Information about processing of personal data in ESPON
As the ESPON EGTC's services collects and further processes personal data, it is subject to Regulation (EC) 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data.
Processing operations are under the responsibility of the ESPON EGTC regarding the collection and processing of personal data.
2. What personal information do we collect, for what purpose, under which legal bases and through which technical means?
Types of personal data
Personal data collected and further processed can relate to the following data:
• Contact details (e-mail address, business telephone number, mobile telephone number, fax number, postal address, company and department, country of residence, internet address);
• Certificates for social security contributions and taxes paid, extract from judicial records;
• Bank account reference (IBAN and BIC codes), VAT number, passport number, ID number;
• Information for the evaluation of selection criteria or eligibility criteria: expertise, technical skills and languages, educational background, professional experience including details on current and past employment;
• Declaration on honour that they are not in one of the exclusion situation referred to in the Financial Regulation (see Legal bases section below).
Upon reception of your tender or request, your personal data is collected and further processed for the purpose of the management and administration of procurement procedures as well as other procedures by ESPON EGTC’s services.
The legal bases for the processing operations on personal data are:
• Regulation (EU, Euratom) no 966/2012 of the European Parliament and of the Council of 25 October 2012 on the financial rules applicable to the general budget of the Union ("Financial Regulation").
• Commission Delegated Regulation (EU) No 1268/2012 of 29 October 2012 on the rules of application of Regulation (EU, Euratom) No 966/2012 of the European Parliament and of the Council on the financial rules applicable to the general budget of the Union.
Your personal data is provided by yourself or by a third part duly authorized by you before submission of the tender.
The information is collected in files stored in an isolated secure system. The information is processed by the ESPON EGTC staff and might only be transferred to other institutions in order to accomplish the public procurement procedure or for the purposes of audits, under the responsibility of the ESPON EGTC mentioned in the invitation to tender.
3. Who has access to your personal data and to whom is it disclosed?
For the purpose detailed above, access to your personal data is given to the following persons, without prejudice to a possible transmission to the bodies in charge of a monitoring or inspection or control task in accordance with European Union law:
• ESPON EGTC staff as well as outside experts and contractors who work on behalf of the ESPON EGTC for the purposes of management of the procurement procedure and tender evaluation, and the bodies charged with a monitoring or inspection or control task in application of Union law (e.g. internal audits, Financial Irregularities Panel, European Anti-fraud Office - OLAF).
• Members of the public; In case you are awarded a contract by the ESPON EGTC, some personal data will be made public, in accordance with the ESPON EGTC’s obligation to publish information on the outcome of the procurement procedure deriving from the budget of the European Union. The information will concern in particular your name and address, the amount awarded and the name of the project or programme for which you are awarded a contract. It will be published in supplement S of the Official Journal of the European Union and/or on the website of the ESPON EGTC.
• The ESPON Managing and Certifying Authorities for the purpose of verifications and audits.
• Financial Controllers or auditors, as relevant, who work on behalf of the ESPON EGTC or on behal of the ESPON Managing Authority for the purpose of audits.
4. How do we protect and safeguard your information?
The collected personal data and all related information are physically stored in the ESPON EGTC premises and/or on the computer servers of the ESPON EGTC.
5. How can you verify, modify or delete your information?
In case you wish to verify which personal data is stored, have it modified, corrected, or deleted, please make use of the contact information mentioned below, by explicitly describing your request.
Special attention is drawn to potential consequences of a request for deletion, as this may lead to an alteration of the terms of the tender and lead to exclusion.
6. How long do we keep your personal data?
Your personal data are kept:
• Files relating to tender procedures and other procedures including personal data are to be retained in the service in charge of the procedure until it is finalised, and in the archives for a period of 10 years following the signature of the contract. Tenders from unsuccessful tenderers have to be kept only for 5 years following the signature of the contract signed by the successful tenderer.
• Until the end of a possible audit if one started before the end of the above period.
• After the period mentioned above has elapsed, the tender files containing personal data are sampled to be sent to the historical archives for further conservation. The non-sampled files are destroyed.
7. Contact information
For any further question concerning the processing of your personal data, feel free to contact the ESPON EGTC, by using the contact email firstname.lastname@example.org, and by explicitly specifying your request.