Who is responsible for the processing of your personal data?
The Your Europe, Your Say! event (YEYS) is organised by the European Economic and Social Committee (EESC), which is the data controller in charge of the processing of your personal data.
The service responsible for processing your personal data on behalf of the controller is:
Visits and Publications Unit
Directorate D - Communication and Interinstitutional Relations
European Economic and Social Committee - Rue Belliard/Belliardstraat 99 - 1040 Brussels
youreuropeeesc [dot] europa [dot] eu
What is the purpose of the processing?
Your personal data will be processed in order to:
- register you for the event,
- make travel and accommodation arrangements, i.e. travel bookings and hotel reservations,
- fulfil the communication objectives of the event (subject to your consent),
- share your name, surname and supervising teacher's email address with the other participants (subject to your consent),
- send you invitations to future YEYS events that the EESC may organise (subject to your consent).
The EESC is not responsible for recordings (such as photographs or videos) made by participants in a private capacity.
What is the legal basis for the processing
Regulation (EU) 2018/1725 applies to the processing of your personal data collected for the organisation and management of this event. The legal basis for the processing of your personal data is Article 5(a) of Regulation (EU) 2018/1725, as the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in a Union institution or body. The EESC exercises its tasks as set out in Articles 300-304 of the Treaty on the Functioning of the European Union.
The processing of certain categories of your personal data as described in this privacy statement will be carried out based on your consent (Article 5(d) of Regulation (EU) 2018/1725).
What personal data are processed?
The following personal data will be processed:
- data necessary for the organisation and management of the event: First name and surname of the school principal, supervising teacher and students participating in the event, gender and postal address of supervising teacher and students participating in the event, mobile phone number of parents/guardian and supervising teacher, e-mail address of school principal and supervising teacher, name, phone number, postal and e-mail address of the school, the school's website, health form (allergies, dietary restrictions, disabilities, details of the person to be contacted in case of emergency, phone, address);
- data collected for accreditation purposes, according to the requirements established by the Security service: name, surname, passport or ID number, date of birth, nationality. For additional information, please refer to the accreditation privacy statement;
- data collected for communication and publicity purposes: pictures and/or audio and video recordings of speakers and participants, quotes associated with names, live streaming. They could be published in the context of the event and the preparations for it (including the visit to the school by an EESC member) (i.e. YouTube video, publications) and in connection with the EESC's communication activities, and published on its intranet, the internet and social media (i.e. Facebook, Twitter and Instagram). Recordings (all sound, audiovisual and live recordings) are made in accordance with EESC Decision 206/17A: Rules on the recording of activities undertaken by the European Economic and Social Committee;
- data collected for financial reasons.
Your consent is required for:
- photographs, audio and video recordings and web streaming related to the event,
- participant list with your name, surname and supervising teacher's email address which will be shared among participants,
- invitations to future YEYS events that the EESC may organise.
You can give your consent via the event registration form or via the documents provided by mail.
When registering for the YEYS event, certain categories of personal data must be filled in. If those categories of data are not filled in, you will not be able to register for the event.
Who are the recipients or categories of recipients of your personal data?
The recipient of your data will be the EESC staff in charge of the organisation, management and follow-up of this event.
We will never share your personal data for direct marketing purposes.
Photographs and/or audio and video recordings of participants will be taken during this event as well as during the EESC member's physical or online visit to your school. Images/videos taken during the visit to your school that are sent to the YEYS team might be used on social media. Recordings (audiovisual and photographs) will be used partially for communication and reporting purposes afterwards. Web-streaming will take place during the event. Slight editing to audio-visual material collected might also take place (e.g. brightness and/or contrast adjustment).
The Committee is not responsible for any recordings made in a personal capacity during the event.
Your photograph/image may be used in EESC publications and/or published on the intranet, the event website (http://www.eesc.europa.eu/yeys2023) and relevant social networks, accompanied by text, name, quotes, photographs and/or video recordings of the event.
Your photograph might also be taken during preparations for the event (including the visit to the school by an EESC member) and might also be used in EESC publications and/or published on the intranet, the event website (http://www.eesc.europa.eu/yeys2023) and relevant social networks, accompanied by text, name and quotes.
A video of the event may be published on the website http://www.youtube.com/user/EurEcoSocCommittee.
We use social media to provide information about and promote the YEYS event through widely-used channels: Facebook, Twitter, Instagram and YouTube. The use of social media does not in any way imply endorsement of their privacy policies. In the event that one or more social media are unavailable, we accept no responsibility for lack of service due to their downtime. We recommend that users read the Facebook, Twitter, Instagram and YouTube privacy policies. Each company explains its policy of data collection and processing, its use of data, user rights and the ways in which users can protect their privacy when using these services.
How can you exercise your rights?
You have the right to request access to your personal data. You also have the right to request rectification or erasure or restriction of the processing of your personal data.
You also have the right to withdraw your consent at any time. Please note that withdrawal of consent will not have retroactive effect (processing of your personal data based on your consent before withdrawal is lawful up to the moment when you withdraw your consent).
Where applicable, you have the right to object to the processing of your data. Where applicable, you have the right to receive your personal data provided to the controller or to have your personal data transmitted directly to another controller (data portability).
You can direct your queries to eventseesc [dot] europa [dot] eu. The query will be dealt with within 15 working days.
You have the right to lodge a complaint with the European Data Protection Supervisor (edpsedps [dot] europa [dot] eu) if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data.
How long are your personal data kept for?
Your data (excluding photographs, audio and video recordings that have been published and personal data provided for registration purposes) are kept for as long as follow-up actions to the event are necessary with regard to the purpose(s) of the processing of personal data, as well as for the event and its related management. Personal data will be deleted from databases one year after the event, except the forms which will be retained for 10 years on the EESC's server. Data published on the internet and intranet will remain there indefinitely.
Data obtained for accreditation purposes are transferred to the Security service and then deleted by the VIP unit. The Security service retains data for one year (for details see privacy statement).
Financial data are stored in the archive of the Financial Officer of the unit. In accordance with the rules, the files must be kept for a minimum period of five years.
Individuals whose data are included in the Dynamics database are informed regularly about this fact and are given the possibility to request deletion of their data. Data stored in the Dynamics database are deleted within fifteen (15) working days upon receipt of a request. For more information please consult section 7 and 8 of the Dynamics privacy statement.
If you wish to delete these data at any time after you have given your consent, please contact us at youreuropeeesc [dot] europa [dot] eu.
Photographs and audio and video recordings that have been published (for example on the internet, social media channels or in publications) will remain in that format indefinitely.
Are your personal data transferred to a third country (non-EU Member State) or international organisation?
Your personal data will not be transferred to a non-EU Member State and/or international organisation.
Are personal data collected used for automated decision-making, including profiling?
The EESC will not use your personal data to make automated decisions about you. "Automated decisions" are defined as decisions made without human intervention.
Will your personal data be further processed for a purpose other than that for which the data were obtained?
Your personal data will not be further processed for a different purpose than the ones mentioned above.
Who can you contact if you have queries or complaints?
If you have any further questions about the processing of your personal data, please contact the unit in charge of the processing of your personal data: youreuropeeesc [dot] europa [dot] eu.
You may also contact the Data Protection Officer of the EESC (data [dot] protectioneesc [dot] europa [dot] eu) and/or the European Data Protection Supervisor (edpsedps [dot] europa [dot] eu) at any time.