Privacy and website terms of use

Activities

EUROCONTROL protects your personal data in accordance with the EUROCONTROL Regulation on Personal Data Protection adopted by its Member States and published in 2008, and its Implementing Rules which were published in 2017.

EUROCONTROL collects personal data via its public website (1) as well as via its system used to manage access of staff and visitors to its premises (2).

1/ Why do we collect, store and process your data on our website?

The EUROCONTROL website offers an insight into news, topics and activities of the Organisation to a wide range of people interested in European air traffic management (ATM). It also links visitors to EUROCONTROL’s project or programme sites which are of interest to the ATM community.

EUROCONTROL may collect and process your personal data for a number of reasons: subscription to newsletters, registration to events, website statistics, etc.

What personal data do we collect, store and process via the EUROCONTROL public website?

Some of the services offered on our website require the processing of your personal data. Here we give you an overview of the ways this website processes your personal data including the use of cookies and social media. The personal data we collect is divided into the following subsets: cookies data and subscription-related data.

Cookies data

Cookies are short text files stored on a user’s device (such as a computer, tablet or phone) by a website, which could be used for the technical functioning of a website, for gathering statistics on the use of the website or for other purposes, such as to provide a user with a more personalized experience. On the EUROCONTROL website we use only web analytics cookies.

Subscriptions data

When you subscribe to our e-news, register to our events, or submit a service request form, we gather in a dedicated database the personal data necessary to process your request. Furthermore, when launching emails or e-news campaigns, we gather data to assess the impact of a campaign. Hence, depending on the nature of the event or subscription, the following data might be gathered and stored in our dedicated database:

  • Corporate profile:
    Title, name, job title, function, company name, email, work phone, work address (street, zip code, city, country), the list of meetings or events in which you are participating or have participated, the meeting reports and your private address if you have agreed that it can be used for our interactions.
  • Other information about you:
    Corporate profile fields as well as nationality, date of birth, company department, alternative email addresses, and private phone if you have given it, and visa information if you have asked for assistance in obtaining a visa for visiting our premises.
  • Tracking data:
    This information is generated by our email campaigns is kept and used in anonymised form solely for statistical purposes, i.e. to establish the usefulness of a mailing. Personal tracking data will not be used except in cases where, after consultation with the subscriber and upon request, a staff member verifies that an email has been sent and arrived at its destination.

In the cases when you register for one of our online services via our website, the processing of personal data for the purposes of delivering the service is explained in a service specific privacy notice which can be found either as part of the service's registration process, the service's web page, or, more likely, on the service's interface.

Control the cookies on this website

List of Cookies

EUROCONTROL is using web analytics cookies as well as some social media cookies.

A banner is displayed on every page of the web site, informing you of the use of cookies and giving you the possibility to opt-in or opt-out. If you choose to opt-in (and thus being tracked), you can always change your mind and opt-out.

Required functional cookies
  • cookie_agreed: this cookie is needed to see if we may store cookies on your device (Store time: 6 months);
  • has_js: this cookie checks if you have javascript enabled (Store time: end of session);
  • PHPSESSID: this cookie keeps track of your current session (Store time: end of session).
Analytics cookies
  • _gat, _ga, _gid: Google analytics cookies (permanent cookies with a maximum duration of 2 years);
  • _pk_id (Store time: 13 months), _pk_ref (Store time: 6 months), _pk_ses, _pk_cvar, _pk_hsr (Store time: 30 minutes): Matomo cookies;
  • ARRAffinity: this cookie is needed to load the NSV map on the homepage (Store time: end of session).

EUROCONTROL uses Matomo and Google Analytics web analytics tools to analyse website traffic and thus allowing us to better understand how people use the site and to improve our website and user's experience. Both Matomo and Google Analytics set cookies on your device. However, EUROCONTROL only uses this information for statistical analysis purposes. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

Analytics cookies track visitors' information such as: IP address (which is masked), location, time of the visit, URL of the page viewed, downloads performed, links that were followed, browser language and version, etc. This information is being used to prepare aggregated, anonymous statistics reports of visitor activity.

You have always the possibility to opt-out from our Cookies and thus you will not be tracked.

Social media cookies

Cookies are not set by our display of social media buttons in our website pages or from the use of embedded components from those services (except for Youtube, see hereafter).

Each social media channel has their own policy on the way they process your personal data when you access their sites.

  • YouTube
    Some videos available on the EUROCONTROL website are embedded from EUROCONTROL corporate Youtube channel. YouTube’s privacy-enhanced mode is enabled: This means that YouTube will not set cookies for a user who views a web page that contains a privacy-enhanced YouTube embed video player, but does not click on the video to begin playback. Moreover, the application of the privacy-enhanced mode implies that YouTube will not store personally identifiable cookie information for playbacks of embedded videos. More info available on YouTube’s embedding videos information page.
  • Twitter
    Clicking on the Twitter icon on our website will re-direct you to the Twitter site, which has its own cookie and privacy policies over which we have no control.
  • LinkedIn
    By clicking on the LinkedIn button on our website, you will be re-directed to the LinkedIn site, which has its own cookie and privacy policies over which we have no control.
  • Facebook
    By clicking on the Facebook button on our website, you will be re-directed to the Facebook site, which has its own cookie and privacy policies over which we have no control.

How to control cookies from your browser

Most browsers automatically accept cookies. You can prevent cookies from being stored on your computer or device by changing your browser settings instructions for most frequently used browsers are given below:

Firefox - Microsoft Edge - Internet Explorer - Chrome - Safari (IOS) - Android (Chrome)

Do not track preferences

Do not track is a function that allows visitors to opt out from being tracked by websites for any purpose including the use of analytics services, advertising networks and social platforms. Do not track options are available in a number of browsers including:

Firefox - Microsoft Edge - Internet Explorer - Chrome - Safari - Opera

Subscription data

The data gathered via the web-based subscription or event registration forms are stored within a database of stakeholder contact information. It might also contain information obtained from you at meetings at EUROCONTROL, on visits to your organisation, or at other events in which EUROCONTROL is involved.

This database enables the creation of mailing campaigns with a possibility to track if the mail has arrived and been opened by the recipient. This tracking data is kept and used solely for statistical purposes to establish the usefulness of a mailing. It is used in an aggregated and anonymised manner. The aim is to identify the information which is most relevant to users.

Who is your data disclosed to? Who has access to your data?

We either collect the data directly from you when you subscribe to one of our meetings, events or service or we create a record of you because you are part of a delegation from your State or Organisation which participates in our meetings. We also collect data from you when you ask for access to one of our services. Your name may also appear in reports of meetings where you have met our staff members.

The collected personal data is treated with confidentiality by the relevant staff of EUROCONTROL. In particular:

  • Meeting secretariats and stakeholder relations assistants who keep distribution lists up-to-date will have access to full personal data
  • All EUROCONTROL staff that need to contact you for professional reasons, to invite you to events or to inform you about relevant news and will have access to the corporate profile only.

Your rights

What are your rights under the EUROCONTROL Data Protection Regulation?

You have the right to access, rectify, complete and update your data and you may also ask an immediate update or deletion of your personal information by contacting srm admin support . You have the right to object to the use of your personal data in some circumstances. You have the right to request additional information about the handling of your personal data by contacting srm admin support.

How can you withdraw consent you have given to EUROCONTROL?

You may withdraw your consent at any moment by contacting srm admin support by mail or by unsubscribing directly via the marketing material. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) you originally agreed to.

What do we do to avoid misuse or unauthorised access to personal data concerning you?

EUROCONTROL is committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, EUROCONTROL has put in place suitable physical, electronic and managerial procedures to safeguard and secure the information collected online. Staff handling your data are bound by confidentiality obligations.

What safeguards do we apply when we transfer your data to third parties?

EUROCONTROL has implemented contractual safeguards that ensure your data is managed in accordance with EUROCONTROL Data Protection rules

We will not, under any circumstances, share with or sell your personal information to any third party for marketing purposes, and you will not receive offers from other companies or organisations as a result of giving your details to us.

2/ How do we manage access control at EUROCONTROL headquarters? Why do we collect, store and process your data?

As an international organisation hosting numerous meetings for our stakeholders and employers, EUROCONTROL has the responsibility of providing security for persons, assets and information on EUROCONTROL premises at all times, by implementing appropriate levels of protection. One of the physical and technical protective measures to fulfil this objective is to operate an access control system (hereinafter referred to as "the System") applicable to any person requiring access to EUROCONTROL Headquarters (HQ). The purpose of the System is to ensure that access to the HQ site and internal areas is granted on a "need-to-have" basis and only to authorised personnel and visitors (Office Notice No 01/22). The System collects, processes and stores personal data which is linked to personal QR codes or personal RFID badges used for granting or denying access.

What data do we collect, store and process about you?

Persons with permanent access to HQ

We collect, process and store a photograph of your face, your EUROCONTROL personal identification number, first name, last name, start and end date of employment, the directorate/unit/service where you work, and your clockings-in and clockings-out at HQ badge readers. We collect and process your fingerprint minutiae (the four fingers of each hand) in order to generate a hash code, which is stored on your badge only. The fingerprint details are not stored in our systems.

Visitors

We collect, process and store your first name, last name, date of birth, nationality, email address, job and organisation and clockings-in and clockings-out at HQ badge readers.

To whom is your data disclosed? Who has access to your data?

Access to your personal data is provided to EUROCONTROL security staff (HRS/CSS) and authorised contracted security guards in accordance with the “need-to-know” principle. Such staff abide by statutory agreements.

How long is your data kept?

EUROCONTROL keeps your personal data only for as long as is necessary for the purpose of collection or further processing, plus a reasonable retention period thereafter, provided that no contentious issues have occurred. In such cases, data might be kept until the end of the last possible legal proceedings.

The data will therefore be retained for a maximum period of the duration of employment with EUROCONTROL or of the need to access EUROCONTROL premises. Data recorded in the System will be removed at the end of this period, upon the surrendering of the badge. Surrendered and expired personal badges will be cancelled and destroyed. Only badges not containing personal data (i.e. those for visitors) may be reused.

Data collected for the release of daily badges will be retained for a maximum period of 5 years, for the purpose of protecting specific EUROCONTROL interests (e.g. in the case of events leading to contentious issues).

Data may be kept for longer periods than mentioned above only for the purpose of protecting EUROCONTROL interests. Once it is no longer necessary to retain the personal data to protect EUROCONTROL interests or the last legal proceedings have been completed, the personal data will be deleted.

What are your rights under the EUROCONTROL Data Protection Regulation?

You have the right to access, rectify, complete and update your data option by contacting [email protected]. Access, rectification, completion or updating of your data may be subject to the presentation of an ID document (ID card issued by a EUROCONTROL Member State or passport). You have the right to request additional information about the handling of your personal data by contacting [email protected].

What do we do to avoid misuse of or unauthorised access to data concerning you?

Except for biometric data, which is not stored, other personal data are encrypted on RFID badges and stored in servers hosted in secure premises, protected by physical and logical security measures.

Only the system administrator specifically appointed by the controller for this purpose is able to grant, alter or annul the access rights of any persons. Records of persons having access to the system are kept at all times.

As for the biometric data, an algorithm converts the minutia points into a binary code. An application then encrypts the binary code on your badge. Neither the biometric reader, nor the access control database, nor the enrolment device nor the badge keeps records of biometric data.

What safeguards do we apply when we transfer your data to third parties?

In the framework of a criminal or security investigation, upon duly justified request, EUROCONTROL may transfer data to law enforcement agencies from the host nation or other EUROCONTROL Member States. The transfer of data would occur only with the EUROCONTROL Director General's approval. Transferred data would be either encrypted (electronic transmission) or protected (paper transmission).

Who can you contact if you have questions or want to make a complaint?

For any queries related to your personal data, please contact [email protected], which is the entity responsible for the processing of the personal data concerning you.

Complaints can be addressed to EUROCONTROL's Data Protection Officer.

3/ Data Protection Officer

What are the contact points for questions and complaints?

For any queries related to your personal data, please contact: srm admin support.  Complaints can be addressed to EUROCONTROL’s Data Protection Officer.

These are the data controllers responsible for their respective specific periodical newsletter and publications as mentioned below. If you cannot find your data processor, contact srm admin support:

Publication Controller Contacts
Aviation Intelligence Unit (AIU) Newsletter Enrico Spinielli Contact
Aviation Trends Kyla Evans Contact
European Aviation Overview Kyla Evans Contact
Raising the aviation bar (Podcasts) Kyla Evans Contact
Data Snapshot Kyla Evans Contact
Think Papers Kyla Evans Contact
Aviation Sustainability Briefing Marylin Bastin Contact
ETS Updates Marylin Bastin Contact
European Regulatory Updates Jean-Francois Piriou Contact
Innovation Hub Updates Laurent Renou Contact
LSSIP newsletter Marya Koleva Contact
SESAR PJ19 / PJ20 Wim Post Contact
Special flash info Wim Post Contact
EATMA newsletter Wim Post Contact
ERNIP Monitoring report Razvan Bucuroiu Contact
Skyway magazine Kyla Evans Contact
Hindsight magazine Antonio Licu Contact
ACAS bulletin Antonio Licu Contact
All-causes delay report Charles Walker Contact
Network operations reports Gerard Boydell Contact
ALC Newsletter and Weekly Updates Rik Dermont Contact
NM ATFM Daily briefing Christopher Peregrine Contact
Digitalisation and information newsletter Dennis Hart Contact