Privacy Statement for Virtual ESM Shareholders’ Day 2021
Objective and scope
The purpose of this Privacy Statement is to inform you of how the European Stability Mechanism (ESM, “we”, “us” or “our”) processes your personal data to organise and manage the Shareholders’ Day (Event) which will take place online on 10 and 11 November 2021.
Controller, Processor and Data Protection Officer
The ESM is the controller for all the processing operations described in this document. We control the ways your personal data are collected and the purposes for which we process them.
To organise and support the Shareholders’ Day activities, the ESM is supported by ICF Next SA, who is acting as processor, and its sub-processors, B2Match GmbH, Webex by Cisco and Slido which will also process your data for the purpose of providing an online platform for the Event.
The ESM has a designated Data Protection Officer (DPO) who can be contacted at the following email address DataProtectionOfficer@esm.europa.eu.
Processing personal data
We always process your personal data for a specific purpose and only process the personal data that is relevant to achieve that purpose. In this case, the personal data included in this Privacy Statement are processed for the purpose of organising and managing the Shareholders’ Day. The objective of the Event is to enable the Participants to learn and/or update their knowledge of the ESM activities and its functioning.
For the purpose of the Event, the following activities are carried out:
- 1) Manage access to the Event
For the purpose of registration for the Event, ICF Next SA uses the b2match platform to collect the following personal data from speakers and participants: first name, last name, e-mail address, company name, job title and work country. If you decide to indicate it when you register, b2match will also collect the following data: personal phone number, city and address. Additionally, b2match may also process other personal data (e.g. website data, geolocation, browser type, cookies or other technologies used to analyse users’ activity) to provide the services. To learn more on the processing of your personal data by ICF Next SA and B2match GmbH, please refer to their specific privacy policies: ICF Next Privacy Statement and B2match Privacy Policy.
- 2) Host the Event
For the purpose of hosting the Event, ICF Next SA uses b2match and Webex by Cisco, third party tools that will process personal data about speakers and participants.
B2match will process the following personal data: first name, last name, e-mail address, company name, and work country. If you decide to indicate it when you register, b2match will also process the following data: job title, personal phone number, city and address. Additional personal data may also be processed by b2Match such as IP address, website data, geolocation, and browser-generated information (including device information, operating system, cookies or other technologies used to analyse users’ activity).
Webex by Cisco will process the following personal data: first name, last name and e-mail address. Additional personal data may also be processed by Webex, such as IP address, geographic region, and browser-generated information (including device information, operating system, cookies or other technologies used to analyse users’ activity). Chat messages will also be processed by b2Match and Webex to be able to reply to questions, but the chat messages will not be recorded.
For the purpose of Q&A, quizzes and polls, and only if you decide to provide this information, Slido collects the following personal data: first and last name. If you decide to participate in such Q&A, quizzes and polls, additional personal data may also be processed by Slido, such as the IP address, language, website data, geolocation and browser-generated information (including device information, operating system, cookies or other technologies used to analyse users’ activity).
To learn more on the processing of your personal data by Webex by Cisco and Slido, please refer to their specific privacy policies: Cisco Online Privacy Statement and Slido Privacy Policy.
- 3) Recording of the Event
The Event will be held under Chatham House rules. No audio or video of the participants or the speakers will be recorded. Participants will be able to switch on their video for virtual networking purposes or during interactive breakout sessions.
- 4) Publication of agenda
If you are a speaker, we will also publish the agenda of the meeting with your name.
Legal basis for processing personal data
Personal data of the Event participants are processed for the purpose of organising and managing the Shareholders’ Day which objective is to enable the Participants to learn and/or update their knowledge of the ESM activities and its functioning. This processing is necessary in the execution of the ESM’s mandate, for the performance of tasks or activities carried out by the ESM in accordance with the ESM Treaty, By-Laws, and the applicable rules and procedures; this includes the Processing of Personal Data necessary for the management and functioning of the ESM.
How long we keep your data (retention period)
|
Data processed by ESM: first name, last name, company name, e-mail address and work country |
The personal data will be kept for 12 months following the Event, unless you have agreed to receive information about future events from the ESM in which case your data will be kept longer. |
In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case it is no longer considered as personal data. Upon expiry of the applicable retention period we will securely destroy your personal data.
Recipients of your personal data
Your personal data may be shared with parties both internal and external to the ESM for the purpose of the Event:
|
Within the ESM |
The recipients of your personal data are normally ESM members of staff. They may also be interim workers, trainees, or consultants working for the ESM. |
|
Outside of the ESM |
The ESM uses ICF Next SA, a third party processor and its sub-processors, B2Match GmbH, Slido and Webex to manage access to and host the Event. B2Match GmbH stores the collected personal data on servers operated by Google in Germany. Webex by Cisco stores the collected personal data on servers located in the European Union. Slido stores the collected personal data on servers located in Ireland but can transfer it to service providers located in Europe or elsewhere for different purposes such as providing an infrastructure, for user behavior analytics, for email delivery or error debugging services. The list of Slido’s services providers is accessible here: https://www.sli.do/terms#service-providers |
Your rights
You have various rights as an individual, which you can exercise under certain circumstances in relation to your personal data that we hold. You have the right to access, rectify, delete or limit the processing of personal data collected concerning you:
- Your right of access - you have the right to ask us for copies of your personal information.
- Your right to rectification - you have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure - you have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing - you have the right to ask us to restrict the processing of your personal data in certain circumstances.
Please contact us at DataProtectionOfficer@esm.europa.eu if you wish to make a request or lodge a complaint. You are not required to pay any charge for exercising your rights. If you make a request, we will undertake all necessary efforts to respond within a reasonable period of time.
Security of your Personal Data
The ESM takes all reasonable steps to ensure that appropriate security measures are in place to protect the confidentiality and integrity of your personal data.
The ESM further ensures that when third-party service providers process data on behalf of the ESM, appropriate contractual safeguards are put in place to protect your personal data.
Contact information
If you have questions please do not hesitate to contact us at shareholders@esm.europa.eu. If you wish to exercise your rights in relation to your Personal Data please contact the ESM Data Protection Officer at DataProtectionOfficer@esm.europa.eu or send your request to the following address European Stability Mechanism, c/o Data Protection Officer, 6a, Circuit de la Foire Internationale, L-1347 Luxembourg.
