Data protection notice for the Enterprise Europe Network IT platform
One of your rights under EU law is that you must be informed when your personal data − also known as personal information − is processed (collected, used, stored) by any organisation including one of the EU institutions. You also have the right to know the details and purposes of that processing.
Your personal data is processed in accordance with Regulation (EU) No 2018/1725 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data.
The data controller of the processing operation is the Head of the Unit I-02. SMP/COSME Pillar of the European Innovation Council and SME Executive Agency (EISMEA).
The legal basis of the processing operation are in particular:
- Article 5(a) of Regulation (EU) 2018/1725, because processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body; this is the obligation to implement the Programme for the Competitiveness of Enterprises and Small and Medium-sized Enterprises (COSME) 2014-2020 (see Commission Implementing Decision 2013/771/EU stablishing the 'Executive Agency for Small and Medium-sized Enterprises').
- Article 5(b) of Regulation (EU) 2018/1725, because processing is necessary for compliance with a legal obligation to which the controller is subject.
- Article 5(c) of Regulation (EU) 2018/1725, because processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
- Article 5(d) of Regulation (EU) 2018/1725, because the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
The purpose of the data processing
The purposes of this data processing are to provide the interested public with:
- information about the functioning of the Enterprise Europe Network
- replies to requests for information submitted via web contact forms
- the ability to create a user account to an express an interest in a partnering profile and subscribe to the Network's partnering email alerts
Web contact forms: personal data included in contact forms is collected only to the extent necessary to reply. If the EISMEA support team in charge of the mailbox is unable to answer your question directly, it will forward your e-mail to another service in EISMEA or in the European Commission, or to an Enterprise Europe Network member organisation. You will be informed, via e-mail, about which service your question has been forwarded to. If you have any questions about the processing of your e-mail and related personal data, do not hesitate to include them in your message.
Email alerts: when you fill in the alert subscription form, the mandatory fields marked with an asterisk (*) are necessary for the verification of your data so we can create an account.
This site serves also as an access point to the Network where partners to the Enterprise Europe Network and interested third parties establish contacts. Via the home page of this site, registered users can access the Intranet and Partnering tools of the Enterprise Europe Network. Access to these tools is available only to registered users based on different user profiles.
Registered users may also be contacted proactively in relation to services provided to them by the Enterprise Europe Network.
Data collected and data recipients
The following of your personal data are collected: your first name, last name, gender, e-mail address, phone number are mandatory for the purpose(s) outlined above.
In addition, the following non-mandatory personal data are collected: photo, title, maiden name, mobile phone number, fax number, professional bio (about me), job title, area of responsibility, language skills, competencies and expertise, CV, your Linkedin/Twitter account. These can only be processed based on your explicit prior consent.
The recipients of your data will be EISMEA staff members and the advisers of the Enterprise Europe Network who are respectively responsible for the management of the site and for the activities of the Network. Your data can be transferred to organisations which are members of the Enterprise Europe Network, in all the countries it is present.
The following safeguards are in place for this transfer:
- standard contractual clauses in contracts with Enterprise Europe Network member organisations
- obligation for Network users to accept the application of the present data protection notice when processing personal data
The information in question can be transferred to bodies charged of monitoring or inspection tasks in application of Union law (e.g. internal audits, European Anti-fraud Office-OLAF). Third parties, such as external service providers having signed a service contract with EISMEA, may also have access to your data, where necessary for the purposes outlined above.
Your rights
You have the right to:
- access your personal data and to request your personal data to be rectified, if the data is inaccurate or incomplete
- where applicable, you have the right to request a restriction or to object to processing, to request a copy or erasure of your personal data held by the data controller
- of a general nature only and is not intended to address the specific circumstances of any particular individual or entity
- not necessarily comprehensive, complete, accurate or up to date
- sometimes linked to external sites over which the Commission services have no control and for which the Commission assumes no responsibility
- not professional or legal advice (if you need specific advice, you should always consult a suitably qualified professional)
If processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on your consent before its withdrawal.
Your request to exercise one of the above rights will be dealt with without undue delay and within one month.
Your data will be removed immediately after your request to quit the reception of alerts and, for users of the Intranet, after the request to remove their user account, except for data necessary for audit purpose which are kept for five years after the request for deletion of the account. The name of participants to events is kept for two years after the end of the event.
Questions about data protection
If you have any queries concerning the processing of your personal data, you may address them to the Data controller Head of Unit I-02. SMP/COSME Pillar via this contact form.
You have right of recourse at any time to the EISMEA Data protection officer and the European Data Protection Supervisor.
Copyright notice
c) European Union, 1995-2018
Reuse is authorised, provided the source is acknowledged. The Commission's reuse policy is implemented by the Decision of 12 December 2011 - reuse of Commission documents .
Where prior permission must be obtained for the reproduction or use of textual and multimedia information (sound, images, software, etc.), such permission shall cancel the above-mentioned general permission and shall clearly indicate any restrictions on use.
Reuse is not applicable to documents subject to intellectual property rights of third parties.
Disclaimer
The European Innovation Council and SME Executive Agency (EISMEA) maintains the Enterprise Europe Network central website to ensure access to information about the Network and its local contact points. Our goal is to keep this information timely and accurate. If errors are brought to our attention, we will try to correct them. However, EISMEA accepts no responsibility or liability whatsoever with regard to the information on this site.
This information is:
It is our goal to minimise disruption caused by technical errors. However some data or information on our site may have been created or structured in files or formats that are not error-free, and we cannot guarantee that our service will not be interrupted or otherwise affected by such problems. EISMEA accepts no responsibility with regard to such problems incurred as a result of using this site or any linked external sites.
This disclaimer is not intended to limit the liability of EISMEA in contravention of any requirements laid down in applicable national law, or to exclude its liability for matters which may not be excluded under that law.