This statement refers to the European Youth Portal. As this system contains individuals' personal data, its publishing and processing falls within the provisions of the Regulation (EC) N° 45/2001 of the European Parliament and of the Council of 18 December 2000. This privacy statement explains to you the way in which this system uses personal data, and the way in which the privacy of this data is being protected.
What is the purpose of the data collection?
There are four main features of the European Youth Portal (EYP) which involve the collection and processing of personal data. These are:
- Information provision – the creation and maintenance of articles, events and news items related to the EU Youth Strategy.
- European Solidarity Corps – the EYP provides the ability for individual young people to register for the Corps, and to indicate their preferences for projects, and receive training to be prepared to undertake a placement. The EYP will also allow authorised organisations to search the database of Corps participants to find potential volunteers / workers for their projects, make contact with potential participants (if the participant agrees to be contacted by the organisation) and finally make offers of placements to chosen participants, which the participants have the option to accept or decline.
- Volunteering Database (VoD) – this enables organisations accredited to run projects under European Voluntary Service (EVS), part of the Erasmus+ programme, to advertise their new projects to potential volunteers by logging in and creating / maintaining mini-adverts about their projects. The VoD also includes a list of all the organisations which are accredited to run EVS projects.
- Online Consultation Toolkit (CTK) – as part of the EU Youth Strategy is to encourage the greater participation of young people in democratic life, the EYP incorporates a platform to allow young people to have their say on different topics.
Users may be asked to login and authenticate yourself before you can use some of these features. To do so, the EYP may use the European Commission's Identity Management System (IMS), through the EU Login system. That system has its own Privacy Statement.
The purposes of the data collection are to:
- Information provision
- Provide contact information (in the form of names and / or email addresses of people associated with articles, events or news items) to members of the public.
- Enable authorised users to be registered on the EYP as authors / editors, and to provide technical assistance when necessary.
- European Solidarity Corps
- Enable young people to register with the Corps by providing their basic personal information and contact details. Also enable registered Corps participants to voluntarily provide additional contact information, details of their preferences for the types of projects they would be interested in, and the skills and experience they can bring to projects, a summary of their education and employment and any previous volunteering experience.
- Enable Corps participants to receive emails, newsletters and other notifications related to the Corps, as well as surveys and other methods of gathering feedback from participants. It is possible for Corps participants to define which communications they wish to receive.
- Enable the Corps to provide training opportunities to Corps participants.
- Enable Corps participants to provide feedback on services and processes.
- Enable Corps participants to communicate with each other through the community building features of the Corps.
- Enable authorised representatives of organisations authorised to run Corps projects to maintain profiles of their organisations, including the names and / or email addresses of people associated with the organisations and their Corps projects.
- Provide this contact information to members of the public.
- Enable authorised representatives of organisations authorised to run Corps projects to search the database of Corps participants in order to find potential volunteers / workers for Corps projects, by matching details of the proposed project against the personal data and preferences provided by Corps participants.
- Enable these authorised representatives to get in contact with selected participants, if the participant agrees to be contacted by the organisation.
- Enable these authorised representatives to offer specific placements to Corps participants, and manage the offers that have been made.
- Enable Corps administrators to manage the database of Corps participants and provide assistance to Corps participants.
- Enable Corps administrators to manage Corps projects and the Corps searching / matching processes, and provide assistance to authorised representatives of organisations authorised to run Corps projects.
- Enable Corps administrators and other trusted parties to send information and notifications about the Corps and other related activities to Corps participants and the authorised representatives of organisations.
- Enable Corps administrators to analyse data on registered participants and to analyse feedback received from participants.
- Volunteering Database
- Provide contact information (in the form of names and / or email addresses of people associated with EVS organisations and their volunteering projects) to members of the public.
- Enable EVS accredited organisations to manage the published contact details of their organisations.
- Enable EVS accredited organisations to advertise their EVS projects to potential volunteers, and enable young people to make contact with these organisations.
- Enable EYP administrators to provide technical assistance to organisations when necessary.
- Online Consultation Toolkit (CKT)
- Allow users to receive updates by email about the consultations they have participated in.
- Enable monitoring and statistical analysis of the users of the OPP.
- Enable EYP administrators to provide technical assistance when necessary to the organisations managing the consultations.
The European Commission and the organisations responsible for the implementation of these features will not process the collected data for any other purpose than those described above.
What personal data do we collect in the European Youth Portal?
- Information provision
- Individual members of the public linked to an article, event or news item: name, email address.
- Staff from Eurodesk Brussels Link or from the network of national Eurodesk organisations: first name, family name, email address, country the person is permitted to administer content on behalf of.
- European Solidarity Corps
- Individual members of the public who decide to join the Corps must provide the following basic information: first name, family name, date of birth, gender, country of legal residence, nationality, email address, preferred contact language, types of Corps projects interested in, prior knowledge and experience, and indicate that they accept the Mission and Principles of the Corps.
- After the initial registration process to join the Corps, they can voluntarily provide additional information about themselves: postal address, telephone numbers, summary of education and employment, details of previous volunteering experiences, language skills, availability for Corps projects, motivation to volunteer on a Corps project, motivation to work on a Corps project, desired countries to volunteer / work in, desired occupations, any additional information the user wishes to provide, willingness to receive emails, newsletters, notifications and other communications from the Corps, willingness to receive emails, newsletters, notifications and other communications from EURES (the European jobs platform).
- They may also upload a personal CV in the form of a document, with the understanding that all of the information contained within the CV, including contact details and any sensitive personal information, will be made available to the representatives of organisations authorised to run Corps projects, who may use it as part of their processes to select participants for their projects.
- The European Solidarity Corps will serve as a platform in order to facilitate organisations and individuals to come together and there will be no evaluation of personal aspects of the data subject conducted by EAC.
- Authorised representatives of organisations authorised to run Corps projects: first name, family name, user name, email address, organisation(s) the person is entitled to administer, acceptance of the Mission and Principles of the Corps.
- Volunteering Database
- Individual members of the public linked to an EVS organisation or volunteering project: name, email address.
- Volunteering Organisation Managers: first name, family name, user name, email address, organisation(s) the person is entitled to administer.
- Online Consultation Toolkit
- Individual members of the public: first name, family name, email address, country of residence, date of birth, gender, organisation they represent (if applicable).
- Authorised representatives of organisations allowed to use the CTK – first name, family name, email address, country the person is entitled to administer.
Which technical means do we use for processing your data?
The data collection and processing is done using the Commission's IT standards and telecommunication infrastructure. The data is stored in a central database (managed by DG Education and Culture and located at the Commission Data Centre in Luxembourg.
Who has access to your information and to whom is it disclosed?
- Information provision
- The general public will see the relevant personal contact details of any people added by authorised EYP editors to articles, news items or events, for instance the public contact person for an event or a news item.
- These details are also accessible by Eurodesk staff at Eurodesk Brussels Link and the network of national Eurodesk organisations.
- EYP administrators also have access to this information.
- European Solidarity Corps
- The general public will see the personal contact details of representatives of organisations authorised to run Corps projects, if the organisation itself adds this information to its Corps profile published on the Corps webpages.
- Corps participants can view and maintain their personal data by logging into their European Solidarity Corps account. They have the right to delete their account at any time. The Corps participant is responsible for the quality of their own data.
- Personal details of registered Corps participants are accessible by the authorised representatives of organisations authorised to run Corps projects.
- Personal details of registered Corps participants are also accessible to Corps administrators and the administrators of the different EU programmes through which authorised organisations provide European Solidarity Corps project placements.
- Volunteering Database (VoD)
- Personal contact details of people linked to EVS organisations and EVS volunteering projects are viewable by the general public.
- The authorised representatives of an EVS organisation can access the personal contact details of people linked to that particular organisation and its projects.
- Online Consultation Toolkit (CTK)
- The email addresses and basic demographic data of users of the CTK and their activity in the OPP are viewable by authorised representatives of organisations allowed to run consultations through the CTK, and who are trained to manage the consultations.
- EYP administrators will also have access to this data.
In addition, all of the personal data is accessible by:
- Staff of the DG EAC units responsible for the implementation of services through the European Youth Portal.
- Staff of the DG EAC Informatics (IT) unit.
- Staff of other competent European Commission Services co-responsible for implementation of services through the European Youth Portal.
It is able to be disclosed, if necessary, to:
- Staff of the Internal Audit Capacity of DG EAC
- Staff of DG IAS
- Staff of OLAF
How long do we keep your data?
Contact email addresses included in articles, news and events will be deleted, along with the original content item, within two years of the item passing its unpublish date.
Personal data contained within user accounts created for editors / authors held in the European Youth Portal will be deleted two years after the last time the users logged in to the EYP using these accounts.
Personal data contained within user accounts for the European Solidarity Corps will be deleted one year after the reaches the upper age limit of eligibility for participation in the Corps, unless the user has agreed to join any alumni scheme that may be in place at that time.
Online consultation processes contributions will be anonymised (ie, the link between the user and the contributions / votes they made will be removed) within two years after the end of each complete consultation and reporting / feedback process.
How can you access your personal data, verify its accuracy and, if necessary, correct it?
You have the right to access the stored personal data and, if necessary, ask for your data to be corrected, by contacting the Data Controller of the European Youth Portal, who is:
Head of Unit, "Youth policy", Rue Joseph II 70, B-1049, Brussels, email: EAC-EYP@ec.europa.eu
What are the security measures taken to safeguard your information against possible misuse or unauthorised access?
The data is safeguarded in the Commission and covered by the numerous defensive measures implemented by the Commission to protect the integrity and confidentiality of the electronic assets of the Institution.
European Solidarity Corps
By accepting this Specific Privacy Statement, an organisation authorised to run Corps projects agrees to use the European Solidarity Corps IT systems solely to search for Corps participants for projects, as well as contact and make offers of project placements to Corps participants. These projects may be of its own undertaking, or the undertaking of another organisation which the authorised organisation is officially representing.
Specifically, the authorised organisation undertakes to adopt technical and operational security measures relevant to the risk inherent in their processing of the personal data of participants, in order to:
- prevent any unauthorised person from gaining access to computer systems processing personal data, and especially (a) unauthorised reading, copying, alteration or removal of storage media, (b) unauthorised data input as well as any unauthorised disclosure, alteration or erasure of stored personal data, (c) unauthorised persons from using data-processing systems by means of data transmission facilities;
- ensure that authorised users of a data-processing system can access only the personal data to which their access right refers;
- record which personal data have been communicated, when and to whom;
- ensure that personal data is being process in accordance with the data protection provisions laid down in national legislation;
- ensure that, during communication of personal data and transport of storage media, the data cannot be read, copied or erased without authorisation;
- design its organisational structure in such a way that it meets data protection requirements.
Whom to contact if you have queries or complaints about data protection of individuals?
You should contact the Data Controller for the European Youth Portal, who is: Head of Unit, "Youth policy", Rue Joseph II 70, B-1049, Brussels, email: EAC-EYP@ec.europa.eu.
If you have further queries or complaints, you can also contact:
- The Data Protection Coordinator of DG EAC: email@example.com
- The European Commission Data Protection Officer: firstname.lastname@example.org
In case of conflict, complaints can be addressed to the European Data Protection Supervisor (EDPS) http://www.edps.europa.eu
Where to find more detailed information?
The Commission Data Protection Officer publishes the register of all operations processing personal data. You can access the register on the following link: http://ec.europa.eu/dpo-register.
This specific processing has been notified to the DPO with the following reference: 3693.