Skip to main content

Specific privacy statement

1. Introduction

This privacy statement explains the reason for the processing, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you may exercise in relation to your data (the right to access, rectify, block etc.).

The European institutions are committed to protecting and respecting your privacy. As this service/application collects and further processes personal data, Regulation (EC) N°45/2001 1 , of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.

This privacy statement concerns a consultation undertaken by DG Internal Market, Industry, Entrepreneurship and SMEs (DG GROW), hereinafter referred as the operating DG.

2. Why do we process your data?

Purpose of the processing operation: DG Internal Market, Industry, Entrepreneurship and SMEs, Unit H1, COSME Programme, SME Envoys and Relations with EASME (referred to hereafter as Data Controller) collects contributions on a specific topic and, eventually, publishes them through different means (the Internet, Commission's publications, meetings etc.).

Personal data collected in this context may become part of a database with the purpose of facilitating the interaction between the EC and its stakeholders in their areas of interest. A specific notification should cover this processing.

If data subjects do not wish to be included in this database, they can address themselves to the operating DG.

Lawfulness of the processing operation:

The processing operations of personal data in the context of consultations are necessary and lawful under article 5 (a) of Regulation (EC) 45/2001.

Stakeholders and the public at large send their contributions to public consultations on a voluntary basis (Art. 5(d) Regulation 45/2001).

3. Which data do we collect and process?

Only data necessary for the participation to the Consultation can be collected and processed, namely: title, first name, family name, organisation, department/service, organisation's geographic area of activity, street and number, country, postal code, city, phone, fax, e-mail address, data subject's categories they represent, language, age group and contribution.

Personal data can be published following the Consultation but an opt-out option is provided for in the Privacy Statement.

The data are given by data subjects on a voluntary basis. No data fields fall under article 10.

4. How long do we keep your data?

Unit H1 only keeps the data for as long as follow-up actions to the Consultation are necessary with regard to the purpose(s) of the processing of personal data.

All personal data will be deleted from databases 1 year after the last action in relation to the Consultation.

Reports containing personal data will be archived according to the Commission's legal framework

5. How do we protect your data?

All data in electronic format (e-mails, documents, uploaded batches of data etc.) are stored on the servers of the European Commission the operations of which abide by the European Commission’s security decision of 16 August 2006 [C(2006) 3602] concerning the security of information systems used by the European Commission;

6. Who has access to your data and to whom is it disclosed?

The operating DG and the external processor, if any.

Some of the personal data could be published on the Internet or transmitted to other EU Institutions or bodies.

7. What are your rights and how can you exercise them?

According to Regulation (EC) n°45/2001, you are entitled to access your personal data and rectify, block or delete it in case the data is inaccurate or incomplete. You can exercise your rights by contacting the data controller, or in case of conflict the Data Protection Officer and if necessary the European Data Protection Supervisor using the contact information given at point 8 below.

8. Contact information

If you have comments or questions, any concerns or a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller using the following contact information:

The Data Controller:

  • DG Internal Market, Industry, Entrepreneurship and SMEs, Unit H1, COSME Programme, SME Envoys and Relations with EASME
  • Phone +32 2 292 56601
  • Fax +32 2 292 1364
  • e-mail:

The Data Protection Officer (DPO) of the Commission:

The European Data Protection Supervisor (EDPS):

9. Where to find more detailed information?

The Commission Data Protection Officer publishes the register of all operations processing personal data. You can access the register on the following link:

This specific processing has been notified to the DPO with the following reference: DPO-3124

Regulation (EC) N° 45/2001 (OJ L8 of 12/01/2001).