FOR PREVIEWING & TESTING PURPOSES ONLY.
This notification will disappear once the page will be published.
This link is available for less than 30 minutes.
  • Лесно за четене
  • Размер на шрифта
Европейски омбудсман
Европейски омбудсман

Искате да подадете жалба срещу институция или орган на ЕС?

Подаване на жалба
Подаване на жалба
Език на преглед в момента: 
  • English
Налични езици: 
Преводът на страницата ще бъде на разположение след няколко минути. Ще бъдете уведомени веднага щом той бъде готов.

Public record of processing activity: Selection of officials and other agents within the European Ombudsman’s Office

Запис на длъжностно лице по защита на данните - Дата Понеделник | 25 май 2020

European Ombudsman

Public record of processing activity:

Selection of officials and other agents within the European Ombudsman’s Office

1. Last update of this record: 06/01/26

2. Reference number: 2/2020

Ares reg.number: Ares(2026)215781

3. Name and contact details of the controller:

European Ombudsman, 1 avenue du Président Robert Schuman, CS 30403, F-67001 Strasbourg Cedex -

Contact: Directorate for Administration- HR services

EO Career

4. Name and contact details of the Data Protection Officer:

Ms Francesca Pavesi, DPO

Mr Nicholas Hernanz, Deputy DPO

Functional e-mail address: EO DPO

5. Name and contact details of the processor:

N/A

6. Name and contact details of the joint controller(s):

N/A

7. Purpose(s) of the processing:

To identify candidates for filling vacancies in the EO Office and to carry out the relevant selection procedure.

8. Description of the categories of data subjects and of the categories of personal data:

Candidates provide their data through the online (website) application tool. For carrying out the selection procedure, the data is imported to an IT tool designed to support and facilitate the procedure.

 

- Categories of data subjects:

Candidates applying to vacancy notices/calls for expression of interest for permanent or temporary or contract posts in the EO Office

- Categories of personal data:

1) Data provided by the candidates on the website:

  • basic personal information (first name, last name, nationality, telephone number);
  • information contained in the CV (education, work experience, language proficiency etc.);
  • if required , copies of a document proving the applicant’s citizenship;
  • if necessary, a statement declaring any disability to ensure that the necessary accessibility measures can be put in place;
  • for candidates who are EU staff members, the administrative status (i.e., established official, temporary agent, etc.), the institution where they work, the title of their current post, and their current grade;
  • information contained within any motivation letter;
  • copies of the candidates’ diplomas;
  • copies of the candidates’ staff reports, if required;
  • copies of evidence of professional experience, if required;
  • replies of the candidates to the case studies, if applicable.

2) Data processed by the staff members of the Directorate for Administration- HR services responsible for the selection procedures. These data are stored in a shared folder in the EO server such as:

  • the decisions appointing the Advisory Selection Committees,
  • the eligibility notes signed by the Advisory Selection Committee and approved by the Ombudsman;
  • the candidates’ evaluation grids;
  • the pre-selection notes submitted to the European Ombudsman.

The staff members of the Directorate for Administration- HR services also process the requests for review/for information submitted by the candidates by email and the relevant replies, and store them in the functional mailbox “Career”.

9. Time limit for keeping the data and, where possible, for erasure:

Candidates’ data submitted to the website are kept in their online personal account for two years, in case candidates wish to apply to future vacancies. If candidates do not connect to their account within two years, the account and the data contained in it are automatically deleted after a notification email is sent to them. 

Data of unsuccessful candidates is deleted from the selection tool, from the electronic folder in the EO server and from the functional mailbox “Career” two years after the end of the selection procedure.

Data of recruited candidates is kept for a period of 10 years as of the termination of employment, or the last pension payment, after which time it is destroyed.

Part of the data (nationality, gender, country of residence, application dates, registration number of the application, reference number of the selection procedure, year of birth and languages spoken) isanonymised and kept for statistical purposes only.

10. Recipients of the data:

The European Ombudsman, the Secretary General (SG), the staff members of the Information and Technology Sector responsible for administering the data submitted online, the Directorate for Administration- HR services staff members responsible for selection procedures, and the members of the Advisory Selection Committee.

Upon request made to the HR services, the SG’s team (if applicable) may consult the CV, the motivation letters and the replies to the case studies of the successful candidates.

11. Are there any transfers of personal data to third countries and/or to International Organisations?:

N/A

12. General description of security measures

Data is collected online in secure mode. Access to the data on the website is protected by the password of the applicant’s choice. The electronic data is stored on the website and on the Ombudsman’s servers (selection tool and shared folder). Data is protected by numerous security measures set up by the ICT staff members to protect the integrity and confidentiality of the institution's electronic property.

Access to personal data is protected through the management of access rights, which are strictly limited, under the ‘need to know’ principle, by the user’s remit.

Candidates may choose to use the Multi-Factor Authentication (MFA) available on the EO website. When they enable MFA, the system generates a long-term cryptographic key (a TOTP seed – Time-Based One-Time Password seed). This key is stored by the EO, encoded in a QR code, and scanned by the candidates into their authenticator application, where it is also stored. The secret key is then used locally by the application on the candidates’ phone to generate a 6-digit TOTP verification code, which changes every 30 seconds. The authenticator application operates independently on the candidates’ device, and no data are transmitted back to the EO by the application

13. Information on how data subjects can exercise their rights of access and rectification, and where applicable, of erasure, restriction and data portability

Data subjects have the right of access to their own personal data and to relevant information concerning how the EO uses it. They have also a right to request rectification of any incomplete or inaccurate data concerning them, if the confidentiality of the deliberations and decision-making of the selection advisory committee is safeguarded, along with the rights of other candidates.

Candidates can rectify identification data at any time during the procedure.

Concerning data related to admissibility or assessment, the right of rectification can be exercised up until the closing date for the submission of applications.

Data subjects have a right to object to the use of their data by the European Ombudsman on grounds relating to their particular situation, at any time. Under certain conditions, they have the right to ask that the EO delete their personal data or restrict its use.

At any time, data subjects may ask the EO information concerning the processing of their personal data by (EO Career). If requested, the EO will provide them with a copy of their data undergoing processing, also by e-mail. Requests from data subjects shall be dealt within one month.

Data subjects may also contact the EO’s Data Protection Officer at : EO DPO

If they wish to complain about the Ombudsman’s handling of their personal data, they may contact the European Data Protection Supervisor (www.edps.europa.eu) at the following address: EDPS@edps.europa.eu

Privacy Statement relating to the selection of officials and other agents within the European Ombudsman’s Office

This privacy statement explains the reason for collecting and processing the applicants’ data; the way the European Ombudsman (EO) collects, handles and ensures protection of the data provided; how this information is used; and what rights the candidates may exercise in relation to their data.

The controller is the European Ombudsman.

1. What personal data will the European Ombudsman process?

Applicants provide their data through the online (website) application tool.

For carrying out the selection procedure, the data is imported to an IT tool designed to support and facilitate the procedure.

This data generally include, but are not limited to:

  • basic personal information (first name, last name, nationality, telephone number);
  • information contained in the CV (education, work experience, language proficiency etc.);
  • if required , copies of a document proving the applicant’s citizenship;
  • if necessary, a statement declaring any disability to ensure that the necessary accessibility measures can be put in place;
  • for candidates who are EU staff members, the administrative status (i.e., established official, temporary agent, etc.), the institution where they work, the title of their current post, and their current grade;
  • information contained within any motivation letter;
  • copies of the candidates’ diplomas;
  • copies of the candidates’ staff reports, if required;
  • copies of evidence of professional experience, if required;
  • replies of the candidates to the case studies, if applicable.

The staff members of the Directorate for Administration- HR services responsible for selection procedures also process data, stored in a shared folder in the EO server, such as: the decisions appointing the Advisory Selection Committees, the eligibility notes signed by the Advisory Selection Committee and approved by the Ombudsman; the candidates’ evaluation grids; the pre-selection notes submitted to the EO.

The requests for review/for information sent by the candidates by email and the relevant replies are stored in the functional mailbox “Career”.

2. Why does the European Ombudsman process these personal data?

The purpose of the data processing is to identify candidates for filling vacancies in the EO Office and to carry out the relevant selection procedure.

3. What is the legal basis and necessity for processing this data?

The legal basis of the procedure underpinning the selection of officials and other agents is the Staff Regulations (and particularly Article 27-34), the Conditions of Employment of Other Servants of the EU and the Decision of the European Ombudsman of 1st December 2014 adopting general implementing provisions relating to the engagement and the use of contract staff.

Processing is necessary for the performance of a task carried out in the public interest (Article 5(1)(a) of Regulation 2018/1725).

4. Who is responsible for processing the data?

The Information and Communication Technologies (ICT) staff members of the European Ombudsman manage the data submitted to the website. The Directorate for Administration- HR services and the ICT staff members manage the selection tool.

5. Who will be the recipients of the data?

The European Ombudsman, the Secretary General (SG), the staff members of the ICT responsible for administering the data submitted online, the staff members of the Directorate for Administration- HR services and the members of the Advisory Selection Committee. Upon request made to the HR services, the SG’s team (if appropriate) may consult the CV, the motivation letters and the replies to the case studies of the successful candidates.

6. How long will the data be kept?

Applicants’ data submitted to the website are kept in their online personal account for two years, in case applicants wish to apply to future vacancies. If applicants do not connect to their account within two years, the account and the data contained in it are automatically deleted after a notification email is sent to the applicant.

Data of unsuccessful applicants is deleted from the selection tool, from the shared folder in the EO server and from the functional mailbox “Career” two years after the end of the selection procedure.

Data of recruited candidates is kept for a period of 10 years as of the termination of employment, or as of the last pension payment after which time it is destroyed.

Part of the data (nationality, gender, country of residence, application dates, registration number of the application, reference number of the selection procedure, year of birth and languages spoken) is anonymised and kept for statistical purposes only.

7. How do we protect the data subject’s data?

Data is collected online in secure mode. Access to the data on the website is protected by the password of the applicant’s choice.

The electronic data is stored on the website and on the Ombudsman’s servers (selection tool and shared folder). Data is protected by numerous security measures set up by the ICT staff members to protect the integrity and confidentiality of the institution's electronic property.

Access to personal data is protected through the management of access rights, which are strictly limited, under the ‘need to know’ principle, by the user’s remit.

Candidates may choose to use the Multi-Factor Authentication (MFA) available on the EO website. When they enable MFA, the EO system generates a long-term cryptographic key (a TOTP seed – Time-Based One-Time Password seed). This key is stored by the EO, encoded in a QR code, and scanned by the candidates into their authenticator application, where it is also stored. The secret key is then used locally by the application on the candidates’ phone to generate a 6-digit TOTP verification code, which changes every 30 seconds. The authenticator application operates independently on the candidates’ device, and no data are transmitted back to the EO by the application.

8. What are your rights and how can you exercise them?

You have the right of access to your own personal data and to relevant information concerning how we use it.

You have also a right to request rectification of any incomplete or inaccurate data concerning you, provided that the confidentiality of the deliberations and decision-making of the selection advisory committee is safeguarded, along with the rights of other applicants. Applicants can rectify identification data at any time during the procedure. Concerning data related to admissibility or assessment criteria, the right of rectification can be exercised up until the closing date for the submission of applications.

You have a right to object to the use of your data by the European Ombudsman on grounds relating to your particular situation, at any time.

Under certain conditions, you have the right to ask that we delete your personal data or restrict its use.

The European Ombudsman will reply to your requests as soon as possible and within one month at the latest.

9. Who to contact in case of queries or complaints concerning data protection issues?

At any time, you may send data protection related questions concerning the selection procedure of officials and other agents within the Office to the European Ombudsman, at the following address: EO Career

Directorate for Administration- HR services

European Ombudsman

1 avenue du Président Robert Schuman

CS 30403

F-67001 Strasbourg Cedex

You also may contact the Data Protection Officer of the European Ombudsman at the following address: EO DPO

You may lodge a complaint with the European Data Protection Supervisor at any time at the following address: EDPS@edps.europa.eu

 

Изтеглете тази публикация в PDF формат (490.47 KB)