The European Privacy Association and Transparency
The European Privacy Association aims to operate with the utmost transparency concerning our budget and the sources of our funding. Our mission is to promote forward-thinking, effective, and sustainable protection of personal data, powered by our independent research and analysis and that is what we are going to do.
The European Privacy Association is undertaking substantial changes
EPA is now listed under 97050032046-57 “Think tanks and research institutions” and this is the way we want to go forward. We want to focus on providing the public debate and institutions with independent scientific research and analysis, expanding the formerly singular focus on privacy and data protection regulation to also include the vast field of data science that grows as we speak. This will be accomplished by way of the extraordinary community of experts that we have gathered to participate in our Scientific Committee. The new EPA Scientific Committee consists of leaders in the privacy, data protection, data security and data science world who have proved their professionalism and knowledge in the field. A complete list of the Members of the Scientific Committee will soon be published on our website.
To reinforce our commitment towards independent scientific research, we have appointed a new Board of Directors. Dr. Paolo Balboni, our former Scientific Director has become the Chairman; Mr. Florian Damas, Managing Director; a new Scientific Director will soon be appointed; Ms. Kate Francis, Secretary General; and Ms. Geny Li, Treasurer. The new Board of Directors will provide the greatest level of transparency possible concerning our budget and supporters and will support the development of EPA into a genuine think-tank that promotes non-biased scientific work on themes related to data science and data privacy.
Our purpose is to promote sustainable privacy and data protection by way of our independent research and we aim do this by way of both private and public funding. Private and public entities will be invited to fund our non-biased research in order to promote innovation and protect fundamental rights.
In order to ensure conformity with the non-binding guidelines of the Transparency Register, we have taken it upon ourselves to reach out to the contact person of the Register concerning our position.
We welcome any inquiries concerning our activities, budget, or Board of Directors which can be made by writing to info [@] europeanprivacy.eu.
Brussels, 22 December 2015
I recently accepted the role of Chairman of the European Privacy Association. I was the Scientific Director of EPA and I strongly believe in the quality and merit of our independent, well-balanced research that was produced under my supervision. In my actual position it is my duty to make sure that EPA complies with the guidelines of the Transparency Register.
EPA last corresponded with you in 2013. We are now undertaking substantial changes. We want to focus on providing the public debate and institutions with independent scientific research and analysis, expanding the formerly singular focus on privacy and data protection regulation to also include the vast field of data science that grows as we speak. This will be accomplished by way of the extraordinary community of experts that we have gathered to participate in our Scientific Committee. The new EPA Scientific Committee consists of leaders in the privacy, data protection, data security and data science world who have proved their professionalism and knowledge in the field. A complete list of the Members of the Scientific Committee will soon be published on our website.
We are a think tank in the true sense of the word, a body of experts that provides ideas and shares research outputs on specific topics, in this case privacy, data protection, data security and data science. Our organization is comprised of five Board Members, a Scientific Committee consisting of leading experts in the field, and a number of Fellows who are also experts in the field. We have produced high-level scientific research that has been published in leading peer-reviewed international law journals as well as informative papers for internal use. We will soon begin other activities that promote the exploration of the themes that we study, activities that are purely of an investigative and research-based nature.
We no longer have companies as “Members” and we do not in any way aim to represent the interests of any company, individual, or institution. However, as any non-profit Association, body, or institute has the necessity of a budget to carry out their activities, we are seeking funds from private and public bodies to enable EPA to run daily operations and carry out our research activities.
We are and we believe that EPA should be listed under “Think tanks and research institutions”. The subsection of “Think tanks and research institutions” outlined in Annex 1 of the Transparency register is defined as, “Specialised think tanks and research institutions dealing with the activities and policies of the European Union.”
In the past we were listed under the “In-house lobbyists and trade/professional associations” category. The “In-house lobbyists and trade/business/professional associations” definition in Annex 1 reads, “Organisations (either profit or non-profit making themselves) representing profit-making companies or mixed groups and platforms”. This definition does not describe our organization in any way because we do not represent any company, mixed group, or platform.
EPA’s mission is to promote non-biased forward-thinking, effective, and sustainable protection of personal data, powered by our independent research and analysis. We therefore strongly believe that we belong to the “Think tanks and research institutions” category as it most accurately represents our DNA and modus operandi.
I look forward to receiving your feedback on the right category choice for our association and any comments you may have for us to be as transparent as possible.
This policy statement describes how the personal data of the user is processed, managed and transmitted by the data controller (the “Data Controller”). This statement is made pursuant to the EC Regulation 45/2001, to those who interact with the web services of the European Privacy Association (EPA here after), which can be accessed electronically through the web address www.europeanprivacy.eu, which is the website of EPA.
This statement applies exclusively to EPA website in question and not to other websites which users may access through the links contained in this website.
THE “DATA CONTROLLER”
Following a visit to or voluntary registration with this website, data, including sensitive data or data which could reveal the health of identified or identifiable persons, may be processed. The Data Controller of the data processing is EPA with offices at Square de Meeus, 37, Brussels, 1000 (Belgium). Persons and entities responsible for processing and places of data processing Processing in relation to the services of this website takes place at the offices of the Data Controller as indicated above and on the server located at the ARUBA server farm at Via Sergio Ramelli 8 – 52100 Arezzo (AR) Italy. Data will be processed by EPA personnel at its legal, administration and system administration departments, according to objectives to be established on the bases of requests from persons concerned. A list of other entities responsible for data processing is available from the Data Controller and may be requested by email from: firstname.lastname@example.org
METHOD OF PROCESSING
Personal data is processedby automatic and electronic means for the time necessary to achieve the purposes for which it has been collected. Specific security measures have been implemented in order to prevent data loss, unlawful or improper uses and unauthorised access. These measures include secure https protocol for some confidential parts of the website and its applications, as well as protection against unauthorised access to the servers and other processors. Personal data provided by users who register or request information (reports, newsletters, responses to inquiries, etc.) is used solely for the purpose of performing the service or responding to enquiries and is forwarded to third parties who are not appointed by the Data Controller as persons or entities responsible for processing (subject to the consent of the person concerned) only in cases where necessary for such purposes.
TYPES OF DATA PROCESSED
Surfing data During normal operation, the computer systems and software procedures used by this website acquire some personal data and the transmission is implicit in the use of internet communication protocols. This is information which is not collected in order to be associated with a particular person, but by its nature could, through processing and combination with data held by third parties, enable users to be identified. This category includes: IP addresses and domain names of computers utilised by users to connect to the website, addresses of requested resources in URI (Uniform Resource Identifier) notation, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the state of the response given by the server (successful conclusion, error, etc.) and other parameters relating to the user’s operating system and informatics environment. This data is used solely to obtain anonymous statistical information on the use of the website and to verify that it is functioning correctly (see also the paragraph on Cookies below). The data could be used by the competent authorities to ascertain responsibility in hypothetical cases of computer- related crime resulting in damage to the site. Personal data provided voluntarily by the client may also be processed.
The use of so-called ‘session cookies’ (which are not persistently stored on the user’s computer and vanish when the browser is closed) is strictly limited to the transmission of the session identifiers (consisting of random numbers generated by the server) which are necessary to enable secure and efficient exploration of the site and its applications. The so-called ‘session cookies’ used in this website obviate any recourse to other IT techniques potentially prejudicial to the confidentiality of users’ browsing and do not allow the acquisition of the personal identification details of users.
This website uses some systems that analyse user browsing histroy to create visit statistics or to improve the content and may be used fortargeted advertising into the websites. The system used is Google Analytics, a web analysis service provided by Google Inc. (“Google”). Like any other systems, Google Analytics uses “cookies” which are text files that are stored in your computer to enable the website to analyse how users use the site. Information generated by the cookie on your use of the website (including your IP address) will be transmitted to and stored by Google servers in the United States. Google will use this information to trace and examine your use of the website, to compile reports on the activities of the website for the website operators and to provide other services related to the activities of the website and Internet use. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on behalf of Google. Google will not associate your IP address with any other data possessed by Google. You may refuse to use the cookies by selecting the appropriate settings on your web browser, but doing so could prevent you from using all the functions of this website. By using this website, you give your consent to the processing of your data by Google for by the methods and for the purposes indicated above. No other use is made of cookies for the transmission of information of a personal nature, nor will other persistent cookies or other user tracing systems be used. Please be advised that you can set your browser software (e.g. Firefox, Internet Explorer, Safari, Chrome) so that it will not accept cookies, thereby activating so-called ‘anonymous navigation’. This way no information will be processed through these systems. Option for providing data other than navigation data Apart from what has been specified in respect of navigation data, users are free to provide the personal data indicated in application/registration forms (some by a separate, specific request for informed consent for any processing is required) or in any case provided to EPA when making request for informationalmaterial or other communications (such as management of personal contact requests for quotes or information on the services offered by EPA). The optional voluntary sending of email to the addresses indicated on this site, or through registration or communication forms, entails the subsequent acquisition of the sender’s address, necessary for responses to requests, and of any other personal data contained in the messages. Specific summary information and requests for consent will be progressively posted or displayed on the pages of the site dedicated to particular services (e.g. subscription to newsletters, registration, requests for services). Failure to provide consent could in some cases render the request unobtainable.
RIGHTS OF DATA SUBJECTS
Those to whom the personal data refers to (the “Data Subjects”) have the right at any time to obtain confirmation of the existence or otherwise of such data, to be informed of its content and origin, to verify its accuracy or request that it be supplemented, updated or corrected (EC Regulation 45/2001). The said Article also provides that those concerned have the right to request that data processed in violation of law be deleted, transformed into anonymous form or frozen and in all cases to object to its processing on legitimate grounds. All requests should be sent to the postal address of the Data Controller or by email to: email@example.com