Data protection

Data Protection is the safeguarding of the privacy rights of natural persons in relation to the processing of personal data. The Regulation (EU) 2018/1725 on Data Protection confers rights on individuals as well as placing responsibilities on those persons processing personal data.

Personal data, data subject

Any information relating to an identified or identifiable natural person. An identifiable natural person, called the data subject, is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Article 3 (1) Reg. 2018/1725).

Processing of personal data

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processing personal data of ETF's stakeholders and other people involved or interested in the activities of the ETF occurs for example in events organisation procedures, recruitment procedures …

Data processing operations concerning staff include, for example, procedures relating to staff appraisal and promotion, handling of personal and medical files.

Central register

ETF keeps its records of processing activities in a publicly accessible central register.

Data Controller

The processing of personal data by the ETF is under the responsibility of the data controller who is the ETF’s Director. The data controller is responsible for ensuring, in particular, that technical and organisational measures are undertaken so as to protect the personal data with an appropriate level of security. The data controller remains legally responsible if someone who works for him or her breaches the data protection rules.

Data Protection Officer

The ETF Data Protection Officer (the DPO) is the person who shall ensure that the rights and freedoms of the data subjects are respected by ETF, and advises the data controller on fulfilling the obligations.

The DPO also provides advice and makes recommendations on rights and obligations of ETF and its services related to data processing processes and operations.

In critical situations, he or she may investigate matters and incidents either upon a request of a data subject or on his own initiative.

The DPO keeps a register of all personal data processing operations carried out in the institution, and ensures the timely notification of sensible personal data processing operations to the European Data Protection Supervisor (EDPS).

The ETF's DPO can be contacted at, or directly:

    Tiziana Ciccarone (ETF Data protection Officer)
    Laurens Rijken (Deputy Data Protection Officer)

The European Data Protection Supervisor (EDPS)

The European Data Protection Supervisor is the independent supervisory authority responsible for monitoring and ensuring the application of data protection rules by European Community institutions and bodies, including the Agencies

More information

Register of personal data processing operations
Privacy statement 02 Virtual Communities
Privacy statement 03 Events
Privacy statement 04 Public Access to Documents
Privacy statement 05 Photos and Videos
Privacy statement 06 Publications
Privacy statement 07 Website
Privacy statement 10 Stakeholders Relationship Management (SRM)
Privacy statement 12 Procurement procedures and contract management
Privacy statement 18 Management of temporary workers
Privacy Statement 23 Visitors registration
Privacy Statement 24 Videosurveillance
Privacy statement 30 Info requests
Privacy statement 31 Selection of statutory staff, trainees, SNEs
Privacy statement 37 Declaration of commitments and interest
Privacy statement 39 Travel management
Privacy statement 02 Open Space