Privacy statement on the protection of personal data in relation to online registration for events on the ENTRUSTED website (entrusted.eu)
All personal data are dealt in compliance with the applicable rules on the protection of natural persons with regards to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data (currently Regulation (EU) 2018/1725).
The following data protection information notice outlines the criteria by which personal information will be collected, managed and used by the Polish Space Agency (POLSA) on behalf of EUSPA, as a member of the ENTRUSTED Consortium under the Grant Agreement No. 870330, in relation to the online registration on the ENTRUSTED website,
Identity of controller and data protection officer:
Data Controller: European Union Agency for the Space Programme (EUSPA), Head of the Market and Development Department, Janovskeho 438/2 170 00 Prague 7, Czech Republic,
Data Protection Officer: EUSPA Data Protection Officer, Janovskeho 438/2 170 00 Prague 7, Czech Republic, e-mail address:
Purposes of data processing:
- To establish a list of registrants interested in attending the event.
- To send update/notifications about the event, including the final programme, connection details, etc.
- To process data for statistical and management purposes.
Data/Categories of data concerned:
Registrants to the event (referred to as data subjects) are requested to provide the following personal data in their submissions via a dedicated registration form:
- Mandatory data: first name, second name, name of the organisation, country (choice from a drop-down menu), e-mail address.
- Non-mandatory data: telephone number.
Recipients/Categories of recipients of the data processed:
Access to personal data is granted on a ‘need to know’ basis to:
- Data processors: ENTRUSTED Consortium members, which are bound by personal data protection rules equal to those applying to the EUSPA:
- A limited number of staff of POLSA managing registration and evaluation processes.
- A limited number of staff of the EDA managing the online streaming service and providing IT support.
- Staff of POLSA in charge of the communication services.
- Staff of the POLSA, including its subcontractors (i.e. sub-processors), in charge of providing cloud hosting servers.
- Staff of the European Health and Digital Executive Agency (HaDEA), as Contracting Authority in the frame of the Grant Agreement No. 870330, may also access personal data, in their quality of managing and monitoring the aforementioned Grant Agreement.
Any recipient of personal data will be reminded of its obligation not to use the data received for any other purpose than the one for which they were transmitted.
Legal basis/Lawfulness of the processing:
Processing of personal data is based on the consent of the data subject, in compliance with Art. 5(1)(d) of Regulation 2018/1725, whereby data subject has unambiguously given his or her consent to provide personal data by filling-in and submitting the online registration form with the requested personal data.
Information on the storage locations and retention period of personal data:
- Personal data will be stored electronically on the servers of the Polish Space Agency’s contractors, including cloud hosting servers, which are located in the EU.
- Personal data will be retained for 7 years after the expiry of the Grant Agreement No. 870330 for audit and discharge purposes. Once the retention period is over, personal data will be destroyed.
Your personal data will not be used for automated decision-making, including profiling.
ENTRUSTED website users registering via online forms (i.e. data subjects) have the right:
- To obtain confirmation as to whether or not his or her personal data are being processed, access their data and obtain detailed information on the processing;
- To rectify inaccurate personal data;
- To ask for erasure of personal data if the statutory provisions are met;
- To restrict processing if the statutory provisions are met;
- To ask for data portability, allowing to obtain and reuse personal data for their own purposes across different services;
- To withdraw the consent to personal data processing at any time, without affecting the lawfulness of the processing before the consent’s withdrawal;