Privacy and data protection policy

Privacy Statement for the Administrative management of the website of the European Regulators Group for Audiovisual Media Services (ERGA)

1. Why and how do we process your personal data?

Purpose of the processing operation: the European Commission collects and uses personal information for the administrative management of the public website of the European Regulators Group for Audiovisual Media Services (ERGA). This involves publishing the names of members of the ERGA and observers to ERGA on a dedicated website and in the Commission’s Register for expert groups

Personal data will not be used for any automated decision-making including profiling.

2. On what legal ground(s) do we process personal data

The Commission processes personal data published on ERGA-Online website on the following legal grounds:

1/ The Commission Decision of 3 February 2014 on establishing the European Regulators Group for Audiovisual Media Services.

2/ It is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body (Article 5(1)(a) of Regulation 2018/1725), namely as regards the activities of ERGA, in relation to observers, as set out in the Commission decision.

3/ In relation to ERGA members, processing will take place only with their explicit consent to the collection and the publication by signing or otherwise indicating their agreement to the provisions of this privacy statement (Article 5(1)(d) of Regulation 2018/1725).

3. Which personal data do we collect and further process?

In order to carry out this processing operation the European Commission collects the following categories of personal data:

• Data necessary for transparency purposes, specifically in order to publish the names of individuals officially nominated as members of ERGA or as observers to ERGA and the organisations they represent.

4. How long do we keep your personal data?

The European Commission keeps such personal data for the time necessary to fulfil the purpose of collection or further processing, namely until the individuals nominated as members or observers no longer fulfil that function.

5. How do we protect and safeguard your personal data?

The Commission’s contractors are bound by the confidentiality obligations deriving from the General Data Protection Regulation in the EU Member States (‘GDPR’ Regulation (EU) 2016/679). The contract also specifies that the contractors also  implement technical and organisational measures to ensure an adequate level of data protection in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.

6. Who has access to personal data and to whom is it disclosed?

Personal data on the ERGA-Online website is available on the internet to the public without restriction.

7. What are your rights and how can you exercise them?

Those whose personal data is published on the ERGA website have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU) 2018/1725, in particular the right to access, rectify or erase their personal data and the right to restrict the processing of their personal data. Where applicable, they also have the right to object to the processing or the right to data portability.

They also have the right to object to the processing of their personal data, which is lawfully carried out pursuant to Article 5(1)(a).

Those who have consented to the processing of their personal data, may withdraw their consent at any time by writing to the Data Controller (see contact details under Heading 8 below).

They can exercise their rights by contacting the Data Controller, or in case of conflict the Data Protection Officer. If necessary, they can also address the European Data Protection Supervisor. Their contact information is given under Heading 9 below.

Where a data subject wishes to exercise their rights in the context of one or several specific processing operations, they should please provide their description (i.e. their Record reference(s) as specified under Heading 10 below) in their request.

8. Contact information

  • The Data Controller

If data subjects would like to exercise your rights under Regulation (EU) 2018/1725, or if they have comments, questions or concerns, or if they would like to submit a complaint regarding the collection and use of their personal data, they should feel free to contact the Data Controller, Secretariat of the European Regulators Group for Audiovisual Media Services, Unit I1, Directorate-General for Communications Networks, Content and Technology. Contact details:

European Commission, Directorate-General for Communications Networks, Content and Technology, BU25, Brussels, B-1049 Belgium. Email – CNECT-ERGA-SECRETARIAT@ec.europa.eu

  • The Data Protection Officer (DPO) of the Commission

They may contact the Data Protection Officer (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.

  • The European Data Protection Supervisor (EDPS)

Data subjects have the right to have recourse (i.e. they can lodge a complaint) to the European Data Protection Supervisor (edps@edps.europa.eu) if they consider that their rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of their personal data by the Data Controller.

9. Where to find more detailed information?

The Commission Data Protection Officer (DPO) publishes the register of all processing operations on personal data by the Commission, which have been documented and notified to them. You may access the register via the following link: http://ec.europa.eu/dpo-register.

Record reference: DPR-EC-02631