Privacy Statement EURAXESS
Protection of your personal data
Last update: 21/10/2021
1. Introduction
This privacy statement explains the reason for the processing, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you may exercise in relation to your data (the right to access, rectify, block etc.).
The European institutions are committed to protecting and respecting your privacy. As this service/application collects and further processes personal data, Regulation (EU) 2018/1725 (OJ L 295, 21.11.2018) of the European Parliament and of the Council of 23 October 2018 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.
This statement concerns the EURAXESS web-portal. The EURAXESS initiative aims at facilitating the mobility of researches in the European Research Area and beyond. For this, it makes possible for the portal-registered users to look for such opportunities.
This service is under the responsibility of the Head of Unit A.3. of the Directorate-General for Research and Innovation (DG RTD).
2. Whose personal data do we process?
This data protection notice concerns the following categories of data subjects:
- Citizens, inside and outside of the EU, namely researchers looking for jobs, funding and collaboration opportunities;
- Public and private sector entities, inside and outside of the EU: researchers recruiters and funders;
- EURAXESS centres, inside and outside of the EU, providing researchers, their families and recruiters with personalised information and assistance when relocating in one of the 40 countries participating in the EURAXESS initiative.
The data is collected directly from the data subjects. Researchers register online on the Euraxess – Researchers in Motion website to benefit from certain services (e.g. CV upload; job-CV matching; direct contact with support EURAXESS Centres; fora; e-communities, etc.). Researchers recruiters and funders have to register online to place adverts on the page, search for potential candidates to recruit and be part of thematic fora. EURAXESS Centres register to be part of a restricted communication platform and be contacted directly by the interested users through a dedicated online form.
3. Why do we process your data?
3.1 Purpose of the processing
The EURAXESS web-portal aims at facilitating the mobility of researches in the European Research Area and beyond.
This includes:
- Establishing a portal for registered users to upload CVs and adds, and look for working and funding opportunities;
- Establishing a dedicated contact form between users and the EURAXESS Centres;
- Improving researcher access to adequate information on fellowships, grants and vacancies throughout Europe, as well as on the entry conditions, access to employment, social security rights, taxation and the cultural aspects of a host country.
The registration of members of the EURAXESS Centres and of the recruiters/funders must be validated by the Controller and/or their processors before the concerned persons can use the service.
3.2. On what legal ground(s) do we process your personal data?
The processing is necessary and lawful under Article 5(d) of the Regulation: as data subject you have given consent to the processing of your personal data.
At any time you can unsubscribe your registration by requesting to delete your data via email to RTD-ERA-TALENT-PLATFORM@ec.europa.eu. If you have not created any content (i.e. job offers), you can autonomously delete your account when you decide to do so, without having to request it via email.
Your account and your personal data will be permanently deleted within 7 working days from the acknowledgment of your request.
4. Which data do we collect and process?
The following personal data are collected and processed:
- Mandatory information to create an account: e-mail address; first and last name; country of residence; organisation/company.
- Optional information: state/province; city; gender; current job position; department; collaboration with researchers and institutions; collaboration with institutions; contact points; social accounts; personal website; brief summary (free text).
In addition, users can optionally create a researcher profile. In this case, the following personal data are collected and processed:
- Mandatory information to create a researcher’s profile: researcher profile; main research field; highest education degree; highest education level and discipline(s).
- Optional information: research experience (list); publications/patents (free text); spoken languages (list); participation in Science4Refugees programme; participation in other EU projects (list); experience in EU funded projects (free text); awards and certifications (free text); Seal of Excellence; Curriculum Vitae (file); desired job (text); preferred organisation type (list); work country (list); type of contract (list); notice period (list).
4. How long do we keep your data?
By default, personal data relating to the EURAXESS accounts are kept for 5 years after the last activity, or for a shorter period upon request of the data subject.
After one year of inactivity, an email is sent to the data subject to offer the possibility to delete or update the account.
You can request to have your account deleted at any time. When an account is deleted, all related data are deleted with.
5. How do we protect your personal data?
All processing operations are carried out pursuant to the Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission.
All data in electronic format (e-mails, documents, uploaded batches of data etc.) are stored in the European Commission/service provider’s data centre in the EU, and therefore covered by the technical, contractual and organisational measures taken to protect the availability, integrity and confidentiality of the institution’s electronic assets.
The Commission’s contractors are bound by specific contractual clauses and confidentiality clauses for processing operations of your data on behalf of the Commission, and by the confidentiality obligations deriving from the General Data Protection Regulation in the EU Member States (Regulation (EU) 2016/679, the GDPR).
In order to protect your personal data, the Commission has put in place technical and organisational measures. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to the personal data solely to authorised persons, with a legitimate need to know for the purposes of each processing operation.
6. Who has access to your data and to whom is it disclosed?
Access to your data is provided to authorised staff of the Controller and its Processors based strictly on the necessity and data minimisation principles. Such staff abide by statutory, and when required, additional confidentiality agreements and contractual provisions.
Data provided by members and organisations are accessible to other members and organisations, and to the EURAXESS Centres members. All users can always opt in or out of being visible to other users.
In addition, users can select to hide from their public profile their first and last name and email, or even hide their public profile from search.
The information we collect will not be transmitted to any third party, except to the extent and for the purpose we may be required to do so by law.
7. What are your rights and how can you exercise them?
You have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU) 2018/1725, in particular the right to access your personal data, the right to rectify them, if necessary, and/or to restrict its processing or erase them, if applicable. You are also entitled to object to the processing of your personal data, where applicable.
If you have subscribed to the EURAXESS mailing lists, you have the right and the possibility to unsubscribe at any time.
If you would like to exercise your rights under the Regulation, if you have comments, questions or concerns regarding the collection and use of your personal data, please feel free to contact the Data Controller.
You may contact, if necessary, the European Data Protection Supervisor with regard to issues related to the processing of your personal data under the Regulation.
You have consented to provide your personal data to the Data Controller for the present processing operations. You can withdraw your consent at any time by notifying the Data Controller. The withdrawal will not affect the lawfulness of the processing carried out before the withdrawal of the consent.
8. Contact information
The Data Controller
If you would like to exercise your rights under Regulation (EU) 2018/1725, if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the Controller:
- DG RTD, Unit A.2
- RTD-ERA-TALENT-PLATFORM@ec.europa.eu
The Data Protection Officer (DPO) of the Commission
You may contact the DPO (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.
The European Data Protection Supervisor (EDPS)
You have the right to recourse to the European Data Protection Supervisor (edps@edps.europa.eu) if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data by the Data Controller.
9. Where to find more detailed information?
The Commission Data Protection Officer publishes the register of all operations processing personal data. You can access the register at the following link:
http://ec.europa.eu/dpo-register
This specific processing has been notified to the DPO with the following reference: DPR-EC-3327.