 04.12.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Missions workflow and e-invoices tool
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is to provide the travel services required to make sure that SJU staff will be able to travel away from their place of employement for professional reasons (missions and authorised travels).
    Description
    Staff on Mission prepares the Mission Request for his/her Hierarchical Supervisor’s(s’), if any, and Authorising Officer’s approval. There are two ways of collecting personal data and processing this information under missions' bookings, both provided by American Express GBT (processor):

    1. Reservations via the Online Booking Tool (‘OBT’):

    The Staff on Mission  books his/her flight and/or train tickets and/or makes car rental reservations in the OBT. The information collected by the OBT includes the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. Hotel bookings can be done either via the OBT provided by the agreed Travel Agency or through other preferred channels (e.g. personal credit card payment to guarantee hotel room, payment at the hotel with bank card or cash, depending on hotel policy). Low Cost reservations can be made either via the the OBT or offline with the Travel Agency (AMEX Corporate Credit Card is used) or via the low-cost Airline directly using the Mission Performer's private credit card. 

    The OBT is a tool provided by the processor, American Express GBT. 
    The staff can then go to the Amex GBT Mobile app to see the details of the booking done in the OBT (applicable privacy statement available here: https://privacy.amexgbt.com/statement).

    The mission performer can also optionally check his/her travel (print a confirmation of travel details) using the website "Checkmytrip". For this purpose, the mission performer has to create an account to get access to the tool and enter his/her last name and booking reference. Please find the privacy statement: https://www.checkmytrip.com/cmtweb/#/cmt/privacy-policy

    2. Reservation via the Travel Agency:

    The Staff on Mission sends an e-mail to the agreed Travel Agency requesting flight/rail options and price quotes. The information provided contains the family Name, Forename (same as on passport), date of birth (for train bookings), destination and travel date. 

    In both cases, the Hierarchical Supervisor confirms the eligibility of the mission according to the applicable rules. If the Mission Request is approved by the first Hierarchical Supervisor, it will go for approval to the second Hierarchical Supervisor, if applicable, and then it will be further transferred to the Authorising Officer for approval.

    • Upon confirmation of the trip

    American Express GBT sends through a system called “E-Invoicing tool” the invoice containing the name of the Mission Performer, the travel destination, travel date and the amount to be paid. Access to this tool, as well as to the document itself is restricted to the Facility & Mission coordination team. Please find the privacy statement: https://privacy.amexgbt.com/statement.  

    • Upon return from the mission

    The Mission Performer has to write a Mission Report and to collect other documentation including the supporting evidence for the reimbursement, any document that certifies the attendance in the event as well as duly filled in the Statement of Expenses. These documents (signed travel order, statement of expenses, mission report, etc) are then uploaded in the IDMS. The prepared Mission File is then transferred to the Mission Coordinator.

    Upon approval from the Authorising Officer, the Mission Coordinator retrieves the scanned Mission File from the IDMS and sends it to the PMO for the calculation of mission expenses. 

    The data is stored electronically and the documents are kept in IDMS accessible with restricted access rights.
    Processed data Education Public interest article 5 a) of regulation 2018/1725 5 years
    Financial information Public interest article 5 a) of regulation 2018/1725 5 years
    Other Public interest article 5 a) of regulation 2018/1725 5 years
    Personal details Public interest article 5 a) of regulation 2018/1725 5 years
    Profession Public interest article 5 a) of regulation 2018/1725 5 years
    Processors
    • American Express Global Business Travel (‘GBT’) servers (USA, Standard contractual clauses & binding corporate rules)
    • Checkmytrip website (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients EU institutions and bodies: The PMO will receive the information necessary to determine the entitlements of staff when they are on mission under the Staff Regulation and CEOS. If appropriate, access will also be provided to the EC Court of Auditors, the SJU Internal Auditor, the European Ombudsman, the Civil Service Tribunal, the European Anti-Fraud Office and the European Data Protection Supervisor, Third parties in third countries no adequacy decision but additional safeguards: As the personal data of the SJU staff is transferred to American Express GBT with the objective of providing the travel requested, the data will be processed by them. American Express GBT data centers are located in the United States and Germany. Please refer to the privacy statement of GBT for more information: http://privacy.amexgbt.com/statement
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 14.10.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: SESAR virtual challenge
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose During 60 days (between 13/10/2020 and 10/12/2020), SJU staff members are invited to participate and contribute to the SESAR 2020 Virtual challenge. Under this challenge, SJU staff may accumulate kilometres by engaging in a number of sport and social activities.
    Description

    During the time of confinement and teleworking given the social distancing constraints posed by the Covid-19 sanitary crisis, the SJU Communication team decided to launch challenge that would engage the staff collectively: the SESAR 2020 Virtual Challenge – a virtual tour of SESAR JU members in 60 days. 

    The registration of the data subject, with the voluntary indication of personal data (name and SESAR JU email), is intended to enable the processor to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. By registering on the website, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.The registration of the data subject, with the voluntary indication of personal data, is intended to enable the processor to offer the data subject specific contents or services regarding the SESAR virtual challenge. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted by the processor.The data processor shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data processor shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations.

    The challenge is open for all SESAR JU staff to join and accumulate kilometres by engaging in a number of activities i.e. Team sports (e.g. football, rugby, basketball…), individual sports (e.g. cycling, gym session, yoga, Pilates, tennis, badminton…), water sports (e.g. swimming, sailing, aqua aerobics…), coming to the office by bike or on foot instead of taking the car or other social activities within the SESAR JU (e.g. joining the SESAR social coffee, helping out a colleague, having a face-to-face socially distanced coffee with a colleague).

    This challenge is an optional activity and staff are free to choose how much or how little information they choose to enter into the system.  If the staff wishes, the virtual challenge may be set up as a fundraiser for the European Food Banks Federation to help people who are in need as a consequence of the COVID-19 crisis.

    Data subjects are requested to set their privacy settings within their account to ensure that the data is not publicly visible. This is done via: “My account” > “My settings” > “Privacy” > Set a restricted or private activity



    Processed data Hobbies and interests Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Personal details Explicit consent article 5 d) of regulation 2018/1725 Personal data will be deleted after the end date of the initiative i.e. December 10
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • www.myvirtualmission.com and www.theconqueror.events servers
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data
    Recipients The general public: Some photos and imagery will be shared on SESAR JU social media pages – LinkedIn and Twitter – as well as the SESAR eNews, Countries for which there is an adequacy decision: New Zealand, where the processor's servers are located
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 04.12.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Social media monitoring
    Reference number
    Data subject category Internet users whose posts and other social media activity are analysed
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The (SJU) monitors social media in order to understand how the SJU is discussed and perceived in social media so that we can take into account the needs of the general public in our communications. To this end, like other public institutions, we analyse social media activity related to our tasks and monitor the use of our own social media channels. The conclusions drawn from this processing help shape the SJU’s reputation, communication strategy and a more effective and efficient public communication.
    Description
    The external provider collects and analyses data from public posts by social media users on different social media channels, and tracks different online sources including fora, blogs and online news websites. The external provider only processes information that is publicly available: https://www.talkwalker.com/author-privacy-policy

    While the external provider collects the categories of personal data listed, SESAR JU only analyses some of these data. We mostly use aggregate data for this analysis. However, individual quotes may be captured as examples and used to describe the general attitude towards the SESAR JU in social media. These quotes will be limited to those of individuals who publish posts about the SESAR JU in their professional capacity or those of influencers.

    Processed data Other Public interest article 5 a) of regulation 2018/1725 Reports containing personal data will be stored for a maximum of five years and will then be destroyed/deleted. Upon the instructions of the SESAR JU, the external provider will delete the results of searches after a period of six months. Automatic backups will also be deleted from the provider’s servers after six months. days
    Personal details Public interest article 5 a) of regulation 2018/1725 Reports containing personal data will be stored for a maximum of five years and will then be destroyed/deleted. Upon the instructions of the SESAR JU, the external provider will delete the results of searches after a period of six months. Automatic backups will also be deleted from the provider’s servers after six months. days
    Processors
    • Servers of external provider: Web server, Twitter, Youtube, Mobile App, LinkedIn (EEA, External contractors are bound by data protection clauses standard to all contracts issued by the European institutions and other bodies when processing personal data on behalf of the SJU.)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Obligation of confidentiality of the staff, Secure communication channel between server and client, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 04.12.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Internal staff survey
    Reference number
    Data subject category SJU staff respondents to the survey
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The main purpose of the survey is to collect in an anonymous way information, opinions, user experience from colleagues on any matter impacting the strategic objectives of the SJU (e.g.: use of IDMS, risk management process).
    Description
    The data collected is processed both electronically via IDMS and manually when the person responsible for the survey will analyse the data.

    When processing electronically, though I-DMS using the survey tool through the following process: 

    • The link to the survey is sent to respondents (data subjects) via e-mail with 7-10 days to provide answers on a voluntary basis. After the period, the survey cannot be responded to, (which is not managed automatically but through a transaction of the System Administrator (e.g. setting the corresponding page to Read-only) upon instruction of the responsible Team.
    • Any respondent can use the link to get access to the questionnaire via the I-DMS. The survey is also directly accessible through the I-DMS navigation bar Living Together -> Surveys. Permissions and accesses are controlled through the standard I-DMS permission management system.

    When processing electronically, aggregated data are:

    • Collected and extracted to an excel file at the date set by the Responsible team corresponding to the end of the survey period. The excel file is stored both by the responsible team and/or HR.
    • Initially analysed by the responsible team.
    • May be clustered and re-arrange to come up with quantitative information and group free text answers.

    The Corporate Management Team may be provided with a synthesis from that analysis.
    Processed data Other Public interest article 5 a) of regulation 2018/1725 It will be deleted once the survey is closed and the results of the survey have been aggregated.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls, Obligation of confidentiality of the staff
    Recipients Other: As conducted through the I-DMS tool, other users such as ICT support team (located in the SJU premises and with ICT service desk), EUROCONTROL IT Service Desk Team or the MCS support team also have technical access to the database.
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 04.12.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Business Continuity Plan staff contact list
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose To permit the SJU, within the context of the Business Continuity Plan, to contact each SJU staff member in case of unforeseen event susceptible to affecting the integrity of SJU's assets and/or people, or when work conditions at the SJU premises are damaged or at risk. All personal data submitted will be used for the sole and exclusive purpose of informing staff in case of a business continuity event.
    Description
    The Business Continuity Contact List is maintained as a SharePoint list in IDMS (an internal platform for sharing information amongst SJU staff). Data subjects enter and maintain their own personal data. In addition to the data subject, personal data is accessible in read mode by:

    •  The data subject’s team manager (“Head of” as per the current organisation chart)
    • The data subject’s area manager ( “Chief” as per the current organisation chart)
    • The business continuity manager and his/her substitute (As defined per the QMS process “Business Continuity Management”)

    The Business Continuity Contact List in IDMS is configured in such a way that 
    • Data subject have access to their personal data only
    •  Team managers have access to their team’s personal data only
    • Area managers have access to their area’s personal data only
    • Only the business continuity manager and his/her substitute has access to personal data of the entire SJU

    As the business continuity contact list data are stored on the SESAR JU’s IDMS, access to data is granted by default to the persons having administration role and access permissions to IDMS, i.e. staff with IDMS System Administrator rights and other users such as ICT support team.

    The above-mentioned people are invited to print out a hard copy of personal data of their team(s) on a regular basis (typically once per month). The objective of this is to have an up-to-date information and to be able to contact staff as per the contact procedure in the case any event would arise resulting in limited or no electronic access to IDMS. This is described in the BC contact list guidance document, especially in its section 2.
    Processed data Personal details Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Profession Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 28.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: COVID-19 Pandemic – Booking system Voluntary Return to Office
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose While teleworking remain the norm during at least Phase 1 of the SJU return to office strategy, presence at SJU premises is allowed on an exceptional basis, when so agreed with the line manager, and respecting all sanitary measures indicated by the Belgium Authorities and by the European Commission. In this context, the purpose of the processing operations is to control the level of occupation of its premises set as “open space” and to organise the progressive and voluntary return in a way that allows the SJU staff to be closely managed in order to take reasonable precautionary measures and ensure compliance with the applicable sanitary measures to date.
    Description
    The collection of personal data and establishment of the list is made electronically (i.e. by e-mail) by the Facility team. 
     
    Every week, the persons willing to come to the SJU premises shall send to the Facility and ICT mailboxes a request to be present at the SJU premises for a given period of time and clarify if he/she consents to the publication of his/her name, date, and period of presence on I-DMS (see below) according to the template provided by the Facility team. 
     
    The staff allowed to return to the office shall receive an e-mail of confirmation of the booking of a space at the SJU premises at the requested period of time if his/her request complies with all the measures and restrictions contained in IC 20/077 and any other EC guidance applicable to the situation.
     
    As a result of this process, every Friday after 15:00 and until general de-confinement (Phase 4 under IC 20/077), the Facility team will compile the received data of the persons that have required to be at the SJU premises on the following week and whose requests are compatible with all measures mentioned in IC ref. 20-077 in the following documents:
     
    1. A “safety and security register”: this database will contain all names, functions and time period of presence of staff at the SJU premises with restricted access by the Facility team, ICT team, LISO and LSO. 
    2.  A “weekly contact table”: this database - accessible to all SJU employees, PMU staff, ICT Coordination, ICT Support, Reception and D&D SDSS Team (hereafter referred to as “intramuros staff”) on IDMS - will identify people exceptionally present at the office on a weekly basis.
    Processed data Other Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Personal details Legal obligation article 5 b) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 The safety and security register will be stored by the Facility team on their dedicated IDMS folder for one year with restricted access for the sole purpose of being used in safety, security, or sanitary dossiers if needed; The weekly contact table will be deleted upon expiration of the week of presence, the following Friday evening and substituted by an updated table for the following week.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 07.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Flexitime
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of recording the working hours is: a)To allow staff to manage their daily working hours in order to conciliate their private and professional life, taking into consideration the core hours and respecting the 40-hours working week. b) To ensure that a continued, effective service is provided and the overall work assigned to the staff members is manageable.
    Description
    Before the Time Management Application (‘TIM’) of SYSPER is in place, the process is the following: 

    Manual processing:

    Staff member will record their hours worked in an excel sheet created for this purpose. In this respect, they will have to insert the time of arrival, departure and daily breaks. The total amount of hours worked daily and weekly as well as the credit and debit hours are calculated automatically. This excel sheet is personal and will be handled on a daily basis by the staff member concerned. They will be send by e-mail to the hierarchical superior who will verify and approve them at the beginning of each month. The hierarchical superior will then send them approved via e-mail to HR with the concerned staff member in copy and will then delete them according to the instructions given to the staff. HR will store the e-mail and the timesheets electronically in the share drive until their destruction. HR will check them in case a day of recuperation is requested. This day will be requested via a template created for this purpose, accessible through IDMS and managed by the HR Sector. 

    After the Time Management Application (‘TIM’) of SYSPER is in place, the process is the following:

    Automated processing:

    The staff member, following the same principle as in the manual processing, will  record only the hours worked and breaks taken in TIM and the system will do the calculations automatically. Only the staff member, their hierarchical superior and HR will have access to this data until their destruction. In the last two cases, this will only consist of a read access. Recuperation days will be requested and approved by the hierarchical superior through the system. 

    Processed data Other Public interest article 5 a) of regulation 2018/1725 3 years
    Personal details Public interest article 5 a) of regulation 2018/1725 3 years
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Management of leave
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose Assessing the entitlement to annual leave, special leave, parental leave, family leave, leave under personal grounds, credit-time leave for temporary agents and contract agents and in some cases seconded national experts (annual and special leave).
    Description
    The data collected is processed either manually or electronically.
    When processing manually, the paper files are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe  (until destruction) or by the EC PMO/ Medical Service.
    When processing electronically, the data is stored in IT management applications developed specifically for this purpose. Access to the IT application is protected by access rights granted to SJU authorized staff (HR service).
    Processed data Family composition Public interest article 5 a) of regulation 2018/1725 3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
    Health data Public interest article 5 a) of regulation 2018/1725 3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
    Personal details Public interest article 5 a) of regulation 2018/1725 3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
    Profession Public interest article 5 a) of regulation 2018/1725 3 years – administrative data, except if a dispute and appeal is underway (e.g. annual leave, special leave); Entire career duration - for parental leave, family leave and leave on personal grounds, the data should be kept for the entire career of the staff to keep track when the total time granted reaches the maximum permitted; Longer periods – certain types of leave, as in the context of credit-time, have an effect on the calculation of pension rights and is conserved for longer periods; 7 years – data related to financial compensation related to leave retention; Personal data in supporting documents is deleted as soon as they are not necessary for budgetary discharge, control and audit purposes.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients EU institutions and bodies: European Court of Auditors, European Court of Justice, lawyers (external on behalf of the SJU), the SJU Internal Auditor (Internal Audit Service of the European Commission), may also access to relevant personal data for audit control or appeal purposes.
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Occupational health and medical data
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose Personal data is collected and managed for the purpose of complying with certain mandatory obligations under the Staff Regulations, notably: a) performance of the pre-recruitment medical examination b) issuance of medical certificates (justifying sick leave, special leave, working condition for TA and CA or reimbursement of medical expenses) c) performance of the annual medical visit
    Description
    Health data in the strict sense of staff members and candidates for recruitment are exclusively processed by the European Commission Medical Service, which keeps the medical files. No medical data stricto sensu are processed by the SJU; the information the SJU has access to do not contain any diagnosis, details of examinations undergone, or vaccination details). The communication flow is limited to the staff members and the medical service of the European Commission in accordance with the procedures established.
     

    For what concerns data managed directly by SJU: the HR team collects and stores the data that can be made accessible to other Institutions and authorized auditors when appropriate to fulfill auditing and controlling duties. The data is stored electronically and manually and access is protected by the management of access rights. 
    Processed data Family composition Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Other Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Personal details Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Profession Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Health data processed with the principles of medical confidentiality by HR officer, Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients EU institutions and bodies:
    Joint controllers European Commission, PMO
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Organisation of events
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external events/communications (involving participants beyond simply the SJU staff) is: a) Register participants for events; b) Secure access to the SJU premises or to the premises where the event is held. c) Contact participants via email, SESAR mobile app, SESAR e-marketing tool (Flexmail), in advance of and after events to provide further relevant information/notifications d) Create networking opportunities through the sharing of participants lists only upon express consent by the participant in the registration form and limited to contact details e) Enable the SESAR JU to track participation levels/participation at its events in order to better manage events in the future; f) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); g) Contact audiences in the future in the context of relevant SESAR JU activities.
    Description
    The processing of personal data in the frame of organisation of events is automated and starts from the moment that a Data subject receives an informative email on the event. 

    Initial registration data is entered by interested participants into a form on the SESAR JU website, which generates a registration list that can be downloaded (only by the controller or the processor’s authorised personnel) in a tabular format. 

    The SESAR JU uses this data to contact participants about the event. Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless express consent is given by the event participants in advance, in the registration form.    

    Participants can opt-out from receiving such information through clicking on “unsubscribe” in the newsletter. 
    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • TMAB Business Events (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Data subject themselves: , Other: Participants in events only upon express consent by the participant in the registration form and limited to personal identification data, EU institutions and bodies: , Other: External experts and contractors involved in the event management/content management/website Security access controllers (only limited to the data strictly necessary)
    Joint controllers European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Personal file
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is a) to comply with the rules laid down in the Staff Regulations b) to follow the procedure for the establishment and exercise by employees of their rights and obligations under the Staff Regulations and to manage their career performance.
    Description
    Data is collected and managed by the HR Sector, in order to create a personal file for each staff member. The personal file consists on the following: 

    • Data relating to the exercise by the employees of their individual rights and obligations (i.e. allowances, pension rights), the staff member has to send the form concerned to the HR Sector who is then responsible for submitting the request to the Office for the Administration and Payment of Individual Entitlements (“PMO”) for its management. The PMO notifies the outcome to the HR Sector and the latter one communicates it to the employee concerned and files the document in the personal file;

    • Data provided by the employee during the pre-recruitment process for the purpose of signature of the contract in compliance with article 26 of the Staff Regulation; 

    • Data for the management of the career development (appraisal report).

    This data is collected by the HR Sector and stored in the personal file. The data is stored manually and electronically. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The documents are also kept in electronic version in SJU share drive protected by management of access rights.

    Interimaires description of processing

    The SJU HR collects the data on education and employment detailed of interimaires (CVs) furnished by the interimaires provider, for the purpose of their engagement. Once the interimaires arrive at the SJU, HR collects data containing contact details.

    Blue book and atypical trainees description of processing

    In the case of blue book trainees, HR collects data containing contact details. HR has also access to a database managed by the European Commission that contains data relating to education and employment for the purpose of selecting a blue book trainee. All the documentation relating to their engagement is directly managed by the traineeship office of the European Commission.

    In the case of atypical trainees, HR collects CV’s for the purpose of their engagement and on their arrival the same personal data as for blue book trainees (mostly contact details).

    Processed data Education Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Family composition Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Financial information Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Personal details Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Profession Legal obligation (article 5 (b) of regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 10 years after end of contract
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members.
    Recipients EU institutions and bodies: If appropriate, access can be provided to the Court of Justice, European Court of Auditors, the SJU Internal Auditor, the European Ombudsman the European Anti-Fraud Office
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: Staff Appraisal
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is to meet the requirements of the Staff Regulations related to the assessment of the staff member’s efficiency, competencies and conduct in the service. It is intended to provide regular and structured feedback in order to improve performance and contribute to the future professional development of the staff. Every temporary, contract agent and SNE staff is subject of a yearly appraisal exercise.
    Description
    The processing operation is conducted yearly both manually and electronically. The launch of the exercise is made electronically (by e-mail). The staff member/ jobholder receives in his e-mail an invitation from the reporting officer to complete a self-assessment within a certain time frame (template is provided). The staff member and the reporting officer hold a dialogue and this report is updated in light of the agreed objectives and job description of the staff member. 
     
    The finalised report is handed over personally by the jobholder to the HR service. The finalised report (hard copy signed by all parties) is filed by HR in a folder containing all the reports and which forms part of the staff member's personal file. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. The staff member keeps a copy of this file. 
     
    A scanned copy is also stored in the share drive which is protected by a restricted access to the HR Service, including HR management.

    Processed data Education Public interest article 5 a) of regulation 2018/1725 Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
    Other Public interest article 5 a) of regulation 2018/1725 Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
    Personal details Public interest article 5 a) of regulation 2018/1725 Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
    Profession Public interest article 5 a) of regulation 2018/1725 Up to 10 years after termination of employment or from the last pension payment. The original copies are destroyed by the HR Sector and the electronic documents are deleted.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients EU institutions and bodies: European Court of Auditors, European Court of Justice, SJU internal auditor, Internal Audit Service of the EC.
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection
    Activity: requests for part-time work
    Reference number
    Data subject category Staff JU and other EUIs (temporary agents, contract agents, seconded national experts, seconded personnel from JU Member)
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is to manage the part-time requests of SJU staff members including temporary and contractual agents, as well as related individual decisions allowing them to work part-time under the conditions laid down in Article 55(a) and Annex IVa of the Staff Regulations.
    Description
    The data is collected by SJU staff in the HR sector that also use them together with appropriate hierarchical superiors and the appointing authority (executive director of the SJU or delegates). When appropriate the data are made available to the EC PMO/Medical Service for the processing of medical data stricto sensu (SJU does not in principle collect medical data). Other EU institutions have also access to the data: European Court of Justice in case of disputes, and the European Court of Auditors and the SJU Internal Audit (the IAS of the EC) and the SJU Internal Audit Capability in the context of the audit work they perform. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. 

    The processing is done mainly manually and where suitable electronically.

    Processed data Family composition Public interest article 5 a) of regulation 2018/1725 Data regarding part-time will be kept for 10 years after the last financial transaction or the termination of employment or date of retirement, the latest date prevailing
    Other Public interest article 5 a) of regulation 2018/1725 10 years after the extinction of all rights of the staff member and any dependents
    Personal details Public interest article 5 a) of regulation 2018/1725 Data regarding part-time will be kept for 10 years after the last financial transaction or the termination of employment or date of retirement, the latest date prevailing
    Profession Public interest article 5 a) of regulation 2018/1725 Data regarding part-time will be kept for 10 years after the last financial transaction or the termination of employment or date of retirement, the latest date prevailing
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members.
    Recipients EU institutions and bodies:
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Occupational health and medical data
    Reference number
    Data subject category Relatives of the data subject
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose Personal data is collected and managed for the purpose of complying with certain mandatory obligations under the Staff Regulations, notably: a) performance of the pre-recruitment medical examination b) issuance of medical certificates (justifying sick leave, special leave, working condition for TA and CA or reimbursement of medical expenses) c) performance of the annual medical visit
    Description
    Health data in the strict sense of staff members and candidates for recruitment are exclusively processed by the European Commission Medical Service, which keeps the medical files. No medical data stricto sensu are processed by the SJU; the information the SJU has access to do not contain any diagnosis, details of examinations undergone, or vaccination details). The communication flow is limited to the staff members and the medical service of the European Commission in accordance with the procedures established.
     

    For what concerns data managed directly by SJU: the HR team collects and stores the data that can be made accessible to other Institutions and authorized auditors when appropriate to fulfill auditing and controlling duties. The data is stored electronically and manually and access is protected by the management of access rights. 
    Processed data Family composition Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Other Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Personal details Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Profession Public interest article 5 a) of regulation 2018/1725 Administrative health data are retained 3 years except if a dispute and appeal is underway; Data of non-recruited candidates are kept until the period for challenging the decision has passed.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Health data processed with the principles of medical confidentiality by HR officer, Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients EU institutions and bodies:
    Joint controllers European Commission, PMO
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 23.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Assessment and reporting on probationary periods
    Reference number
    Data subject category JU staff
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The processing for reasons related to staff probationary periods, namely the assessment of person-job match in order to confirm the engagement of staff, to extend the probationary period or to terminate the contract of employment as needed.
    Description
    The operation is launched by email from the reporting officer to the staff under probation. Exchange of the self-assessment and assessment between the reporting officer and the probationary staff may be done through email. The finalised report is manually given to the HR Sector by sealed confidential internal mail. The final report on paper is scanned and stored on dedicated HR shared drive accessible to HR staff only. The paper reports are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. 

    Processed data Other Public interest article 5 a) of regulation 2018/1725 10 years after the termination of employment or the last financial transaction, the latest prevailing.
    Personal details Public interest article 5 a) of regulation 2018/1725 10 years after the termination of employment or the last financial transaction, the latest prevailing.
    Profession Public interest article 5 a) of regulation 2018/1725 10 years after the termination of employment or the last financial transaction, the latest prevailing.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Other: reporting officer, Other: countersigning officers, Other: Executive director and deputy executive director, Designated SJU staff members: Human resources staff, EU institutions and bodies: European Court of Auditors; OLAF; IAS; Civil Service Tribunal; Ombudsman.
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Recruitment of temporary agents and contract agents
    Reference number
    Data subject category Selected candidates for recruitment as contractual agents and temporary agents
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations is the recruitment of temporary and contractual agents in compliance with Staff Regulations and CEOS as well as the implementing rules of selection and recruitment of the indicated staff.
    Description
    Data is collected by the HR Sector and used by the HR team to prepare the contract of the recruited candidate and to collect the information required by the Staff Regulation and CEOS. The data is sent by email to the Office for the Administration and payment of individual entitlement (PMO) for the calculation of the employee’s rights and it is received also by the Appointing Authority. 

    The data is stored manually and electronically. Paper documents are stored safely in the HR office that is closed when no HR staff is in and equipped with a safe. Birth certificate and criminal records have to be provided in paper as originals. The rest of the documents might be received as electronic files and they are stored in SJU share drive protected by management of access rights.
    Processed data Education Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Family composition Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Financial information Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Other Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Personal characteristics Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Personal details Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Profession Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Social identification number Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 Data regarding recruited staff will be kept for ten years after the last financial transaction or the termination of employment, the latest date prevailing. Criminal records will be stored up to two years from the date of recruitment and be destroyed earlier if they have been checked by the Court of Auditors.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Organisation measures: The data is stored electronically and manually and access is protected by the management of the access rights to the SJU folders in the share drive. Technical measures: Paper files are stored in a locked cupboard in the HR sector’s secured office until their destruction. The SJU folders in the share drive are accessible only to HR team members. , Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients EU institutions and bodies: The PMO will receive the information necessary to define the establishment of the recruited staff entitlements under the Staff Regulation and CEOS. If appropriate, access will also be provided to the EU Court of Auditors, the SJU Internal Auditor, the European Ombudsman, the Civil Service Tribunal, the European Anti-Fraud Office and the European Data Protection Supervisor
    Joint controllers European Commission
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Webinars involving external participants
    Reference number
    Data subject category Participants at the webinar
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external webinars (involving participants beyond simply the SJU staff) is: a) Register participants for webinar; b) Contact participants via email in advance of and after events to provide further relevant information/notifications c) Enable the SESAR JU to track participation levels/participation at its webinars in order to better manage webinars in the future.
    Description
    When registering for a webinar, participants will fill a registration form that will request only the necessary data according to the data minimisation principle, that is name, email and organisation. The SESAR webinars are organized using the Livestorm platform. Participants are asked to adhere to the privacy policy terms set by Livestorm and that describes how data are used and stored and how to remove their data from the servers: https://livestorm.co/gdpr/
     
    Processed data Location information Explicit consent article 5 d) of regulation 2018/1725 3 years
    Personal details Contractual obligation article 5 c) of regulation 2018/1725 , explicit consent article 5 d) of regulation 2018/1725 3 years
    Video tapes and photographs Explicit consent article 5 d) of regulation 2018/1725 3 years
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
    Recipients External contractors under framework contract with the European Commission : , Data subject themselves:
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: SESAR mobile App
    Reference number
    Data subject category Participants at the event
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose For SJU most important events, this app will be used to help participants to plan, attend, follow the event as well providing them opportunities for networking with other participants.
    Description
    For SESAR JU most important events (two to three per year) the SESAR mobile app is available for download/access to anyone interested in following the SESAR event activities online. 

    The use of SESAR JU mobile app is NOT mandatory, it is a complement offered by the SJU, and helps participants to plan, attend, follow the event as well providing them opportunities for networking with other participants.

    When downloading and signing-up for the mobile app,  users will provide their email address and their name. Only the name is shared by default with other participants. If a user wants to share more information, he or she can add other personal data such as organisation, function, linkedin account, etc. An attendee can also choose not to be visible to another attendees. 

    Information stored in the SESAR JU mobile app will not be used for any other purpose.

    The SESAR mobile application is hosted on a platform created by a company called Whova. The SJU’s contract with this company is managed by 20STM. 

    Users of the SESAR mobile application are asked to adhere to the privacy policy terms set by Whova and that describes how data are used and stored and how to remove their data from the SESAR JU mobile app (you can read their privacy policy in: https://whova.com/privacy/). 
    Processed data Other Explicit consent article 5 d) of regulation 2018/1725 Registration data in SESAR mobile App is stored on the mobile application for a period of 12 months. After which, it is deleted.
    Personal details Contractual obligation article 5 c) of regulation 2018/1725 , explicit consent article 5 d) of regulation 2018/1725 Registration data in SESAR mobile App is stored on the mobile application for a period of 12 months. After which, it is deleted.
    Profession Explicit consent article 5 d) of regulation 2018/1725 Registration data in SESAR mobile App is stored on the mobile application for a period of 12 months. After which, it is deleted.
    Processors
    • Whova platform (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure communication channel between server and client
    Recipients Data subject themselves: , External contractors under framework contract with the European Commission : 20STM and/or TMAB, Other: Other attendees to the event, but only for those personal details that the Data Subject agreed to share with other attendees, Other: Users of SESAR Mobile App (limited data)
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: E-news
    Reference number
    Data subject category General public subscribed to the SESAR JU newsletter
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The processing of personal data serves the purpose of establishing a list of email addresses to which the Newsletter is sent in order to keep SESAR JU stakeholders and interested parties up to data with the latest news, activities and upcoming events of the SESAR JU.
    Description
    The processing of personal data in the frame of e-news is automated and starts from the moment that data subject subscribe to it.  

    Initial registration of interested parties and stakeholders is performed via an opt-in form on the SESAR JU web site. The mandatory information consists of Data subject’s name and email address. Organisation name and function is optional. The registration form fully describes the purpose of the registration and contains links to Data protection and Legal notice as well as an “I accept” button. Once completed, an email is sent to the Data subject that recaps all information entered by the Data subject, inviting him to confirm registration. The Data subject information is then added to the e-news list. 

    The SESAR JU uses this data to sent monthly newsletters and other announcements to the subscribed. Email addresses will not be shared for other purposes other than sending the newsletters.    

    Data subject can at any time: 

    Check and update his personal data via the ‘edit profile’ link availableon every e-mail being sent out by the Flexmail system

    Unsubscribe from the newsletter via the ‘unsubscribe’ link available on every e-mail being sent out by the Flexmail system.

    Processed data Personal details Explicit consent article 5 d) of regulation 2018/1725 Subscribers’ contact data are stored until a subscriber asks to be removed from the list.
    Profession Explicit consent article 5 d) of regulation 2018/1725 Subscribers’ contact data are stored until a subscriber asks to be removed from the list.
    Processors
    • Flexmail platform (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and foreseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure communication channel between server and client
    Recipients External contractors under framework contract with the European Commission : 20STM (Flexmail tool), Data subject themselves:
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Organisation of events
    Reference number
    Data subject category Complainants, correspondents and enquirers
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external events/communications (involving participants beyond simply the SJU staff) is: a) Register participants for events; b) Secure access to the SJU premises or to the premises where the event is held. c) Contact participants via email, SESAR mobile app, SESAR e-marketing tool (Flexmail), in advance of and after events to provide further relevant information/notifications d) Create networking opportunities through the sharing of participants lists only upon express consent by the participant in the registration form and limited to contact details e) Enable the SESAR JU to track participation levels/participation at its events in order to better manage events in the future; f) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); g) Contact audiences in the future in the context of relevant SESAR JU activities.
    Description
    The processing of personal data in the frame of organisation of events is automated and starts from the moment that a Data subject receives an informative email on the event. 

    Initial registration data is entered by interested participants into a form on the SESAR JU website, which generates a registration list that can be downloaded (only by the controller or the processor’s authorised personnel) in a tabular format. 

    The SESAR JU uses this data to contact participants about the event. Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless express consent is given by the event participants in advance, in the registration form.    

    Participants can opt-out from receiving such information through clicking on “unsubscribe” in the newsletter. 
    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • TMAB Business Events (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Data subject themselves: , Other: Participants in events only upon express consent by the participant in the registration form and limited to personal identification data, EU institutions and bodies: , Other: External experts and contractors involved in the event management/content management/website Security access controllers (only limited to the data strictly necessary)
    Joint controllers European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Organisation of events
    Reference number
    Data subject category Speakers, participants including virtual presence, exhibitors, journalists, external suppliers
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing external events/communications (involving participants beyond simply the SJU staff) is: a) Register participants for events; b) Secure access to the SJU premises or to the premises where the event is held. c) Contact participants via email, SESAR mobile app, SESAR e-marketing tool (Flexmail), in advance of and after events to provide further relevant information/notifications d) Create networking opportunities through the sharing of participants lists only upon express consent by the participant in the registration form and limited to contact details e) Enable the SESAR JU to track participation levels/participation at its events in order to better manage events in the future; f) Enable the SESAR JU to preserve its institutional knowledge for the purpose of reporting (commemorative book); g) Contact audiences in the future in the context of relevant SESAR JU activities.
    Description
    The processing of personal data in the frame of organisation of events is automated and starts from the moment that a Data subject receives an informative email on the event. 

    Initial registration data is entered by interested participants into a form on the SESAR JU website, which generates a registration list that can be downloaded (only by the controller or the processor’s authorised personnel) in a tabular format. 

    The SESAR JU uses this data to contact participants about the event. Email addresses will not be shared for networking purposes or otherwise and participants will not be contacted in advance of and after the events with further relevant information/notifications, unless express consent is given by the event participants in advance, in the registration form.    

    Participants can opt-out from receiving such information through clicking on “unsubscribe” in the newsletter. 
    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 deleted after the event follow-up, unless the participant has given their consent that they may be used by the SJU to invite them to future similar events.
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors
    • 20 Seconds to Midnight (20STM) (EEA)
    • TMAB Business Events (EEA)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned, Secure transfer of data, Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients Data subject themselves: , Other: Participants in events only upon express consent by the participant in the registration form and limited to personal identification data, EU institutions and bodies: , Other: External experts and contractors involved in the event management/content management/website Security access controllers (only limited to the data strictly necessary)
    Joint controllers European Commission, other EU body/ies (Joint Undertaking or Agency), EUROCONTROL or any of the SJU Members.
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 09.09.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Business Continuity Plan staff contact list
    Reference number
    Data subject category Person to contact in case of emergency
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose To permit the SJU, within the context of the Business Continuity Plan, to contact each SJU staff member in case of unforeseen event susceptible to affecting the integrity of SJU's assets and/or people, or when work conditions at the SJU premises are damaged or at risk. All personal data submitted will be used for the sole and exclusive purpose of informing staff in case of a business continuity event.
    Description
    The Business Continuity Contact List is maintained as a SharePoint list in IDMS (an internal platform for sharing information amongst SJU staff). Data subjects enter and maintain their own personal data. In addition to the data subject, personal data is accessible in read mode by:

    •  The data subject’s team manager (“Head of” as per the current organisation chart)
    • The data subject’s area manager ( “Chief” as per the current organisation chart)
    • The business continuity manager and his/her substitute (As defined per the QMS process “Business Continuity Management”)

    The Business Continuity Contact List in IDMS is configured in such a way that 
    • Data subject have access to their personal data only
    •  Team managers have access to their team’s personal data only
    • Area managers have access to their area’s personal data only
    • Only the business continuity manager and his/her substitute has access to personal data of the entire SJU

    As the business continuity contact list data are stored on the SESAR JU’s IDMS, access to data is granted by default to the persons having administration role and access permissions to IDMS, i.e. staff with IDMS System Administrator rights and other users such as ICT support team.

    The above-mentioned people are invited to print out a hard copy of personal data of their team(s) on a regular basis (typically once per month). The objective of this is to have an up-to-date information and to be able to contact staff as per the contact procedure in the case any event would arise resulting in limited or no electronic access to IDMS. This is described in the BC contact list guidance document, especially in its section 2.
    Processed data Personal details Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Profession Processing is necessary to protect the vital interests of the data subject or another natural person (article 5(e) regulation 2018/1725), public interest article 5 a) of regulation 2018/1725 Personal data in IDMS shall be maintained for the duration of the data subject’s contract with the SJU.
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction.
    Security measures Staff dealing with this processing operation is designated on a need-to-know basis
    Recipients n/a
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 28.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: SJU meetings involving external participants
    Reference number
    Data subject category Guests attending the meeting
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose The purpose of the processing operations when managing meetings (involving participants beyond simply the SJU staff) is: a) Have a list of the guests attending the meeting b) Secure access to the SJU premises or to the premises where the event is held c) Contact the participants on the meeting via email
    Description
    The processing of personal data starts from the moment the Data subject receives the information via email to confirm the attendance to the meeting.

    The staff organizing the meeting will inform the reception and provide the number of people expected and names.

    Each SJU staff member is responsible to invite guests and inform the reception on the number of people expected, their names as well as to inform participants that pictures will be taken or videos recorded and the specific purpose. The staff ensures that there is a no photography area and to remind participants that they can chose to step aside from the picture.

    Processed data Other Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Personal details Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Profession Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 the SJU will delete these data at the latest ten working days after the event
    Video tapes and photographs Public interest article 5 a) of regulation 2018/1725, explicit consent article 5 d) of regulation 2018/1725 archived after 10 years (not available any more online) years
    Processors n/a
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (eu) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other data subjects, and forseen in the upcoming sju decision on restrictions. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls
    Recipients Other: Security access controllers (only limited to the data strictly necessary), Other: Participants in the meeting only upon express consent by the participant in the registration form and limited to contact details
    Joint controllers n/a
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 07.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

  • Activity: Audit to SJU Members and beneficiaries
    Reference number
    Data subject category Beneficiaries of EU funds
    Controller SESAR JU (Brussels)
    Data protection officer laura.Gomez@sesarju.eu
    Purpose Processing personal data in the framework of an on-the-spot audit or desk review of financial statements claimed for co-financing by the SJU Members and beneficiaries of EU funds. As an example, these may consist of employment contracts, payslips, timesheets, bank statements.
    Description
    Manual processing:
    Personal data as part of an audit assignment is stored in the Project Audit archives (physical files). Access to these archives is limited to the Project Auditor.

    Automated processing:
    All EC IT systems are compliant with the Commission Decision of 16 August 2006 C (2006) 3602[1] concerning the security of information systems used by the European Commission. 
    The processing of personal data in the frame of the selection and management of experts is mainly automated.
    [1] http://ec.europa.eu/internal_market/imi-net/docs/decision_3602_2006_en.pdf

    SECURITY measures specific to this processing:
    Electronic system being put into place for the storage of personal data in the SJU shared drive (on the home computer network) and the management of the access rights: specific folders per audit report and containing the hereto related personal data (name, position, hourly rate, hours worked in the project.) has been created. For each audit report, by default, the access rights (read & write) are limited to the following persons: person(s) appointed as project auditor and back-up.

    In principle, personal data contained in documents and files that are consulted / accessed / collected as part of the evidence during the audit will not be mentioned in the final Report (unless relevant for the purpose of the audit / for the understanding of the findings).

    ON JOINT CONTROLLERSHIP:
    The European Court of Auditors and the European Commission (CAS) act as joint controllers.
    Contact point for the CAS: RTD-External-Audits@ec.europa.eu
    There is an MoU currently being developed by EC services in cooperation with European Institutions and Bodies (Executive Agencies and Joint Undertakings). 
    Processed data Financial information Legal obligation article 5 b) of regulation 2018/1725, contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725 5 years
    Personal details Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725, legal obligation article 5 b) of regulation 2018/1725 5 years
    Profession Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725, legal obligation article 5 b) of regulation 2018/1725 5 years
    payrolls, payslips, bank statements, contracts, time records (timesheets) and any personal data contained in documents and files that are consulted / accessed / collected as part of the evidence during the audit Contractual obligation article 5 c) of regulation 2018/1725 , public interest article 5 a) of regulation 2018/1725, legal obligation article 5 b) of regulation 2018/1725 5 years
    Processors
    • EC's audit tools like AUDEX (Belgium)
    • EC's audit tools like AUDEX (Belgium)
    Restrictions of data subject rights
    possible restrictions as laid down in article 25 of regulation (ec) 1725/2018 may apply, only if necessary to safeguard the rights of the data subjects and/or the rights and freedom of other, and foreseen in the upcoming sju decision on restriction. 
    Security measures Access control and technical measures such as physical locks and/or secure connections and firewalls, Appropriate technical and organisational security measures, giving due regard to the risks inherent in the processing and to the nature of the personal data concerned
    Recipients Designated SJU staff members: , EU institutions and bodies: When transfer of personal data to other EU institutions are foreseen, the following text applies: **Recital 21 and Article 6 of the Regulation apply: - Transfer is required and necessary for the legitimate performance of tasks of the SESAR JU, accordingly: Transfer of the data to the European Commission is de facto as the EC is responsible for launching, monitoring and managing the audits. - The purpose of the transfer is compatible with the purpose of the collection. Accordingly: • Purpose of the data collection: • Purpose of the transfer: • Compatibility of the purposes: e.g. Both purposes are compatible as the purpose of the transfer is covered by the purpose of the collection (e.g.: data submitted in the offer are necessary for the processing of payment obligations).
    Joint controllers European Commission (CAS), European Court of Auditors
    privacy policy url https://www.sesarju.eu/dataprotection
    Last updated 07.07.2020
    internal reference
    Exercising your rights https://www.sesarju.eu/dataprotection

Powered by GDPR Central.