The European Space Agency (herein the “Agency” or “ESA”) is an intergovernmental organisation established by its Convention opened for signature in Paris on 30 May 1975 having its headquarters located at 24 rue du Général Bertrand, CS 30798, 75345 Paris Cedex 07, France.
Protection of Personal Data is of great importance for ESA, which strives to ensure a high level of protection as required by the ESA Framework on Personal Data Protection (herein the “ESA PDP Framework”) which applies in this field. ESA implements appropriate measures to preserve the rights of data subjects, to ensure the processing of personal data for specified and legitimate purposes, in a not excessive manner, as necessary for the purposes for which the personal data were collected or for which they are further processed, in conditions protecting confidentiality, integrity and safety of personal data and generally to implement the principles set forth in the PDP Framework, available at:
http://www.esa.int/About_Us/Law_at_ESA/Highlights_of_ESA_rules_and_regulations
ESA PDP Framework is composed of the following elements:
- the Principles of Personal Data Protection, as adopted by ESA Council Resolution (ESA/C/CCLXVIII/Res.2 (Final)) adopted on 13 June 2017;
- the Rules of Procedure for the Data Protection Supervisory Authority, as adopted by ESA Council Resolution (ESA/C/CCLXVIII/Res.2 (Final)) adopted on 13 June 2017; and
- the Policy on Personal Data Protection adopted by Director General of ESA on 5 February 2018 and effective on 1 March 2018.
This notice is intended to inform you, as data subject, about:
- the identity of the data controller and contact details of ESA Data Protection Officer (“DPO”);
- the type of personal data which is collected and processed;
- the modalities of collection of personal data;
- the purpose of the collection and processing;
- the recipients (if any) to whom the personal data of the data subject shall be disclosed;
- the time-limits for storing the personal data;
- the practical modalities of exercising the rights of the data subject under the ESA PDP Framework.
This notice is also enables ESA to obtain your consent relating to the collection and further processing of your personal data, under ESA PDP Framework.
1. Who is the Data Controller?
1.1. Your personal data mentioned in point 3 below are collected and further processed to enable your participation in the ESA SEFUW 5th Edition, the performance of all activities necessary to conduct the SEFUW 5th Edition and all communication in relation to the SEFUW 5th Edition and for the publicly available publication on the SEFUW 5th Edition website (https://indico.esa.int/event/439/overview). For these purposes only as well as for the purposes mentioned in Article 5 of ESA Policy on Personal Data Protection, ESA is Data Controller.
ESA does not instruct any third party - including CNES nor the sponsors (Frontgrade, Microchip Technology, and Xilinx now part of AMD) - to conduct any web analytics, profiling or any other processing on ESA's behalf, other than the purposes mentioned above.
ESA does not consider your personal data as an asset for sale or for commercial exploitation on behalf of ESA.
- CNES refers to: [Centre national d'études spatiales: https://cnes.fr/en/content/legal-notice ]
- Frontgrade refers to: [Frontgrade Privacy Policy: https://frontgrade.com/legal/privacy]
- Microchip Technology refers to: [Microchip Technology Privacy Policy: https://www.microchip.com/en-us/about/legal-information/privacy-policy]
- Xilinx now part of AMD refers to: [Advanced Micro Devices Privacy Policy: https://www.amd.com/en/legal/privacy.html]
1.2. Your personal data may also be collected and processed upon an independent decision of CNES, which technically support the launch of the SEFUW 5th edition. In this case, the privacy notices of CNES will apply and ESA will have no liability whatsoever in connection with collection and processing of Your personal data by CNES as separate Data Controllers.
- CNES operates, under its own responsibility, the Database used to enable the Participants to attend the Workshop, privacy notice available at: https://cnes.fr/en/content/legal-notice
- Sponsor: Frontgrade, as separate Controller, collect and process your personal data as stated in their privacy notice available at: https://frontgrade.com/legal/privacy
- Sponsor: Microchip Technology, as separate Controller, collect and process your personal data as stated in their privacy notice available at: https://www.microchip.com/en-us/about/legal-information/privacy-policy
- Sponsor: Xilinx now part of AMD, as separate Controller, collect and process your personal data as stated in their privacy notice available at: https://www.amd.com/en/legal/privacy.html
2. What are the contact details of ESA Data Protection Officer?
Concerning the collection or processing of your Personal Data on ESA's behalf: according to ESA PDP Framework, your first point of contact concerning personal data matters is the ESA Data Protection Officer (“DPO”), who may be contacted at: DPO@esa.int
Concerning the collection or processing of your Personal Data on CNES behalf: please refer to the separate privacy notices released by these companies.
3. What kind of personal data about you are collected and further processed?
As Data Controller, ESA has only authorised data Processors to collect and process, Your name, surname, email address, affiliation, Country and IP address, only for the authorised purposes. You are required not to send to the Agency any sensitive information (including information that indicate, directly or indirectly, the personnel's ethnic origin, political opinions, adhesion to unions, parties etc, health situation, sexual orientation).
4. To whom might we disclose your personal data?
The Agency may disclose your personal data to any of the following third party recipients for the fulfilment of all or part of the purposes of the collection and processing of personal data, which are mentioned above:
| Recipient acting as… | Servers of the recipients are located in: |
| CNES as separate Controller, responsible for the personal data it processes for SEFUW 5th Edition | As defined at: https://cnes.fr/en/content/legal-notice |
| Frontgrade as separate Controller | Worldwide, link to privacy notice: https://frontgrade.com/legal/privacy |
| Microchip Technology as separate Controller | Worldwide, link to privacy notice: https://www.microchip.com/en-us/about/legal-information/privacy-policy |
| Xilinx now part of AMD as separate Controller | Worldwide, link to privacy notice: https://www.amd.com/en/legal/privacy.html |
| Separate Controllers prior to submission of personal data to ESA: Representatives of ESA Member States involved in the workshop (e.g. IPC Delegates) | ESA Members states as per www.esa.int |
| ESA and CNES as Controllers for use of Indico for registration to the event | EU |
| ESA as Controller for processing of personal data of ESA on-site contractors and experts involved in workshop | ESA Members states as per www.esa.int |
Third party IT tools, including Social Media
Third party IT tools or social media may be used to inform you and to promote an activity (meeting, event). ESA websites may provide links to social media and videos may be available on ESA social media pages. If you view a video or interact with the social media or other websites, social media or third party cookies are likely to be installed on your device, covered by third party Terms and Conditions and cookie policies. ESA has no influence over these. Carefully assess the privacy policies and Terms and Conditions prior to use with regard to your data subject rights, further processing and to protection of your personal data.
The Agency does not consider your personal data as an asset for sale and, thus, does not sell your personal data to any third parties.
5. For how long are Your personal data retained on ESA's behalf?
For the duration of 5 years after the workshop and the management of the follow-up activities.
6. How can you erase, rectify, complete or amend your personal data?
The Agency is keen to collect and process accurate personal data and to keep it updated. You may request the erasure, rectification, completion or amendment of your personal data if, and to the extent that it is inaccurate or incomplete, having regard to the purposes for which they are collected and processed, or if they are processed in violation with the principles referred in ESA PDP Framework.
If you choose to make a request for the erasure of personal data after registration, you understand and agree that ESA cannot process the registration to the event and you therefore will not be able to access the event, its material nor will you receive the email invitation to attend it online.
The above-mentioned request should be submitted to the ESA DPO, as first point of contact, by sending an email to: dpo@esa.int, copy to: sefuw@esa.int
7. What could you do in case of a data protection incident?
In case of a data protection incident, contact the ESA DPO by sending an email to: dpo@esa.int
In case you wish to submit a complaint, you are required to comply with the Rules of Procedure of the Supervisory Authority set forth by ESA PDP Framework. You will be required to demonstrate that a data protection incident occurred in relation to your personal data, following a decision of the Agency or at least to justify serious reasons to believe that such incident occurred.
8. Your consent
For those cases where your consent was not already obtained by ESA (including by other modalities) and is required under the ESA Framework on Personal Data Protection, you agree with the collection and further processing of your personal data:
For the purposes:
- as listed under (1) in this privacy notice
- of the public publication of your material
- of the disclosure to CNES
- of the disclosure to the sponsors: Frontgrade, Microchip Technology, Xilinx now part of AMD
Your consent must be provided through the registration form.
