ENISA Trust Services Forum and the CA-Day are two consecutive events organised by the European Union Agency for Network (ENISA) and D-TRUST a company of the Bundesdruckerei group respectively.
The joint data controllers for the processing of your personal data in the context of this event are both ENISA (Core Operations Department) and D-TRUST.
ENISA and D-TRUST are both responsible for the overall organisation of the events as well as the communication with the participants before and after the end of the event. ENISA will maintain and manage the web page for the online registration of the participants for both events.
ENISA processes personal data in accordance with the Regulation (EU) 2018/1725 [1] on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data.
D-TRUST processes personal data in accordance with the new Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG (new)), and the EU Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data[2]. The legal basis for the processing of data are Articles 6(a) and 6(b) of EU Regulation 2016/679.
The purpose of the processing of personal data is to register interested persons to both events, provide access to the conference venue, maintain the participants’ list, as well as allow the follow up of the event, including feedback collection and specific communication activities.
The following personal data are collected: first name, last name, title (optional), organisation, e-mail address.
The recipients of your data will be ENISA and D-TRUST staff involved in the organisation of both events . Access to the data can be also granted to national and EU bodies charged with monitoring or inspection tasks in application of national or EU law (e.g. internal audits, European Anti-fraud Office – OLAF).
The final participants’ list (first name, last name, and organisation) will be kept for a maximum period of five years after the end of the event for auditing purposes. Email addresses and all optional contact data will be kept for a maximum period of six months after the end of the event (unless otherwise indicated, e.g. if the event participant has indicated upon registration that he/she wishes to be further informed by ENISA and/or D-TRUST about future events and activities).
You have the right to access your personal data and the right to correct any inaccurate or incomplete personal data. If you have any queries concerning the processing of your personal data, you may address them to ENISA at isdp [at] enisa . europa . eu . You many also contact the ENISA DPO at dataprotection [at] enisa . europa . eu .
You shall have right of recourse at any time to the competent supervisory authorities: European Data Protection Supervisor (https://edps.europa.eu) and Berlin Data Protection and Freedom of Information Commissioner (https://www.datenschutz-berlin.de).
[1] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32018R1725
[2] https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN