Privacy and data protection policy

Privacy Statement for the Administrative management of the website of the Radio Spectrum Policy Group (RSPG)

1. Why and how do we process your personal data?

Purpose of the processing operation: the European Commission collects and uses personal information for the administrative management of the public website of the Radio Spectrum Policy Group (RSPG). This involves publishing the names of members of the RSPG and observers to the RSPG on a dedicated website and in the Commission’s Register for expert groups

Personal data will not be used for any automated decision-making including profiling.

2. On what legal ground(s) do we process personal data

The Commission processes personal data published on the RSPG website on the following legal grounds:

1/ The Commission Decision of 11 June 2019 setting up the Radio Spectrum Policy Group states that the Commission shall provide the Secretariat to the Group.

2/ It is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body ( Article 5(1)(a) of Regulation 2018/1725), namely as regards the activities of the Radio Spectrum Policy Group (RSPG), in relation to observers, as set out in the Commission decision.

3/ In relation to RSPG members, processing will take place only with their explicit consent to the collection and the publication by signing or otherwise indicating their agreement to the provisions of this privacy statement (Article 5(1)(d) of Regulation 2018/1725).

3. Which personal data do we collect and further process?

In order to carry out this processing operation the European Commission collects the following categories of personal data:

• Data necessary for transparency purposes, specifically in order to publish the names of individuals officially nominated as members of the RSPG or as observers to the RSPG and the organisations they represent.

4. How long do we keep your personal data?

The European Commission keeps such personal data for the time necessary to fulfil the purpose of collection or further processing, namely until the individuals nominated as members or observers no longer fulfil that function.

5. How do we protect and safeguard your personal data?

The Commission’s contractors are bound by the confidentiality obligations deriving from the General Data Protection Regulation in the EU Member States (‘GDPR’ Regulation (EU) 2016/679). The contract also specifies that the contractors also  implement technical and organisational measures to ensure an adequate level of data protection in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.

6. Who has access to personal data and to whom is it disclosed?

Personal data on the RSPG website is available on the internet to the public without restriction.

7. What are your rights and how can you exercise them?

Those whose personal data is published on the RSPG website have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU) 2018/1725, in particular the right to access, rectify or erase their personal data and the right to restrict the processing of their personal data. Where applicable, they also have the right to object to the processing or the right to data portability.

They also have the right to object to the processing of their personal data, which is lawfully carried out pursuant to Article 5(1)(a).

Those who have consented to the processing of their personal data, may withdraw their consent at any time by writing to the Data Controller (see contact details under Heading 8 below).

They can exercise their rights by contacting the Data Controller, or in case of conflict the Data Protection Officer. If necessary, they can also address the European Data Protection Supervisor. Their contact information is given under Heading 9 below.

Where a data subject wishes to exercise their rights in the context of one or several specific processing operations, they should please provide their description (i.e. their Record reference(s) as specified under Heading 10 below) in their request.

8. Contact information

  • The Data Controller

If data subjects would like to exercise your rights under Regulation (EU) 2018/1725, or if they have comments, questions or concerns, or if they would like to submit a complaint regarding the collection and use of their personal data, they should feel free to contact the Data Controller, Secretariat of the Radio Spectrum Policy Group, Unit B4, Directorate-General for Communications Networks, Content and Technology. Contact details:

European Commission, Directorate-General for Communications Networks, Content and Technology, BU33/7-65, Brussels, B-1049 Belgium. Email – cnect-rspg@ec.europa.eu

  • The Data Protection Officer (DPO) of the Commission

They may contact the Data Protection Officer (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.

  • The European Data Protection Supervisor (EDPS)

Data subjects have the right to have recourse (i.e. they can lodge a complaint) to the European Data Protection Supervisor (edps@edps.europa.eu) if they consider that their rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of their personal data by the Data Controller.

9. Where to find more detailed information?

The Commission Data Protection Officer (DPO) publishes the register of all processing operations on personal data by the Commission, which have been documented and notified to them. You may access the register via the following link: http://ec.europa.eu/dpo-register.

This specific processing operation has been included in the DPO’s public register: http://ec.europa.eu/dpo-register/detail/DPO-2194-8