Skip to main content

Privacy Notice

Consultations

The European Union Agency for Railways (ERA) is committed to respecting the privacy of the participants to any consultations which are organised in the framework of its activities. All personal data provided to ERA are dealt with in compliance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (and any other regulation that will supersede it).

The following data protection information notice outlines the criteria by which ERA collects, manages and uses the personal data of the participants to consultations with social partners and organisations representing rail freight customers and passengers.

Identity of Controller:

ERA

Purpose of processing:

Processing of personal data is needed to obtain the views of stakeholders concerned whenever the Agency is required to address its recommendations to the European Commission on matters that have a direct impact on these categories of subjects.

Type of data processed:

Only the following data are collected:

  • Name (optional)
  • Surname (optional)
  • Organisation (optional)
  • E-mail address (optional)
Recipients of the data processed:

In accordance with Article 4 of Regulation (EC) N° 1049/2001 of 30 May 2001 regarding public access to European Parliament, Council and Commission documents and Article 8(2) of the “Arrangements to be applied by the Agency for public access to documents” (Annex to Management Board Decision N°145 of 29 November 2016), ERA is committed to grant access to any document you have submitted during the consultation phase, by publishing the outcome on the ERA website.

In a later stage, your opinions will be included in the report accompanying the recommendation to the Commission, as provided for in Articles 6 and 7 of the Agency’s Regulation.

In order to ensure the reliability of your contribution and for transparency reasons, some of your personal information may be published as well, where appropriate, without any further processing which is incompatible with the purpose of the consultation. You can specify what personal information you agree to be published by checking the relevant box in the comment sheet.

Legal basis and Lawfulness of processing:

Legal basis:

In accordance with Articles 6 and 7 of Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Railways and repealing Regulation (EC) No 881/2004.

Lawfulness: 

The agency collects and processes your personal data in compliance with Article 5 (a) and (b) of the EU Data Protection Regulation:

(a) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

(b) processing is necessary for compliance with a legal obligation to which the controller is subject

The processing may be based on consent (Article 5(d) of the EU Data Protection Regulation) or another legal basis, as established by the EU Data Protection Regulation, in some specific circumstances.

Protection and security measures:

All personal data are processed only by designated ERA staff and stored on servers which abide by the ERA’s IT security rules and standards.

Retention period:

Your personal data will remain in the database until the results have been completely analyzed and will be rendered anonymous when they have been usefully exploited, and at the latest after twelve months from the end of the consultation. This does not apply to personal data whose online publication has been consented. These data will remain available on the ERA website until the data subject exercise their rights to have it deleted.

The data subject’s rights:

In case you wish to verify which personal data is stored on your behalf by the responsible Controller, have it modified, corrected or deleted, please contact the Data Controller by using the contact information below and by explicitly specifying your request, or our Data Protection Officer.

Resource:

Practical questions on the public consultation can be sent to the ERA staff in charge of the organisation of the relevant consultation, using the functional mailbox specifically established for that consultation.

In case of conflict on any Personal Data Protection issue you can address yourself to our Data Protection Officer or use the contact form on our website, selecting as type of request: “Data protection” and specifying the reference to the consultation.

Should the conflict not be resolved by the Data Protection Officer you may lodge a complaint with the European Data Protection Supervisor at any time.

Recruitment

The European Union Agency for Railways (ERA) is committed to respecting the privacy of its candidates for recruitment. Within the framework of the selection procedures at ERA, all personal data provided by candidates are dealt with in compliance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

The following data protection information notice outlines the criteria by which ERA collects, manages and uses the data provided by candidates within the different selection procedures for the recruitment.

Identity of Controller:

ERA Head of Resources and Support Department

Purpose of processing:

Processing of personal data is needed for:

  • The organisation of selection procedures to recruit temporary agents, contract agents, seconded national experts and trainees
  • The management of applications at the various stages of these selections
  • The management and control of the use of reserve lists.
Type of data processed:

The personal data processed are the ones provided in the form used for the electronic application, in particular:

  • Personal data allowing the candidate to be identified, i.e. surname, first name, date of birth, gender, nationality, private address, e-mail address, telephone
  • Information provided by the candidate to allow the practical organisation of selection, i.e. address information: street, postcode, town, country, telephone, fax, e-mail
  • Information provided by the candidate to verify whether s/he fulfils the eligibility and selection criteria laid down in the vacancy notice, i.e. information about nationality, languages, education, previous working experience, fulfilment of military/civil service duties, criminal convictions etc. Furthermore, the applicant may indicate any individual situation regarding eligibility criteria and any other information they would like to provide to support their application
  • Information concerning any disabilities (with the purpose to prepare any necessary arrangements and possibly, assist the staff/trainee in receiving an additional supplement to his/her grant)
  • Additional information in case a traineeship is offered: proof of health and accident insurance, bank account details (for the purposes of travel costs reimbursement and payment of the traineeship grant, where applicable).

Candidates are free to give their data on a voluntary basis, although failure to provide data in the mandatory fields will not allow the submission of the application form.

Recipients of the data processed:
  • Human Resources Unit (more specifically staff in charge of recruitment)
  • Members of the Selection Board
  • Appointing Authority (Executive Director)
  • Also, if appropriate, access will be given to the Internal Audit Service, the European Ombudsman, the Civil Service Tribunal and the European Data Protection Supervisor
  • Should the applicant’s name be placed on a reserve list, access to the reserve list and to the applicant’s data will be provided to the concerned internal services interested in the recruitment of the person
  • In case the Agency would outsource services to third parties, the identification data of the candidates may be transferred in order to organise the procedure.
Legal basis and Lawfulness of processing:

Legal Basis: In accordance with Decision 206/06.2009; Decision 207/06.2009; Rules governing traineeship period at ERA; Amendment to the ERA rules governing engagement of trainees.

Lawfulness:  The agency collects and processes your personal data in compliance with Article 5 (a) and (b) of the EU Data Protection Regulation:

(a) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

(b) processing is necessary for compliance with a legal obligation to which the controller is subject

The processing may be based on consent (Article 5.1(d) of the EU Data Protection Regulation) or another legal basis, as established by the EU Data Protection Regulation, in some specific circumstances.

Protection and security measures:

All personal data are processed only by designated ERA staff and stored on servers which abide by the ERA’s IT security rules and standards.

Retention period:

Personal data regarding engaged applicants will be kept for ten years after the termination of employment or the last pension payment, whichever applicable.

Data of non-engaged applicants but successfully placed in the reserve list for appointment will be kept for seven years after the budgetary discharge.

Data concerning non-engaged applicants will be kept for five years from the date the data subject became aware of the result of the selection procedure.

Data concerning assigned trainees will be kept for two years after the termination of the traineeship. The purpose of archiving those data is to keep records of all beneficiaries of the traineeship scheme of ERA and allow the delivery of traineeship certification.

Data concerning non-successful applicants for traineeships will be deleted at the end of the traineeship period they applied for. This would allow to for a delayed assignment, should one of the successful trainees drop out of the scheme.

After the above-mentioned periods, only data needed to provide overall statistics on the exercise (number of eligible and non-eligible applications, total number of applications, etc.) will be kept for statistical reasons. These statistics are not subject to Regulation (EU) 2018/1725 since they are anonymous and cannot be used to identify one or more persons either directly or indirectly.

The data subject’s rights:

In case you wish to verify which personal data is stored on your behalf by the responsible Controller, have it modified, corrected or deleted, please contact the Data Controller by using the contact information below and by explicitly specifying your request, or our Data Protection Officer.

On the other hand, data demonstrating compliance with the eligibility and selection criteria may not be updated or corrected after the closing date for the respective selection procedure.

Resource:

Practical questions on the recruitment can be sent to the ERA staff working for the Human Resources Unit

In case of conflict on any Personal Data Protection issue you can address yourself to our Data Protection Officer or use the contact form on our website, selecting as type of request: “Data protection” and specifying the reference to the application.

Should the conflict not be resolved by the Data Protection Officer you may lodge a complaint with the European Data Protection Supervisor at any time.

Stakeholder Relationship Management

Data protection notice (updated May 2020)

The European Union Agency for Railways (ERA) is committed to respecting the privacy of personal data processed by Microsoft Dynamics Customer Relationship Management software (called SRM) implemented at ERA. In this framework, all personal data provided by stakeholders (contacts) are dealt with in compliance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (hereafter EUI Data Protection Regulation).

The following data protection information notice outlines the criteria by which ERA collects, manages and uses the personal data of its stakeholders.

Identity of Controller:

Head of Unit EXO

Purpose of processing:

ERA processes personal data of stakeholders to:

  • Facilitate contacts, consultation, review of work progress, as well as exchange of information and views between the Agency and its stakeholders
  • Organise and manage events, meetings or other activities, (including reimbursement)
  • Manage access to ERA extranet, registers and to the One-Stop Shop
  • Inform about ERA’s activities
  • Manage online surveys on specific topics relating to our activities

ERA has identified two main types of stakeholders:

  • Engaged stakeholders: have an inherent interest in, and influence on, the activities and governance of ERA (EU) 2016/796
  • Generic stakeholders: everybody who are no engaged stakeholder but have an interest in the ERA activities.
Type of data processed:

The following personal data may be collected:

  • Personal details: first name, last name, category, user name, job title, organisation/company name, e-mail address(es), phone(s), , country, address, picture,
  • Financial details: bank account information, supporting evidence submitted for reimbursement (only for entitled stakeholders)

In addition, the stakeholder can select communication preferences by subscribing to the following subscription lists:

  • Agency newsletter
  • Surveys relevant to ERA activities
  • Ad-hoc information
  • Invitations to events

ERA can make connections with other contacts (e.g. hierarchical relationship) in order to classify them and establish marketing lists.

The collected data are classified in stakeholder categories, companies/organisations, workgroups and marketing lists.

The Agency’s SRM system has an integrated Outlook client which means that the content of emails can be viewed or stored in the SRM system.

Communications made via the SRM also allow scores about frequency of interactions of the contact with the system, e.g. registration to events.

By working through SRM, the Agency and the contact are able to build up a profile and this can be further enhanced through the use of website cookies.

Recipients of the data processed:

Personal data stored in the SRM may be accessed by ERA staff and contractors under the direct supervision of ERA staff.

Data records found not to meet applied standards are deleted.

From time to time, in order to validate data or in relation to particular campaigns (e.g. user satisfaction surveys carried out on behalf of ERA or focus groups), contact details (name, emails, addresses) may be transferred to third parties provided that an adequate level of protection (within the meaning of Article 9 of the Regulation (EU) 2018/1725) is ensured, in particular where the Controller adduces adequate safeguards (e.g. use of appropriate contractual clauses) with respect to the protection of the privacy and fundamental rights and freedoms of the data subjects concerned.

How are my data processed by SRM?
  • Contact details are either entered into the SRM system manually by ERA staff or by the stakeholder him/herself via the web interface or the One/Stop Shop
  • All ERA staff has editing rights to manage contacts as in accordance with good SRM practice and guidelines
  • Contact details may be gathered from publicly-available lists such as those relating to Members of the European Parliament, European Commission officials etc. and are also gathered through direct contact with an Agency staff member whether it is by email, telephone, business card or face-to-face meeting
  • Where a new contact is entered into the SRM, s/he will receive an email to indicate that the Agency would like to enter his/her data in its contact database. This email informs the data subject of this intention and provides a hyperlink to lead the data subject through to a variety of options including the possibility to decline the invitation or, if the data subject agrees to be included in the SRM, to complete or rectify his contact details and his subscription preferences. Without any action from the stakeholder, the profile will be deleted.
  • The contacts are under constant review to ensure accuracy of data
  • The contacts are requested to update themselves their data and preferences on a regular basis
Legal basis and Lawfulness of processing:

Legal basis: The SRM supports the actions which have to be undertaken by the Agency in the context of Articles 5 and 39 of Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Railways

Lawfulness: The agency collects and processes your personal data in compliance with Article 5(a) and (b) of the EUI Data Protection Regulation:

(a) Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

(b) Processing is necessary for compliance with a legal obligation to which the controller is subject

The processing of personal data for all other purposes (generic stakeholders) who have an interest in ERA activities and have voluntarily chosen to be added to the SRM is lawful based on their consent (Article 5 (d) of the EUI Data Protection Regulation).

Protection and security measures:

Appropriate organizational and technical security measures are ensured according to the data protection legislation applicable to EU institutions and bodies.

Data might be stored temporarily on the servers of our processor, ClickDimensions. For more information on the processing of your data by ClickDimensions please follow this link.

Retention period:

Personal data regarding stakeholders will be kept until they exercise their rights to have it deleted. However, data received via the contact us-form on the website will be put on ‘inactive’, when requested and deleted after the mandatory (anonymized) reporting on access to documents requests to the Management Board once a year. Financial data will be kept for 7 years.

The data subject’s rights:

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request to erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the contacts below.

Recourse:

In order to exercise your rights as data subjects you are invited to contact the Controller by email.

Any other questions on the stakeholder relationship management can be sent using the contact us-form on the ERA website, selecting as topic of request: ‘User management of workgroups’.

In case you have any questions related to the protection of your personal data, you can contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Calls for Expression of Interests

The European Union Agency for Railways (ERA) is committed to respecting the privacy of personal data of the participants in Calls for Expression of Interests (CEI). All personal data provided to ERA are dealt with in compliance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

The following data protection information notice outlines the criteria by which ERA collects, manages and uses the personal data provided within CEI.

Identity of Controller:

ERA Procurement Unit

Purpose of processing:

The processing of personal data of applicants to CEI is needed in order to allow economic operators to propose themselves to be included on a list of potential service providers / experts in advance of public procurement operations / further processing within the subject scope of the respective CEI.

Type of data processed:

The following data are / may be collected in the registration form and further processed for the purposes indicated above:

  • Title, First Name, Family Name, Birth Date, Nationality
  • Contact Details:
    • Full Name
    • E-Mail Address
    • Street Nr & Name
    • Town/ City
    • Postcode
    • Country
    • Phone Number
    • Website URL (if available).
  • Description of main area of business / expertise
  • Additional information
  • Curriculum Vitae
  • Information related to candidates’ legal, economic and financial as well as technical and professional capacity.
Recipients of the data processed:

Personal data may be accessed only by ERA staff for the purpose of management of the CEI and any associated tender procedures.

Also, if appropriate, access will be granted to the Internal Audit Service, Internal Legal Department, Court of Auditor, OLAF, the European Ombudsman, the EU Court and the European Data Protection Supervisor.

Legal basis and Lawfulness of processing:

Legal basis: Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Railways and repealing Regulation (EC) No 881/2004.

In accordance with Article 5 (a) of Regulation (EU) 2018/1725, the processing is necessary for the performance of tasks carried out in the public interest on the basis of the Treaties establishing the European Communities.

Regulation (EU, Euratom) No 966/2012 of the European Parliament and of the Council of 25 October 2012 on the financial rules applicable to the general budget of the Union (the “Financial Regulation”).

Commission Delegated Regulation (EU) No 1268/2012 of 29 October 2012 on the rules of application of the Financial Regulation.

Lawfulness:  The agency collects and processes your personal data in compliance with Article 5(a) and (b) of the EU Data Protection Regulation:

(a) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

(b) processing is necessary for compliance with a legal obligation to which the controller is subject

Protection and security measures:

All personal data are processed only by designated ERA staff and stored on servers which abide by the ERA’s IT security rules and standards. Personal data of applicants might be accessed by ERA.

Retention period:

Your personal data are kept - in the service in charge of the procedure - until the end of validity of the CEI for which you submitted an expression of interest, and in the archives for a period up to 10 years following the end of the validity of the corresponding CEI.

The data subject’s rights:

In case you wish to verify which personal data is stored on your behalf by the responsible Controller, have it modified, corrected or deleted, please contact the Data Controller by using the contact information below and by explicitly specifying your request, or our Data Protection Officer

Resource:

Practical questions on CEI (establishing a list of vendors or a database of experts) can be sent to the ERA staff working for the Procurement Unit

In case of conflict on any Personal Data Protection issue you can address yourself to our Data Protection Officer or use the contact form on our website, selecting as type of request: “Data protection”.

Should the conflict not be resolved by the Data Protection Officer you may lodge a complaint with the European Data Protection Supervisor at any time.

Selection and engagement of the Agency Staff (TA, CA, SNE and trainees)

This Privacy Statement outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of the selection and engagement of the Agency Staff (TA, CA, SNE and trainees). Your personal data provided to ERA are dealt with in compliance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

Identity of Controller:

ERA Head of Resource and Support Unit.

Purpose of processing:

The purpose of this processing operation is to obtain data or information necessary to support the application during ERA’s selection procedure.

Type of data processed:

The types of data are the following:

  • Family name;
  • Name;
  • Date of birth;
  • Gender;
  • Nationality;
  • Private Address;
  • E-mail Address(es);
  • Telephone number(s);
  • ERA application form;
  • Motivation letter;
  • Any individual situation regarding eligibility criteria and/or any other information necessary to support the application;
  • In case of employment offer, supporting documents may be requested, including the ones containing sensitive data such as certificate of character and “medical-fit-to-work” certificate.

Appropriate organizational and technical security measures are ensured according to the data protection legislation applicable to EU institutions and bodies. The paper-based data are securely stored in the Human Resources Sector’s offices, partly in code-protected safes to which access is only granted to authorize HR staff members (i.e. the HR Assistants, the HR Officer).  E-stored data are stored and protected in line with the IT provisions.

Recipients of the data processed:

The recipients of the data are:

  • The AACC;
  • Designated Human Resources staff;
  • Members of the selection committee appointed by the Executive Director;
  • Supervisory instances of the Agency.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Legal basis and Lawfulness of processing:

Legal basis: Staff Regulations and the Conditions of Employment of Other Servants (CEOS) of the European Communities laid down by Council Regulation (EEC,EURATOM, ECSC) No. 259/68  and last amended by Council Regulation (EC, EURATOM EC) No. 1558/2007 of 17 December 2007 and the internal guidelines on selection.

Lawfulness: The above data processing operation is carried out in accordance with Art. 5(c) of Regulation (EU) 2018/1725.

Protection and security measures:

All personal data are processed only by designated ERA staff and stored on servers which abide by the ERA’s IT security rules and standards. Personal data of applicants might be accessed by ERA.

Retention period:

Data regarding engaged applicants will be kept for ten years after the termination of employment or the last pension payment, whichever applicable.

Data of non-engaged applicants but successfully placed in the reserve list for appointment will be kept for seven years after the budgetary discharge.

Data concerning non-engaged applicants will be kept for five years from the time that the data subject became aware of the result of the selection procedure (i.e. from the date of publication in the ERA Web page that the procedure was closed, or the date in which the applicant has received a relevant information letter).

After the above-mentioned periods, only data needed to provide overall statistics on the exercise (number of eligible and non-eligible applications, total number of applications, etc.) will be kept for statistical reasons. These statistics are not subject to Regulation 2018/1725 since they are anonymous and cannot be used to identify one or more persons either directly or indirectly.

The data subject’s rights:

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the removal of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Contacts:

All your requests concerning your data protection rights should be addressed to the Head of the Resource and Support Unit.

In case you have any questions related to the protection of your personal data, you can also contact the Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

One-Stop Shop (OSS)

The European Union Agency for Railways (ERA) is committed to respecting the privacy of personal data processed by the One-Stop Shop (OSS) implemented at ERA.

When the European Union Agency for Railways (ERA) acts as issuing entity, your personal data will be processed:

a) by ERA in accordance with Regulation (EC) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data and

b) by the National Safety Authorities (NSAs) of the European Economic Area and Switzerland in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

When the National Safety Authorities (NSAs) act as issuing entities, your personal data will be processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

When the NSAs process personal data in the OSS according to their applicable national legislation, they are the sole responsible for ensuring the data subjects’ rights.

The service providers of OSS are obliged to process your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Identity of Controller:

The European Union Agency for Railways (ERA), when it acts as issuing entity and for the part of the application it assesses. In this case, the responsible for managing your personal data processing is the ERA Head of Planning and Approvals Delivery Unit.

The NSAs when they assess their part of the application submitted in OSS as well as when they act as issuing entities. In both cases, unless otherwise stated by the NSAs, the responsible for managing your personal data is the Head of the relevant NSA.

Purpose of processing:

The processing of personal data in the OSS is needed to fulfil ERA’s, NSAs’ and applicants’ tasks and to enable the functioning of the OSS. More information on the OSS Terms of Use.

Type of data processed:

The types of data are the following:

  • Family name;
  • Name;
  • Job title or function;
  • Address;
  • E-mail Address(es);
  • Phone number(s);
  • Language(s) spoken;
  • OSS notification preferences;
  • The user activity such as login and logout information attributed to users, content of application file, assessment reports, signatures, opinions, issue log, communication exchange and decisions.
Recipients of the data processed:

The recipients of the data are:

  1. Designated ERA staff for the purposes of planning, assessing and deciding on applications for single safety certificates, vehicle and vehicle type authorisations and approvals;
  2. Designated NSAs staff for the purposes of assessing and deciding on applications for single safety certificates, vehicle and vehicle type authorisations and approval decisions;
  3. Applicants’ representatives for the purpose of submitting and uploading content in the OSS in relation to applications and receiving feedback on them;
  4. Representatives of IT service provider company “Intrasoft”, based in Luxemburg, for the purpose of providing the OSS system operation;
  5. Representatives of IT service provider consortium “JV CANCOM-PIRONET”, based in Belgium, for the purpose of providing the OSS system operation.

All recipients of the data are reminded of their obligation not to use the personal data for any further purpose other than the one for which they were collected. The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to any third country outside the EU.

 

Legal basis and Lawfulness of processing:

Legal basis:

Lawfulness: The above data processing operation is carried out by ERA in accordance with Article 5(a) of Regulation (EC) 2018/1725: “Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body” and by the NSAs in accordance with Article 6(e) of the GDPR: “Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”.

Protection and security measures:

All personal data are processed only by designated staff and stored on servers which abide by the ERA’s IT security rules and standards.

Retention period:

Personal information will only be retained in the OSS for a maximum period of:

  • Vehicle authorisations and Vehicle type authorisations: 15 years;
  • Single safety certificates: 15 years;
  • ERTMS trackside approvals: 15 years.
The data subject’s rights:

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the removal of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the Data Controller. You will find the address in the Contacts below.

Contact:

All your requests concerning your data protection rights can be addressed to the Data Controller of ERA when ERA is acting as issuing entity by using the contact form on our website, selecting as type of request: “One-Stop Shop”.

In case the request is linked to the processing personal data by the NSA and for the NSA’s part of the assessment in the OSS, ERA will transmit the request to the responsible NSA involved in the assessment of the application.

In case of conflict on any Personal Data Protection issue you can address yourself to our Data Protection Officer or use the contact form on our website, selecting as type of request: “Data protection”.

Should the conflict not be resolved by the Data Protection Officer you may lodge a complaint with the European Data Protection Supervisor at any time.

In case of the NSAs acting as issuing entity, contact details of each NSA are publically available in the ERADIS database.

Procurement Procedures and Contract Management

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of Procurement Procedures and Contract Management.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contacts”.

Identity of Controller

ERA Head of Finance and Procurement Unit.

Purpose of processing

This processing operation is related to personal data that may be included in the management and administration of procurement procedures and contracts by the Agency, including in particular :

  • the provision of evidence of the technical and professional capacity of tenderers, their staff and subcontractors;
  • the execution of the contract and additional purposes such as statistics, reporting or auditing.

The Agency needs to evaluate the submitted applications according to the same set of criteria provided therein in order to ensure the optimal use of EU financial resources.

ERA collects only the personal data that the tenderers provide during the participation to the procurement procedures.

ERA collects the personal data in order to use service providers, independent experts, other independent workers needed for ERA to carry out its tasks under the terms of the Regulation (EU) 2016/796 establishing the European Union Agency for Railways.

Type of data processed
  1. The following data relating to tenderers (or to subcontractors, if applicable) can be processed during the public procurement:
    • identification and contact details (name, surname of natural person, name and legal form of legal person, address, identity card number, registration number, VAT number, phone number, e-mail address);
    • proof of independent worker status (if applicable) and extract from the trade register, bank certificate stating financial situation; bank account details;
    • statement of the overall turnover for the supplies and/or services referred to in the procurement procedure;
    • organisational chart of the tenderer and company profile;
    • proof of having fulfilled all obligations to pay social-security contributions and taxes;
    • certificate of clear criminal record or extract of judicial history;
    • extract from the register of bankruptcy or relevant document;
    • documents attesting professional standing (curriculum vitae, copies of diplomas, certificates etc.);
    • list of similar services provided by the tenderer and information on contracts considered similar in scope.
  2. Data relating to staff members participating in the procurement procedure are limited to identification and contact details (name and surname, function, e-mail address, business telephone number).
Recipients of the data processed

The recipients of the personal data are:

  • Authorised Agency staff dealing with tenders and procurement procedures as well as  financial and accounting matters have access to your data.

In accordance with the Agency's obligation to publish information on the outcome of the procurement procedure and on the beneficiaries of funds deriving from the budget of the European Community some identification data of the awarded contractor will be made publicly available. The information will concern the name and address, the amount awarded and the works, goods or services requested. It is published in supplement S of the Official Journal of the European Union and/or on the website of the Agency.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined above.

Legal basis for the processing operation

Legal basis:

  • ERA Financial Regulation adopted by ERA Management Board (Decision n° 206)
  • Regulation (EU, EURATOM) 2018/1046

Lawfulness:

The data processing is considered lawful under art. 5(a), (b) and (c) of the Regulation (EC) 2018/1725, because it is necessary:

  • for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
  • ensure compliance of the Agency with legal obligations;
  • take steps prior to entering into contract with the data subject.
Protection and security measures

The Agency has several security controls in place to protect your personal data from unauthorised access, use or disclosure. We keep your data stored on computer systems with limited access to a specified audience only.

Retention period

The provisions contained in the article 47 of ERA's Financial Regulation state that:

"1. The authorising officer shall set up paper-based or electronic systems for the keeping of original supporting documents relating to the budget implementation. Such documents shall be kept for at least five years from the date on which the European Parliament grants discharge for the financial year to which the documents relate.
2. Documents relating to operations not definetely closed shall be kept for longer than provided for in paragraph 1, namely until the end of the year following that in which the operations are closed."

Therefore files relating to tender procedures are kept for a period of:

  • 7 years following signature of the contract or following the last payment by the Agency;
  • 5 years following the signature of the contract into question for unsuccesful tenderers.

Extracts from judicial reports (electronic format and paper version) are kept for a period of 2 years following the signature of the contract with the succesful bidder(s).

Until the end of a possible audit if one started before the end of the above period.

The data subject’s rights

Under data protection law, you have rights we need to make you aware of these rights. The rights available to you depend on our reason for processing your information. You are not required to pay any charges for exercising your rights.

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

The Agency does not do automated decision making, including profiling, on the personal data acquired during procurement and contract management procedure.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

The Agency will address your requests within 2 weeks from the receipt of the request.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

ERA keeps this privacy notice under regular review to make sure it is up to date and accurate.

Registering Bank Account File and Legal Entity File

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of Registering Bank Account File and Legal Entity File.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contacts”.

Identity of Controller

ERA Head of Finance and Procurement Unit.

Purpose of processing

The Agency is using the Commission accounting system ABAC, which includes the centrally validated "Legal Entity File" and "Bank Account File", to make or receive payments.

This processing operation is related to personal data that may be included in the Legal Entities File (LEF) that records all third parties with which the Agency conducts revenue and expenditure transactions.  The Bank Account File (BAF) is a descriptive file containing bank details for all companies, organisations and individuals with which the Agency has financial dealings.  Bank account related data are registered in a SWIFT compatible manner.

No transaction may be made for the purposes of implementing the budget unless it involves a legal entity (LE) that has been validated beforehand. It follows that before a bank account (BA) can be recorded in the BAF, a LE must be recorded in the ABAC application: the bank account will be linked to that legal entity.

A LE and/or a BA will not be recorded in the Agency's accounts until the legal entity validation team (LEVT) or the bank account validation team (BAVT) within DG BUDG has validated the authorising department's request, which must be accompanied by the relevant supporting documents.

The validation of the LEF and the BAF is a pre-requisite before any transaction may be made for the purposes of implementing the budget.

Each validated legal entity and bank account record is identified by a unique key.  These keys are used by authorising officers' services when preparing financial and contractual transactions.

Type of data processed

The data, including personal data that may be processed are as follows:

  • data subjects:
    • Private person or Staff member;
    • Private companies represented by natural persons;
    • Public entities represented by natural persons.
  • personal data:
    • Bank details : Name in which the bank account has been opened, Address declared with the bank (street, number, town, postcode, country), Bank name, Bank Branch address (if needed), Bank account number (IBAN if existing), Branch code (for certain countries), Date and signature;
    • LEF Personal details: name, first name, permanent address, ID card/passport number, date and place of birth, personnel number (for staff only).

Appropriate organizational and technical security measures will be ensured according to the data protection legislation applicable to EU institutions and bodies.

The forms and documents sent for central validation of the LEF and BAF are added in the payment file. Electronic data is kept within the ABAC WKFL system

The data collected in the Agency’s accounts can be accessed by designated agency staff + staff from the Commision’s central services, using a UserID and a Password. A Service Level Agreement guarantees the appropriate confidentiality and the technical and organisational security of the ABAC system, as required by the applicable data protection provisions.

Recipients of the data processed

The recipients of the personal data are:

  • Inside ERA:
    • Authorised Agency’s staff dealing with financial and accounting matters have access to your data;
  • Inside EUIs:
    • DG BUDG's central validation team dealing with financial and accounting matters have access to the data;
  • Outside EUIs:
    • As the Agency is using the European Commission’s system SWIFT Network, for executing its payments, your bank particulars will also be sent to this company whenever a payment is made in to the beneficiary.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Legal basis for the processing operation

Legal basis:

In accordance with Art. 49 of the ERA Financial Regulation adopted by the Decision n°206 of the Management Board on 23/09/2019, the Management Board shall appoint an accounting officer who shall be responsible:

(a) properly implementing payments, collecting revenue and recovering amounts established as being receivable.

Moreover, in accordance with the ERA Financial Regulation adopted by the decision n°206 of the Management Board on 23/09/2019, the Articles 45 and 47 stipulate powers and duties of the Accounting Officer with respect to the creation and management of legal entity files and for the keeping of supporting documents. These files and documents contain the needed personal data for a sound and legal management of payments and recovery of sums.

Lawfulness:

Processing of "Legal Entity" (LEF) and "Bank account" (BAF) related data is lawful under art. 5.1 (a), (b) and (c) of the Regulation (EC) 2018/1725, because it is necessary:

  • for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
  • for compliance with a legal obligation to which the controller is subject, and
  • for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Protection and security measures

The Agency has several security controls in place to protect your personal data from unauthorised access, use or disclosure. We keep your data stored on computer systems with limited access to a specified audience only.

Retention period

For audit trail reasons and to permit at all times queries on the past execution of payments, no registered data are deleted from the accounts. The forms and documents you submit are scanned and archived electronically. The original forms and documents are usually included in the payment files and follow the same retention rules.

The data subject’s rights

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Mission management (including travel order sent to the travel agency)

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of mission and authorized travels management (including travel order sent to the travel agency).

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contacts”.

Identity of Controller

ERA Head of Finance and Procurement Unit.

Purpose of processing

This processing operation is related to the use and exchange of personal data amongst the different intervening parties in order to organise and execute missions and authorised travels. The processing operations concern the travel’s arrangements, the hotel’s accommodation, the use of third parties services (e.g. car rentals) and the related payment of these costs.

The mission management requires the intervention of both internal and external actors. These external actors are the travel agency, the transport companies, the hotels and any other organization that can be called upon to intervene as part of the mission (for example travel insurance company).

Type of data processed
  1. The following categories of data subjects can be distinguished:
    • ERA Staff members (any contractual type),
    • Seconded National Experts.
  2. Personal data:

Within the mission order and claim in MiMa the data fields concerned are the name of the staff member and his/her personnel number. However, since MiMa forms part of the wider e-HR application, other personal data is contained in the central repository of the e-HR application.

The travel order form contains information on the following categories of data: name, surname, date of birth, portable phone number (to be contacted by the Agency in case of emergency), nationality, passport number, date of issue and expiry date (for travels by plane, only if required by the air company), preferred placement on board of train or flight (window, aisle, porthole), meals requirements (vegetarian-vegan-halal- kosher-diabetic-low salt diet-no sugar nutrition-gluten free-allergen free), traveller's unit, name of Authorizing Officer.

Data regarding the mission itself: place(s) of the mission and transit, date of departure and arrival, means of transport, name and place of the hotel, hotel invoices, start and end times of the professional commitments, possible combined holidays, possible request for anticipating budget for expenses, the budget line on which the mission will be paid, the MiMa mission number and the approval date created when the authorising officer signs for agreement.

Recipients of the data processed

The recipients of the personal data are:

  • Authorised Agency staff dealing with financial and accounting matters have access to data;
  • Project Manager/Service Manager and/or hierarchical superior that validate the mission order and the Authorising Officer (Delegated/Sub-delegated) that approve the mission order;
  • External service providers involved in the management of the mission, notably: travel agency, hotels, transport company.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined above.

Legal basis for the processing operation

Legal basis:

  • ERA Financial Regulation adopted by ERA Management Board (Decision n° 206)
  • Decision N° 160 of the Management Board on 22/11/2017 adopting by analogy Commission Decision C(2017)5323
  • Guide to missions and authorised travel accompanying the Commission Decision C(2017)5323 of 27/09/2017

Lawfulness:

The data processing is considered lawful under art. 5(a) and (b) of the Regulation (EC) 2018/1725, because it is necessary:

  • for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body,
  • ensure compliance of the Agency with legal obligations.
Protection and security measures

The Agency has several security controls in place to protect your personal data from unauthorised access, use or disclosure. We keep your data stored on MiMa with limited access to a specified audience only.

Access to the MiMa database is limited to:

  • the data subjects and persons having received delegation to manage or authorize missions on behalf of a staff member have direct access to personal data related to the mission order,
  • the Project Manager/Service Manager and/or hierarchical supervisor that validate the mission order and the Authorising Officer (Delegated/Sub-delegated) that authorise the mission have access to the personal data,
  • authorised agency staff dealing with financial and accounting matters.
Retention period

The data collected for mission management are kept for a maximum of 8 years, as per provisions contained in the Art. 47 of the ERA financial regulation:

"1. The authorising officer shall set up paper-based or electronic systems for the keeping of original supporting documents relating to the budget implementation. Such documents shall be kept for at least five years from the date on which the European Parliament grants discharge for the financial year to which the documents relate.

2. Documents relating to operations not definitely closed shall be kept for longer than provided for in paragraph 1, namely until the end of the year following that in which the operations are closed."

3. Personal data contained in supporting documents shall, where possible, be deleted when those data are not necessary for budgetary discharge, control and audit purposes. Article 88 of Regulation (EU) 2018/1725 shall apply to the conservation of data.”

Until the end of a possible audit, if one started before the end of the above-mentioned period.

The data subject’s rights

Under data protection law, you have rights we need to make you aware of these rights. The rights available to you depend on our reason for processing your information. You are not required to pay any charges for exercising your rights.

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

The Agency does not do automated decision making, including profiling, on the personal data acquired during procurement and contract management procedure.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

The Agency will address your requests within 2 weeks from the receipt of the request.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

ERA keeps this privacy notice under regular review to make sure it is up to date and accurate.

European Railway Agency Database of Interoperability and Safety (ERADIS)

Through the ERADIS database, the Agency is collecting and providing public access to the following documents and information:

  • Contact details of relevant national organisations: safety authorities, investigation bodies, accreditation bodies, recognition bodies, notified conformity assessment bodies;
  • Safety certificates for railway undertakings;
  • Licences for providing rail transport services by railway undertakings;
  • Information on the Entities in Charge of Maintenance: the schema decided in each Member State, certification bodies documents, ECM certificates and maintenance functions certificates, Recommendations for use agreed by the certification bodies network;
  • Information on the CSM Assessment Bodies: the decision on the use of schema for acknowledging the competence of CSM assessment bodies, the CSM Assessment Bodies documents;
  • Link to ERAIL database of Common Safety Indicators;
  • Link to ERAIL database of investigation reports;
  • Annual reports of national safety authorities and national investigation bodies;
  • EC declarations of verification of subsystems;
  • EC declarations of conformity of constituents;
  • EC declarations of suitability for use of interoperability constituents;
  • Authorisations for placing in service of fixed installations;
  • Link to the national vehicle registers ECVVR;
  • Railway Undertaking Service Quality Reports;
  • Link to national rules database NOTIF-IT
  • Notified Bodies EC Certificates (including NoBo QMS Approvals and NoBo ISVs Certificates).

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of ERADIS.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

The purpose of this database is to make publically available documents provided for by Directives (EU) 2016/797, 2016/798, 2012/34/EU, Regulation (EC) No 1371/2007, Commission Implementing Regulations (EU) No 402/2013 and 445/2011.

Free access to ERADIS is granted to public to read data, while a username and a password are needed for data submission. Therefore, a registration of personal data is requested to obtain credentials in order to get an authorised access and to be contacted in case of any need.

Data Processed

The types of data, including personal data that may be processed are as follows:

  • Contact persons (name, address, phone number, e-mail and field of competence and fax numbers if relevant) of the relevant contact persons from rail sector representative bodies, national rail bodies/organisations involved.
  • Name of the persons signing the licenses, EC declarations and safety certificates.

In addition, in order to protect the content against inappropriate behaviors (e.g. certificates mismatching or hacking attempts) an Audit Trail has been implemented, recording all user’ actions.

The fields in the recorded logs are the following:

Timestamp
Username
Source IP address
Session ID
Action details
Invoked URL

This functionality is activated only for logged-in users and can be activated/ deactivated at any time.

Finally, information is stored in servers located in ERA’s premises, access only granted to authorised staff members.

In addition, ERA uses "first-party cookies".

A cookie is a small piece of text that a website stores on your computer or mobile device when you visit it. These cookies are set and controlled by ERA through a platform named Matomo, not by any external organisation. The first-party cookies are used to:

  • store visitor preferences (cookies consent)
  • make operational the ERADIS application
  • gather analytics data (about user behaviour), if accepted.

The purpose is to enable the site to:

  • remember your preferences (such as username, language, etc.) for a certain period of time without the need to re-enter them while browsing during the same visit.
  • establish anonymized statistics about browsing experience, if the user so agrees.

Every time you visit ERADIS, you will be prompted to accept cookies or to modify settings, in order to:

  • not be tracked by your browser (for analytics services, advertising networks, etc.) and/or
  • opt-out from analytics data collection (for further details read Web analytics privacy in Matomo).
Recipients of personal data
  • Agency staff involved in the related service
  • The designated contractor for the purpose of providing the necessary expertise in developing the IT tool.
  • Regarding the Audit Trail logs, they are accessible only to the ERADIS administrators and the IT security officer.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the “Contacts” below.

Legal basis for the processing operation

Legal basis:

  •  Article 37(3) of Regulation (EU) 2016/796

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Personal information is retained until the user account is deleted or for the lifetime of ERADIS, designed as a permanent tool - until the relevant legislation is changed.

Regarding the Audit Trail logs, they are kept for 12 months before deletion.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

European Register of Authorised Types of railway Vehicles (ERATV)

This Notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of ERATV.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

ERATV is a register to make publically available types of railway vehicles authorized for placing on the market of the Union.

Free access to ERATV is granted to public to read data, while a username and a password are needed for data submission (cfr. Annex I, Table 1 of Commission Implementing Decision 2011/665/EU on the European register of authorised types of railway vehicles as amended by Commission Implementing Regulation (EU) 2019/776 of 16 May 2019).

Once logged-in, user can see also the names of other users (e.g. authors), who created the draft record in ERATV. The same information is displayed in the History of changes and in the Communications section (which user did each action and when). The purpose is to keep the traceability of data creation, submission and publication and to be able to contact a user in case of any need (see User Manual section 2.2.3)

Therefore, a registration of personal data is requested to obtain credentials in order to get an authorised access, to keep trace of data management and to be contacted. 

Responsibilities for the records submitters are described in the ERATV Terms of Use, section 3.

Data Processed

The types of data, including personal data that may be processed are as follows:

  • family name, first name, telephone and fax numbers, e-mail address, organisation name and address 

Appropriate organizational and technical security measures are ensured according to the data protection legislation applicable to EU institutions and bodies. 

Finally, information is stored in servers located in ERA’s premises, access only granted to authorised staff members. 

In addition, ERA uses "first-party cookies". 

A cookie is a small piece of text that a website stores on your computer or mobile device when you visit it. These cookies are set and controlled by ERA through a platform named Matomo, not by any external organisation. The first-party cookies are used to:

  • store visitor preferences (cookies consent)
  • make operational the ERATV application
  • gather analytics data (about user behaviour), if accepted.

The purpose is to enable the site to:

  • remember your preferences (such as username, language, etc.) for a certain period of time without the need to re-enter them while browsing during the same visit. 
  • establish anonymized statistics about browsing experience, if the user so agrees.

Every time you visit ERATV, you will be prompted to accept cookies or to modify settings, in order to:

  • not be tracked by your browser (for analytics services, advertising networks, etc.) and/or
  • opt-out from analytics data collection (for further details read Web analytics privacy in Matomo).
Recipients of personal data

The recipients of the personal data are:

  • NSAs users, for the business purpose ;
  • relevant Agency staff: defined IT staff for the purpose of providing technical service (access would be limited to technical IT issues to be solved);
  • the designated contractor for the purpose of providing the necessary expertise in developing the IT tool (limited access in order to provide the service).

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above. 

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate. 

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the “Contacts” below.

Legal basis for the processing operation

Legal basis:

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Personal data are retained until the user account is deleted or for the lifetime of ERATV, designed as a permanent tool - until the relevant legislation is changed.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit at AOD.aam@era.europa.eu.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer at DataProtectionOfficer@era.europa.eu.

You have at any time the right of recourse to the European Data Protection Supervisor at edps@edps.europa.eu.

Register of Infrastructure (RINF) Common User Interface (CUI)

This Notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of Register of Infrastructure (RINF) Common User Interface (CUI).

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

The information provided by RINF is used for:

  • planning purposes, in designing new trains,
  • assisting the assessment of compatibility of trains with routes before the start of operation and
  • as a reference database.

Free access after self-registration is granted to public to read data, while access rights granted by the Agency are needed for data submission. Therefore, a registration of personal data is requested in order to get an authorized access according to the defined roles and to be contacted in case of any need.

Data Processed

The types of data, including personal data that may be processed are as follows:

  • family name, first name, telephone number, e-mail address, relevant job position, organization name and address, country
  • user login,
  • role (NRE/IM/standard user, RINF administrator).

By the registration of its own data each user is able to access the information system and to manage data according to the related rights ensuring the appropriate level of security, in accordance with organizational and technical security measures of the Agency.

In addition, in order to support users or to protect the content against inappropriate behaviors (e.g. certificates mismatching or hacking attempts) an information auditing functionality has been implemented, recording all user’ actions.

The fields in the recorded logs are the following:

  • Timestamp
  • Username
  • Action details

Finally, information is stored in servers located in ERA’s premises, access only granted to authorized staff members.

In addition, ERA uses "first-party cookies".

A cookie is a small piece of text that a website stores on your computer or mobile device when you visit it. These cookies are set and controlled by ERA through a platform named Matomo, not by any external organisation. The first-party cookies are used to:

  • store visitor preferences (cookies consent)
  • make operational the RINF application
  • gather analytics data (about user behaviour), if accepted.

The purpose is to enable the site to:

  • remember your preferences (such as username, language, etc.) for a certain period of time without the need to re-enter them while browsing during the same visit.
  • establish anonymized statistics about browsing experience, if the user so agrees.

Every time you visit RINF, you will be prompted to accept cookies or to modify settings, in order to:

  • not be tracked by your browser (for analytics services, advertising networks, etc.) and/or
  • opt-out from analytics data collection (for further details read Web analytics privacy in Matomo).
Recipients of personal data

The recipients of the personal data are:

  • Agency staff involved in the related service
  • The designated contractor for the purpose of providing the necessary expertise in developing the IT tool (limited access in order to provide the service).

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the “Contacts” below.

Legal basis for the processing operation

Legal basis:

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Personal information are retained until the user account is deleted or for the lifetime of RINF CUI, designed as a permanent internet tool (until the relevant legislation is changed).

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Reference Document Database (RDD)

This Notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of RDD.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

The following processing of information implies personal data and has the following purposes:

  1. ‘Management of users’ accounts’ has for purpose to configure users of the application and their role (set of rights). Users with appropriate rights can create and update the data associated with each user of the application. Registered users can manage their following account settings: language, customized notifications of publications, mapped NOTIF-IT user account and password. This information is stored in the database.
  2. ‘Authentication of users’ has for purpose to ensure the identity of the users by means of personal login / password combination.
  3. ‘Authorisation of users’ has for purpose to check that the user has the right to perform the actions.
  4. ‘Subscription to notifications of publications’: Users wanting to receive notifications of publications from RDD can subscribe to this service by providing a valid email address. After registration, the subscriber will receive an email with the confirmation and a link providing access to modify the details of subscription and/or to unsubscribe.
  5. ‘Sending notification to NOTIF-IT’: when a notification is created by RDD in NOTIF-IT, the NOTIF-IT username associated with the user is sent to NOTIF-IT in the notification.
  6. ‘Logging’. For technical purpose (eventual debugging or error root cause analysis), a summary of the activities performed by the user is stored in the database and in log files.
  7. ‘Backup’. For technical purpose (debugs and tests) and in the frame of the continuity plan, the database, the applications folders and the application data folders are backed up periodically.
Data Processed

The collected data for user registration are the following (fields marked * are mandatory): 

General information: Username *, E-mail *, Password *, Confirm Password *, Role *(role assigned to user in RDD by selection form the available ones), Member State *(associated MS- allows user to carry out action on the data set of the respective MS), Address, Postal Code, Country *, Office, Phone, Mobile Phone, Fax, Contact Person, First Name, Last Name, E-mail and Phone.

Reports Service User Account Info (configuration data necessary for execution of reports with limited accessibility: (e.g. access to unpublished information that is restricted to MS): Reports Service User Name, Reports Service Domain Name, and Reports Service Password

The notification information required for specific role of notifier to ensure data transfer from RDD to Notif-IT: Title, Title in English, Reporting Body, Reporter User, Creator User.

The collected data for notification of publication from RDD is the email address.

The summary of the actions performed by the user are logged.

The username associated with the locked MS NLF or MS NRD is stored in the database.

In addition, in order to protect the content against inappropriate behaviors (e.g. hacking attempts) an Audit Trail has been implemented, recording all registered user’ actions. The fields in the recorded logs are the following:

  • Username
  • Source IP address
  • Permission (permission required for the action taken)
  • Message: description of the action taken

Appropriate organizational and technical security measures are ensured according to the data protection legislation applicable to EU institutions and bodies.

Finally, information is stored in servers located in ERA’s premises, access only granted to authorised staff members.

Furthermore, ERA uses "first-party cookies".

A cookie is a small piece of text that a website stores on your computer or mobile device when you visit it. These cookies are set and controlled by ERA through a platform named Matomo, not by any external organisation. The first-party cookies are used to:

  • store visitor preferences (cookies consent)
  • make operational the RDD application
  • gather analytics data (about user behaviour), if accepted

The purpose is to enable the site to:

  • remember your preferences (such as username, language, etc.) for a certain period of time without the need to re-enter them while browsing during the same visit.
  • establish anonymized statistics about browsing experience, if the user so agrees.

Every time you visit RDD, you will be prompted to accept cookies or to modify settings, in order to:

  • not be tracked by your browser (for analytics services, advertising networks, etc.) and/or
  • opt-out from analytics data collection (for further details read Web analytics privacy in Matomo).
Recipients of personal data

The recipients of the personal data are:

  • relevant Agency staff
  • for the purpose of providing technical/business service;
  • the designated contractor for the purpose of providing the necessary expertise in developing the IT tool (limited access in order to provide the service).

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the “Contacts” below.

Legal basis for the processing operation

Legal basis:

  • Commission Decision 2011/155/EU of 9 March 2011 on the publication and management of the Reference Document;
  • Directive 2008/57/EC on the interoperability of the rail system within the Community.

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Personal data related to the user accounts are retained until the user account is deleted or for the lifetime of RDD.

When a request for an account deletion is received, the account is deleted by RDD administrator. Regarding the subscription to notification of publication from RDD, the subscriber can at any moment unsubscribe.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Content creation and collaboration by means of Microsoft Office 365 online

Introduction 

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of Content creation and collaboration by means of Microsoft Office 365 online.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contacts”.

Identity of Controller

ERA Head of Resources and Support Unit.

Purpose of processing

The processing activity refers to the Microsoft Office 365 (Office 365) services made available to the Agency’ staff to support all content creation and management as well as collaboration use cases at ERA, as far as these are not supported by alternative tools or systems.

ERA has contracted the cloud-based solution Office 365 (“Office 365 platform”) provided by Microsoft to enable ERA internal and external stakeholders to work on any corporate device and facilitating collaboration.

These services are contracted through an inter-institutional framework contract whose terms and conditions were negotiated by the European Commission – DG DIGIT on behalf of the Agency, beside others EUIs. Microsoft acts as data processor for the provision of services related to the Microsoft Office 365 cloud–based collaboration platform, as well as to operate the following business operations:

  • Billing and Account management,
  • Compensation,
  • Resource planning, internal reporting and business modelling,
  • Fraud prevention and defense against cyber attacks and cyber crimes,
  • Core functionality and accessibility improvements, privacy and energy efficiency,
  • Mandatory financial reporting and compliance with legal obligations.
Type of data processed

The Office365 platform distinguishes between the following data categories:

  • Identification data,
  • Content data,
  • Service generated data,
  • Diagnostic data.

Any of these categories may contain personal data. The operation of this platform requires the processing of data categories by Microsoft, for the following specific purposes:

  1. Providing the Office 365 service to the Agency,
    • Identification data, Content data, Service generated data,
  2. Technical support to IT teams for issues with Office365,
    • Identification data, Service generated data,
  3. Prevention, detection and resolution of security events (e.g. cyber-attack),
    • Identification data, Service generated data,
  4. Assistance to data subjects in exercising their rights in relation to data processed within Office 365,
    • Identification data, Service generated data.

The operation of this platform requires the processing of data categories by ERA, for the following specific purposes:

  1. Set-up, configuration and maintenance of Office365 capabilities,
    • Identification data, Service generated data,
  2. Administration of the rights allocated to a user account,
    • Identification data,
  3. End-user support for issues with Office365,
    • Identification data, Service generated data, Diagnostic data,
  4. Prevention, detection and resolution of security events (e.g. cyber-attack),
    • Identification data, Service generated data,
  5. Assistance to data subjects in exercising their rights in relation to data processed within Office 365,
    • Identification data, Service generated data.

The above-mentioned processing of personal data by ERA and/or Microsoft is done to provide the cloud component of the Digital Workplace services.

In addition to this, Microsoft has been granted permission to process personal information for internal business functions in the context of providing the Office365 service (exhaustive list):

  1. Billing and Account Management,
    • Identification data, Service generated data,
  2. Compensation,
    • Identification data, Service generated data,
  3. Internal Reporting and Business Modelling ,
    • Identification data, Service generated data,
  4. Combatting fraud, Cybercrime, and Cyberattacks,
    • Identification data, Service generated data,
  5. Improving Core Functionality of Accessibility, Privacy and Energy Efficiency,
    • Service generated data,
  6. Mandatory Financial Reporting and Compliance with Legal Obligations,
    • Identification data, Service generated data.

Note that processing of personal data for profiling, advertising or marketing is explicitly prohibited.

The mode of processing is automated (computer/machine).

In addition to automated processing, ERA or Microsoft or other specific Third party contractually bound with ERA, may process personal data manually. Manual processing is taking place in the framework of service operations, most importantly to investigate security alerts.

The following categories of data subjects can be distinguished:

  • Statutory and
  • Non-statutory staff

that are enrolled as Office 365 users.

Related to the provision of the service, ERA or Microsoft process four different categories of data, all of which may include personal data. These categories are:

  1. Identification data contains personal data necessary for the proper identification of the user and the corresponding user account, including exhaustively
    • ERA username, email address and account status,
    • User personal data (title, last name, first name),
    • Function-related data (ERA, unit, office address and telephone number, city and country).

This information is copied to all Microsoft Office 365 data centers as per contract terms used to provide the service that allows global access and access control to the ERA’s environment in Office 365.

  1. Content data includes any content uploaded to the Office 365 platform by its users, such as documents, and multimedia (e.g. video recordings). Such data is stored by the user in Office 365 but not otherwise processed by the service.
  2. Diagnostic data (also known as telemetry data) is related to the data subjects’ usage of office client software. ERA has applied technical measures to disable sharing of diagnostic data with external parties, including Microsoft. 
  3. Service generated data contains information related to the data subjects’ usage of online services, most notably the user IP address, creation time, site URL and user email address. This data is generated by events that are related to user activity in Office 365. Event data will allow to monitor all activity in the cloud environment of each user. To learn which events trigger the creation of service generated data, consult Annex A to this notice.
Recipients of the data processed

The recipients of the personal data are:

  • Staff of RSU/ITFM responsible for carrying out this processing operation, and
  • authorised staff according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements.

Those members of staff include ERA staff and external contractors under the supervision of the above mentioned ERA staff.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes ERA may be required to do so by law.

For services related to the Office 365 cloud-based collaboration platform, Microsoft acts as data processor. Contact details: Microsoft Ireland, South County Business Park, One Microsoft Place, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland. 

Legal basis for the processing operation

Legal basis:

  • ERA Financial Regulation adopted by ERA Management Board (Decision n° 206) Article 28 “Performance and principles of economy, efficiency and effectiveness1”.

Lawfulness:

The data processing is considered lawful under art. 5(a), of the Regulation (EC) 2018/1725, because it is necessary: 

  • for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body.
Protection and security measures

All personal data in electronic format (e-mails, documents, databases, uploaded batches of data,  etc.) are stored either on the servers of the Agency or in Microsoft  datacentres in the EU (linked to the Commission’s Office 365 environment). All processing  operations are carried out pursuant to the Commission Decision (EU, Euratom) 2017/46 of 10  January 2017 on the security of communication and information systems in the European  Commission. 

In order to protect your personal data, the Commission (who represented the Agency in the negotiations with Microsoft) has put in place several strong contractual safeguards, complemented by technical and organisational measures. In addition to the general policy of Microsoft to secure personal data by means of pseudonymisation and encryption, the risk  of disclosure of personal data to third country authorities by Microsoft Ireland and its affiliates is mitigated by customized contractual provisions, which address the way Microsoft responds to access  requests, limiting risks to personal data of the customer. Technical measures include appropriate  actions to address online security, risk of data loss, alteration of data or unauthorised access, taking  into consideration the risk presented by the processing and the nature of the personal data being  processed. Organisational measures include restricting access to the personal data solely to authorised persons with a legitimate need to know for the purposes of this processing operation. 

If users access the Office 365 service from outside the EU/EEA, personal data may be transferred to  a corresponding location in order to provide the service.  To enable the global service provisioning of Office 365, Microsoft copies identification data (see Section 4) to all Office 365 data centres around the globe used to provide the service. This copied  identification data remains under the control of Microsoft and is used to verify the user  authentication details and grant access to EC M365 resources. 

Service generated data is not necessarily processed outside of the EU. Microsoft is authorised to transfer it to Microsoft Corp., located in the USA, and the network of sub-processors. This type of  data contains information on the usage of the service. The data is aggregated before being  transferred but may contain identifiable information (see Section 4).

In addition to the general policy of Microsoft to secure personal data by means of pseudonymisation  and encryption, the risk of disclosure of personal data to third country authorities by Microsoft Ireland and its affiliates is mitigated by customized contractual provisions, which address the way  Microsoft responds to access requests, limiting risks to personal data of the customer. 

Any data in transit is protected by strong encryption

Retention period

The Agency

  • keeps personal data for the time necessary to fulfil the purpose of collection or further processing,
  • maintains identification data as long as the user account is activated or if users have not decided to remove or delete personal data from their account,
  • content data up to 180 days upon expiration/termination of the subscription,
  • service generated data, up to six months.

Microsoft, as a processor for Office 365 services, may retain data for Online Services upon expiration of the subscription, i.e. during the 90-day retention period and subsequent period, up to an additional 90 days.

The data subject’s rights

Under data protection law, you have rights we need to make you aware of these rights. The rights available to you depend on our reason for processing your information. You are not required to pay any charges for exercising your rights.

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate. 

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

The Agency does not do automated decision making, including profiling, on the personal data acquired during the use of the Microsoft Office 365 services.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

The Agency will address your requests within 2 weeks from the receipt of the request.

Contacts

All your requests concerning your data protection rights can be addressed to the Data Controller at HoUResourcesandSupport@era.europa.eu.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer at DataProtectionOfficer@era.europa.eu.

You have at any time the right of recourse to the European Data Protection Supervisor at edps@edps.europa.eu.

ERA keeps this notice under regular review to make sure it is up to date and accurate.


1 The objective of all processing activities related to Office 365 is to support the management and the functioning of the Agency, by adjusting the internal mechanisms and management systems to the new technological environment and advancements, by providing to ERA Staff the necessary means and tools to perform their daily tasks and by organizing ERA’s operations according to the principles of sound financial management.

European Centralised Virtual Vehicle Register (ECVVR)

This Notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of ECVVR.
It is a system composed of:

  • a search engine – Virtual Vehicle Register (VVR)- allowing users to access information related to registrations of railway vehicles in EU;
  • a standard National Vehicle Register – sNVR – that EU Member States can use to manage their data;
  • a National Vehicle Register Translation Engine – NVR-TE – integrating an existing IT system for railway vehicles registration at national level with the VVR.

Therefore, ECVVR can be considered as a search engine on distributed rail vehicles-related data, using a common software application, which allows users to retrieve data from all the registers in the Member States.

Concerning the personal data managed at Member State level, through the so called Standard National Vehicle Register (“sNVR”) sub-system and other NVRs subsystems using NVR-TE (translation engine), they shall follow the national rules in matters of data protection. Consequently Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) shall be applied.

Any personal data provided by Registration entities’ administrators (REs) to access the European Centralised Virtual Vehicle Register system (ECVVR) and particularly through the module so called “VVR” hosted by ERA will be processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of personal data is the European Union Agency for Railways (ERA) for those data managed to create users’ account in VVR for REs administrators. The entity responsible for managing such personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

The purpose of processing is to allow REs as listed in point 3.3 of the Annex I of the Commission Decision 2007/756/ECto access the EU vehicles data -via web authentication. By the registration of their own personal data each user is able to access the information system and to manage data according to their own access rights ensuring the appropriate level of security.

Data Processed

The types of data, including personal data that may be processed are as follows:

  • data to identify and contact the user: first name, last name, e-mail address, organisation name
  • user login and the expiration date of the user account
  • role as listed in section 3.3 of Annex I to Commission Decision 2007/756/EC.

The Legislation predefined rights that, duly taken into account and matched through the VVR search engine, ensure access to the information in a secure way. Therefore, by registration of their own data the REs user is able to access the information system and to manage data according to the related rights ensuring the appropriate level of security, in accordance with organizational and technical security measures of the Agency.

Finally, information is stored in servers located in ERA’s premises, access only granted to authorized staff members.

In addition, ERA uses "first-party cookies".

A cookie is a small piece of text that a website stores on your computer or mobile device when you visit it. These cookies are set and controlled by ERA through a platform named Matomo, not by any external organisation. The first-party cookies are used to:

  • store visitor preferences (cookies consent)
  • make operational the ECVVR application
  • gather analytics data (about user behaviour), if accepted.

The purpose is to enable the site to:

  • remember your preferences (such as username, language, etc.) for a certain period of time without the need to re-enter them while browsing during the same visit.
  • establish anonymized statistics about browsing experience, if the user so agrees.

Every time you visit ERADIS, you will be prompted to accept cookies or to modify settings, in order to:

  • not be tracked by your browser (for analytics services, advertising networks, etc.) and/or
  • opt-out from analytics data collection (for further details read Web analytics privacy in Matomo).
Recipients of personal data

The recipients of the data are:

  • the ERA staff members involved in providing the ECVVR service,
  • the designated contractor for the purpose of providing the necessary expertise in maintaining the IT tool (limited access in order to provide the service).

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

REs administrators have the right to access their personal data, which is the right to obtain confirmation about data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. REs administrators have also the right to object to the processing or request the erasure of their personal data, which will be implemented as soon as a specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the “Contacts” below.

Legal basis for the processing operation

Legal basis:

  • Regulation (EU) 2016/796, Article 37.1(a)
  • Commission Decision 2007/756/EC and its amendments

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Period of storage: until the user account is deleted by the system user that created it (ERA or RE), for the lifetime of VVR designed as a permanent internet tool (until the relevant legislation is changed).

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Webinars

The European Union Agency for Railways (ERA) is committed to respecting the privacy of personal data processed during webinars it organises. In this framework, all personal data provided by stakeholders (contacts) are dealt with in compliance with (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (hereafter EUI Data Protection Regulation).

This privacy statement outlines the criteria by which ERA collects, manages and uses the personal data of its stakeholders when organising webinars.

Identity of Controller:

Head of Monitoring, Analysis, Research and Stakeholders Unit

Who is conducting the processing:

ERA Staff

Purpose of processing:

The Agency has introduced webinars to promote a better understanding of its activities and to ensure a continuous exchange with its stakeholders.

Webinars are organised using Microsoft Teams Live. If the attendee is already signed into Teams, (s)he'll join as an authenticated user. If (s)he's not signed into Teams, (s)he'll join anonymously on the web. Participants can choose to ask questions in the chat anonymously, create an alias or identify themselves. The link to access the webinar is made available on the ERA website and is unique for each event.

External speakers at the webinars are requested to give their written consent for data processing, the use of their personal data for promoting the webinar, as well as the dissemination of the recordings on the Agency's website and YouTube channel.

Description of data subjects and personal data categories:

ERA's webinars are open to everyone without prior registration. ERA gathers no personal data about the participants of the webinars, unless registered in Teams.

External speakers at the webinars are requested to give their written consent for data processing, the use of their personal data for promoting the webinar, as well as the dissemination of the recordings, prior to the webinar broadcast.

The webinar and the Questions & Answers-session are recorded to make it available for streaming on the Agency’s YouTube channel after the broadcasting. No personal data are collected from the persons streaming this video.

In addition:

  • Participants can give anonymous feedback after each webinar via an anonymous form using Microsoft Teams Forms. ERA gathers no personal data about the participants to the survey. 
  • Participants can sign in to the SRM and select subscription preferences for receiving ERA communications in the future.

For monitoring purposes, statistics on participation are processed after the webinar using the AttendeeReport file generated by Teams. All personal data that may be included in the file due to authenticated Teams users is deleted after the report is produced. Such reports are just for internal use and not disclosed outside the Agency.  

Retention period:

No personal data is taken from attendees. 

Written consent from speakers cannot be withdrawn, due to the public availability of contents through the web (Agency's website and YouTube channel).

Recipients of the data processed:

ERA staff in charge of organising webinars. 

Transfer to third countries or International Organisations:

Not applicable

How are my data stored and processed?

ERA processes no personal data of the persons that participate in the webinar broadcast or that stream the website video after it has been made available on the website. 

Data of registered participants are managed through Stakeholders Relationship Management (DP Notice - SRM) and ERA IT security rules are followed.

Protection and security measures:

Appropriate organisational and technical security measures are ensured according to the data protection legislation applicable to EU institutions and bodies.

Legal basis and Lawfulness of processing:

Legal basis: ERA webinars support the actions which have to be undertaken by the Agency in the context of Article 39 of Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Railways

Lawfulness:  The Agency collects and processes your personal data in compliance with Article 5(a) and (b) of the EUI Data Protection Regulation:

(a) Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

(b) Processing is necessary for compliance with a legal obligation to which the controller is subject

The processing of personal data for promotion and dissemination purposes (speakers) is lawful based on their consent (Article 5 (d) of the EUI Data Protection Regulation).

Information and transparency: the data subject’s rights:

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the contacts below.

Resource:

To exercise your rights as data subjects you are invited to contact the Controller by email.

In case you have any questions related to the protection of your personal data, you can contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

European rail safety climate survey

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of the European rail safety climate survey.

Your personal data is processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contact us”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Safety and Operations Unit.

Purpose of the processing operation

The purpose of the processing operation is to obtain a general overview on the risk perception of railway professionals. Responses will not be identified by individuals, but compiled together and analysed as a group for the sole purpose of dealing effectively with the topic.

Data processed

The only personal data that you are explicitly requested to provide is:

  • Socio-demographic information about your professional activity;
  • Views and opinions on perceptions with regard to safety within your organisation and the railway sector.

Your data is processed with the use of EU Survey tool, which is as an application developed by the Commission of the European Union supported by Directorate-General for Informatics (DIGIT) of the European Commission. The privacy notice of the EU Survey tool is accessible here. Some EU Survey pages may contain links to other websites. EU Survey is not responsible for the privacy policies or practices of third party websites.

Appropriate organisational and technical security measures will be ensured according to the data protection legislation applicable to EU institutions and bodies.

Recipients of personal data

The recipients of the personal data are:

  • Defined ERA staff involved in organising and managing the questionnaire and its results;
  • Staff carrying out the processing of your information and dealing with EU Survey have access to your data. This includes the EU Survey team.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU. 

Your rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to request the erase of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Legal basis for the processing operation

Processing is necessary for the performance of tasks with a legal obligation to which the controller is subject: Directive (EU) 2016/798 of the European Parliament and of the Council of 11 May 2016 on railway safety (recast). Article 29(2) provides that the Agency shall evaluate the development of a safety culture including occurrence reporting. It is to submit to the Commission, by 16 June 2024, a report containing, where appropriate, improvements to be made to the system.

The above data processing operation is therefore carried out in accordance with Art. 5(b) of Regulation (EU) 2018/1725: processing is necessary for compliance with a legal obligation to which the controller is subject.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Single Rules Database (SRD)

This Notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of SRD.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

The processing of personal data in the SRD is needed to enable certain functionalities regarding notifying countries’, ERA’s, EC’s or EFTA’s tasks fulfillment. Particularly, credentials (username and password) are required to register, edit, draft and notify national rules, act on assessment results submitted by ERA, communicate with the Agency and EC/EFTA, manage SRD users, reference data, examination and assessment results of national rules, validation of national rules of notifying countries and communicate with them concerning a specific national rule (EC).

Data Processed

The personal data requested for user registration are the following:

  • Family name
  • Name
  • E-mail address

In addition, in order to protect the content against inappropriate behaviors (e.g. hacking attempts) an Audit Trail has been implemented, recording logged-in users’ actions:

  • Timestamp
  • Username
  • Source IP address
  • Action details

All personal data are processed only by designated staff and stored on servers in ERA premises, which abide by the ERA’s IT security rules and standards. For more information about the ERA Authentication Service (EAS) allowing the authenticated users to have access to the ICT resources in a manner that ensures the confidentiality, integrity and availability of the information assets please refer to the Azure Active Directory privacy notice.

Furthermore, ERA uses "first-party cookies".

A cookie is a small piece of text that a website stores on your computer or mobile device when you visit it. These cookies are set and controlled by ERA through a platform named Matomo, not by any external organisation. The first-party cookies are used to:

  • store visitor preferences (cookies consent)
  • make operational the SRD application
  • gather analytics data (about user behaviour), if accepted

The purpose is to enable the site to:

  • remember your preferences (such as username) for a certain period of time without the need to re-enter them while browsing during the same visit.
  • establish anonymized statistics about browsing experience, if the user so agrees.

Every time you visit SRD, you will be prompted to accept cookies or to modify settings, in order to:

  • not be tracked by your browser (for analytics services, advertising networks, etc.) and/or
  • opt-out from analytics data collection (for further details read Web analytics privacy in Matomo).
Recipients of personal data

The recipients of the personal data are:

  1. Designated Member State staff for the purposes of registering and submitting national rules originating from their Member State and Switzerland, as well as accepting or rejecting the examination results or official opinions submitted by ERA.
  2. Designated ERA staff for the purposes of assigning, assessing and submitting their examination results or their official opinions on the national rules.
  3. Designated European Commission staff for the purposes of validating and submitting their validation results for the national rules originating from an EU Member State.
  4. Designated EFTA staff for the purposes of validating and submitting their validation results for the national rules originating from Norway.
  5. Designated ERA staff for the purposes of administration, operation and troubleshooting of the application.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the “Contacts” below.

Legal basis for the processing operation

Legal basis:

  • Article 27 of Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Railways and repealing Regulation (EC) No 881/2004.

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1.  processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Personal information is retained until the user account is deleted or for the lifetime of SRD, designed as a permanent tool - until the relevant legislation is changed.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

Organisation codes register (OCR)

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of the Organisation Codes Register (OCR).

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts” section.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Analysis and Monitoring Unit.

Purpose of the processing operation

Through the OCR, the Agency is creating, allocating and providing public access to the Organisations codes to access its registers and databases (including the One-Stop-Shop application).

Free access to OCR is granted to public to read data, while a username and a password are needed for data submission. Therefore, a registration of personal data is requested through the Stakeholder Relations Management (SRM) tool, in order to get an authorised access and to be contacted in case of any need.

Data Processed

The collected personal data for the Stakeholders (defined as “Guest”) account type are the following:

  • Identity
    • Name (“Last name” + “First name”) 
    • User Principal Name (The UPN is the login ID for the user and equivalent to the email of the contact info)
    • User type (“Member”)
    • Object ID (system string)
    • Issuer (based on Microsoft notation)
    • Account creation time
    • Account last sign-in date
  • Contact info
    • Email
    • Alternate email
    • Proxy address

All personal data are processed only by designated staff and stored on Microsoft cloud servers located in Europe, which abide by the ERA’s IT security rules and standards, pursuant to the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission.

Recipients of personal data
  1. Agency staff involved in the related service and in administration, operation and troubleshooting of the application.
  2. Microsoft's personnel managing the databases on Microsoft cloud servers and their sub-processors' personnel on a need-to-know basis.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

Microsoft Corporation, as processor, is committed under the terms of the Interinstitutional License Agreement and related documents to respect the obligations of the GDPR. The nature and the purpose of the processing is related to the provision of the Online Service pursuant to Customer's volume licensing agreement.

In compliance with the terms of the Art. 27 of the GDPR, Microsoft Ireland Operations Limited is Microsoft's representative in the European Union that offers customer support through Microsoft's Privacy web form, located at http://go.microsoft.com/?linkid=9846224. The Microsoft Data Protection Officer is Mr Steve May.

Transfers of personal data outside the European Union are not foreseen.

However, diagnostic data covered by contractual rules may be sent to Microsoft outside EU territory.

Microsoft commits to have in place written agreements with all sub-processors that are at least as restrictive in terms of data protection and security as their data processing agreement with the EC.

The activities of all sub-processors are in scope of third-party audits.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Legal basis for the processing operation

Legal basis:

  • Annex II (Article 3.4.2) to Commission Implementing Decision (EU) 2018/1614 laying down specifications for the vehicle registers.

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725:

  1. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;
Time limit for storing the data

Personal data for the “Guest” account type is retained as follows:

As long as users are recorded as active. If the user is registered through a third party, the period of activity will usually correspond to a contractual link with that party, but the Agency will consider the user active if it continues to receive user’s information (in the case of an automatic link) or until user’s account expires. After the expiration date, data is kept:

› for a period of 30 days, before its deletion,

› 6 months after the deletion in logs and back-up media.

In case of incident the data will be kept for analysis for a longer period to establish evidence or to defend a right in a legal claim pending before a court.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller the Head of Analysis Unit at AOD.aam@era.europa.eu.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer at DataProtectionOfficer@era.europa.eu.

You have at any time the right of recourse to the European Data Protection Supervisor at edps@edps.europa.eu.

Processing of personal data in relation to the DoC submitted by the persons participating to the MB activities

Introduction

The Agency is a public body of the European Union. It has been entrusted with an important duty of protecting sensitive data and confidential information pertaining to the railway area. The Agency must respect confidentiality of information that it holds as legally required. The protection of personal data and respect of confidential information is an essential part of the relationship between the Agency and its stakeholders. In lien with article 51 of the Agency Regulation, the Agency recognizes that the Management Board members as well as other participants to the Management Board activities may have access to confidential information for the purpose of exercising their duties.  For this reason, the persons attending the Management Board meeting and/or taking part to Management Board activities commit to keep confidential any data, documents, or other material (in any form) that is identified as confidential at the time it is disclosed.

This Privacy Statement outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of collecting the Declaration of confidentiality form.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contacts”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Executive Director.

Purpose of the processing operation

The information is needed in order to:

  • prevent disclosure and unintentional misuse of confidential information acquired by the participants in the Management Board activities
  • reinforce the obligation of confidentiality and duty to act with integrity and discretion and
  • develop confidence in the Agency decision making process.
Data Processed

The types of data, including personal data that may be processed are as follows:

  • Data to identify the person: surname, forename.
  • Data relevant to the role of the persons in the Management Board activities as identified in the Agency Regulations and the Management Board rules of procedures: Management Board member, adviser, observer, representative of third country

Appropriate organizational and technical security measures is ensured according to the data protection legislation applicable to EU institutions and bodies. The information shall be stored in the dedicated workspace on intranet (limited workspace accessible only to the individual mentioned in section 5).

Recipients of personal data

The recipients are designated ERA staff members on a need to know basis.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

Personal data is not intended to be transferred to a third country outside the EU.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. You have also the right to object to the processing or request the removal of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Legal basis for the processing operation

Legal basis:

  • Management Board Decision 318 adopting Rules of procedures for the Management Board

Lawfulness:

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EC) 2018/1725: Processing is necessary for the performance of a task carried out in the public interest.

Time limit for storing the data

The Declaration of confidentiality will be kept for 2 years after the end of the mandate/ term of office of the data subject.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller at oana.gherghinescu@era.europa.eu

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer at DataProtectionOfficer@era.europa.eu.

You have at any time the right of recourse to the European Data Protection Supervisor at edps@edps.europa.eu.

ERA Qualification Scheme for Safety Training

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of the Qualification Scheme for Safety Training.

Your personal data is processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.
For more information about the processing in question, you are invited to contact ERA through the addresses provided in section “Contact us”.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the Head of Safety and Operations Unit.  

Purpose of the processing operation

The purpose of the data processing is to obtain relevant descriptive information on existing training in the field of railway safety, so that it can be assessed and, possibly communicated and disseminated. Responses will not be identified by individuals, but compiled together, and analysed at the level of each training at a time.

Data processed

The only personal data that you are explicitly requested to provide is:

  • Trainer(s) role(s) and their experience;
  • Training dates or periods of time and their participants’ evaluations;
  • Content of training attributed to specific roles;
  • Name and contact data of the Applicant to qualify a Safety Training.

Your data is processed by ERA with the use of EU Survey tool, which is as an application developed by the Commission of the European Union supported by Directorate-General for Informatics (DIGIT) of the European Commission. The privacy notice of the EU Survey tool is accessible here. Some EU Survey pages may contain links to other websites.  

Your data will be saved on the ERA SharePoint, in a restricted area, to be accessed and assessed only by the recipients of your data.

Appropriate organisational and technical security measures linked with ERA’s SharePoint environment are ensured. 

Recipients of personal data

The recipients of the personal data are:

  • ERA staff involved in organising and managing the survey;
  • Staff carrying out the processing of your information and dealing with EU Survey have access to your data. This includes the EU Survey team.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

The personal information collected will not be communicated to third parties, except where necessary for the purposes outlined and to the entities identified above.

Personal data is not intended to be transferred to any third country outside the EU. 

Your rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for correction of any inaccurate or incomplete personal data. You have also the right to request the erase of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate.

If the application assessment is unsuccessful, the information and material will be deleted immediately after the notification of the negative outcome.

If the application assessment is successful, ERA and the successfully assessed participants shall enter in a specific arrangement defining all necessary details related to the details of promotion of the qualified training. The retention period shall be agreed at this stage. 

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Legal basis for the processing operation

Processing is necessary for the performance of tasks with a legal obligation to which the controller is subject: Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on railway safety (recast). Article 39 provides that the Agency shall communicate and disseminate to relevant stakeholders’ information relating to the Union framework of railway law and the development of standards and guidance. Article 43 provides that the Agency shall engage in training and other appropriate activities concerning the application and explanation of railway safety and interoperability legislation and related products of the Agency such as registers, implementation guides and recommendations.

The above data processing operation is therefore carried out in accordance with Art. 5(b) of Regulation (EU) 2018/1725: processing is necessary for compliance with a legal obligation to which the controller is subject.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.

E-learning platform

Introduction 

This notice outlines the criteria by which the European Union Agency for Railways (ERA) collects and processes personal data in the context of the Moodle e-learning platform.

Your personal data are processed in accordance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

For more information about the processing in question, you are invited to contact ERA through the addresses provided in “Contacts” section.

Controller of the processing operation

The Controller determining the purpose and means of the processing of your personal data is the European Union Agency for Railways (ERA). The entity responsible for managing the personal data processing is the Head of Monitoring, Analysis, Research and Stakeholders Unit.

Purpose of the processing operation

The Agency is bound by its Regulation 2016/796 (Articles 39 and 43) to disseminate to stakeholders and engage in training related to the application of the EU railway law. To this purpose, the Moodle e-learning platform has been set up to facilitate ERA online training activities.

Specifically, personal data are processed to:

  • give full access to e-Learning contents;
  • check knowledge acquisition and reporting;
  • ensure correct training delivery.
Data Processed
  • For guest (= anonymous users), no personal data is retained (access to limited contents).
  • For registered users (= student profile):

the user database of the Agency (= SRMO) is used for logging into Moodle. 

Therefore, the collected personal data are the following:

Personal details: first name, last name, display name (the values are updated by the home tenant values when the user redeem the invitation), UPN: e-mail address and alternate e-mail addresses (if the user connects with them),

The final certificate, if applicable, consists of a proof of attendance.

All personal data are processed only by designated staff and stored on the servers of the Agency’s in its premises or alternate site or in Microsoft datacentres in the EU. All processing operations are carried out pursuant to the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission.

The users training logs are stored in Eduano's servers (EU based), following the SaaS questionnaire signed as part of the FWC DI 07722. 

Recipients of personal data 

Authorised Agency staff dealing with the Moodle platform.

All recipients of the data are reminded of their obligation not to use the data for any further purpose other than the ones for which they were collected.

For services related to the SRMO, Microsoft acts as data processor. Microsoft Corporation, as processor, is committed under the terms of the Interinstitutional License Agreement and related documents to respect the obligations of the GDPR. 

In compliance with the terms of the Art. 27 of the GDPR, Microsoft Ireland Operations Limited is Microsoft's representative in the European Union Contact details: Microsoft Ireland, South County Business Park, One Microsoft Place, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland. 

Transfers of personal data outside the European Union are not foreseen. 

However, diagnostic data covered by contractual rules may be sent to Microsoft outside EU territory.

Microsoft commits to have in place written agreements with all sub-processors that are at least as restrictive in terms of data protection and security as their data processing agreement with the EC.

The activities of all sub-processors are in scope of third-party audits.

Your Rights as data subject

You have the right to access your personal data, which is the right to obtain confirmation about your data processed by the Agency and the right to ask for the correction of any inaccurate or incomplete personal data. 

You have also the right to object to the processing or request the erasure of your personal data, which will be implemented as soon as your specific request will have been deemed legitimate. 

If you have any queries concerning the processing of your personal data, you may address them to the data Controller. You will find the address in the Contacts below.

Legal basis for the processing operation

Legal basis: Moodle e-learning platform supports training activities which have to be undertaken by the Agency in the context of Articles 39 and 43 of Regulation (EU) 2016/796 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Railways. (See also 2021 Agency’Single Programming Document)

Lawfulness: 

The above data processing operation is carried out in accordance with Art. 5(a) of Regulation (EU) 2018/1725: 

a)    processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body;

Time limit for storing the data

For ERA internal users:

As long as the relationship between the Agency and the Data Subject exists. 

For external users:

As long as users are recorded as active. The Agency will consider the user active as long as it continues to receive user’s information (in the case of an automatic link) or until user’s account expires. 

Data subjects can always exercise their rights to have personal data deleted.

Contacts

All your requests concerning your data protection rights should be addressed to the Data Controller.

In case you have any questions related to the protection of your personal data, you can also contact the ERA Data Protection Officer.

You have at any time the right of recourse to the European Data Protection Supervisor.