Head of the MAKE-IT unit

Directorate Digital Services (SMART)
delegates.support@consilium.europa.eu

DELEGATES PORTAL and the EU COUNCIL app are part of a wider portfolio of applications (IKM ~ Information and Knowledge Management) covering several business processes within the Council decision making domain. As such, these systems make use of a common underlying and interlinked data set.
DELEGATES PORTAL collects and handles the following categories of personal data:

• contact details (first and last name, email, phone, mobile);
• login details (credentials);
• details about your workplace (department, address);
• application preferences;
• community memberships;
• voting intentions;
• participation in meetings and travel information declarations.

Additionally, the system collects information about your preference to receive (or not) newsletters from the General Secretariat of the Council. These newsletters are a supplementary service to update you on what is happening at the Council. The content of these newsletters is always relevant to your dealings with the Council of the EU and can range from practical info (e.g. having regard to accessing the GSC buildings), to new initiatives or IT systems of interest to you etc.
The EU COUNCIL app, the TRILOGUE TABLE EDITOR and EDiT make use of a subset of personal data collected by DELEGATES PORTAL. The EU COUNCIL app only collects information related to participation in meetings, corresponding travel information declarations and photographs of identifiable individuals published on the app with the individuals' consent.
If you are using the EU COUNCIL app as a 'guest', no personal data is collected nor handled.

Personal data collected by DELEGATES PORTAL and the EU COUNCIL APP serves to

• authenticate you;
• authorise or refuse access to information;
• personalise the information displayed (such as favourite meetings and language settings);
• inform you about important information that has been published recently (document and/ or meeting info) related to your dealings in Council Preparatory Bodies;
• inform you about new initiatives relevant to your dealings with the Council of the EU (newsletter);
• provide the rotating Presidencies with contact details necessary for both formal and informal coordination;
• log executed actions, to be able to generate security audit trails whenever needed. This includes administrative actions, cast of votes or intention, content consultation, etc
• The EU COUNCIL app only collects information related to participation in meetings, corresponding travel information declarations and photographs of identifiable individuals published on the app with the individuals' consent.
• Embellish the EU COUNCIL APP through the publication of photographs of identifiable individuals inputted by authorised GSC staff members.

Art. 235 (4) and 240 (2) of the Treaty on the Functioning of the EU and article 23 of Rules of Procedure of the Council of the EU.
The processing of your personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body (Article 5(1)(a) of Regulation (EU) No 2018/1725).

In addition, any photographs of identifiable individuals posted in the EU COUNCIL app are processed on the basis of consent in accordance with Article 5 (1) (d) of Regulation (EU) 2018/1725: "The data subject has given consent to the processing of his or her personal data for one or more specific purposes".

Please note that you can withdraw your consent for the publication of your photograph in the EU COUNCIL app at any time by contacting: communication.interne@consilium.europa.eu .
Note that you can unsubscribe from the newsletters sent out by the General Secretariat of the Council of the EU at all times, either by clicking the "Unsubscribe" link in the email received or by unticking the subscription box in the notification settings of your personal profile in DELEGATES PORTAL.
Please note that your device will propose you to enrich your experience within the EU COUNCIL app by asking for your permission to use certain device functions. None of these permissions are essential to operate the app. They will also not lead to personal data being processed. Each of them can be disabled via the settings menu of your device. These permissions include:

• Notifications: by enabling these, we will be able to inform you about issues that could prevent you from accessing our buildings (traffic, demonstrations, etc.)
• Location services:b y enabling these, you will be able to position yourself on the maps and as such make it easier to find your way
• Agenda access: by enabling this, you will be able to copy selected meetings to the calendar on your device
• Storage: by enabling this, you will be able to download documents to your device and consult them when offline
• Camera: by enabling this, you will be able to scan invitation codes for special events
• Contacts: by enabling this, you will be able to send emails to contacts you may find within the app (such as other meeting participants)
• Phone: by enabling this, you will be able to launch phone calls to contacts you may find within the app

Not applicable

The EU COUNCIL app, the TRILOGUE TABLE EDITOR and EDiT make use of a subset of personal data collected by DELEGATES PORTAL. The EU COUNCIL app only collects information related to participation in meetings and corresponding travel information declarations.

Your personal data might be accessed by the support team within the General Secretariat of the Council (composed of helpline operators and system administrators) and the Local DELEGATES PORTAL Administrator of the organisation you are working for. A limited set of your personal details (firstname, lastname, heading) might also be accessed by authorised users within the European Parliament, the European Commission and the EU Presidency in context of the TRILOGUE TABLE EDITOR. Meeting participation information is available to other participants of the meetings, whereas travel information declarations (Member States only) is shared with the General Secretariat of the Council and the person carrying the role of 'Presence Manager' within your Member State.
Your contact details will also be accessed by our contractor in charge of handling newsletters (Brevo). All users of the EU COUNCIL app will have access to personal data in the form of photographs of identifiable individuals published in the app.

Data stored at the General Secretariat of the Council of the European Union will not be transferred to a third country.
DELEGATES PORTAL account information is stored on our infrastructure. The General Secretariat of the Council of the European Union provides appropriate technical and organisational security measures to protect your data against loss, destruction or damage.

Please note that the EU COUNCIL app is distributed via the mainstream app stores from Apple and Google. Any personal data exchanged between your device and these platforms which goes beyond the actual use of the EU COUNCIL app cannot be controlled by the General Secretariat of the Council of the European Union and is subject to the personal agreement between you and the respective platform provider(s) (see https://policies.google.com/privacy and https://www.apple.com/legal/privacy/ for more information).

The retention period of user account data for GSC staff and delegates is aligned across IKM systems in order to guarantee data consistency across those systems. Your personal information will be kept in the IKM systems until three years after the year in which your account was de-activated or expired (which happens automatically every 6 months - subject to a renewal process).

The retention period for the list of participants who confirmed their presence at a meeting is three years after the date on which the meeting took place.

Any photographs of identifiable individuals published in the EU COUNCIL app will remain visible to end-users until they are deleted when they are considered obsolete or no longer necessary, or where the individual has withdrawn their consent. After deletion, photographs can still be retrieved from system backups for one year after deletion.

The retention periods described above include one full year in backups.

Not applicable

You have the right of information and the right of access to your personal data.
You also have the right to correct and complete your data. Under certain circumstances, you may have the right to obtain the erasure of your personal data, or the right to object to the handling of your personal data or to ask for it to be restricted.
You can exercise these rights by sending an e-mail to the person responsible for the handling of your personal data (see point 1), with a copy to the Data Protection Officer (point 2). With your request, you must provide a copy of an identification document to confirm your identity (ID card or passport). This document should contain an identification number, country of issue, period of validity, your name, address and date of birth. Any other data contained in the copy of the identification document such as photo or any personal characteristics may be blacked out.

Not applicable

edps@edps.europa.eu
Before you do so, it is recommended that you first try to obtain a remedy by contacting the person responsible for the handling of your personal data at the GSC (see point 1) and/or the Data Protection Officer (point 2).