The European High Performance Computing Joint Undertaking (the “EuroHPC JU”), as a body of the European Union, is obliged to comply with the data protection laws specifically applicable to them.
The EuroHPC JU processes personal data collected in accordance with Regulation (EU) 2018/1725 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data.
The EuroHPC JU is established in: 12E rue Guillaume Kroll, L-1882, Luxembourg, Office Drosbach Building (DRB) - Wing E – 1st floor and can be contacted be sending an email to the following email address: email@example.com or by phone to the following number: +352 2812 4500.
The EuroHPC JU, as a controller, maintains a record of processing activities under its responsibility in a central register. In addition, for reasons of transparency (Article 31(5) of Regulation (EU) 2018/1725), the EuroHPC JU’s registry is publicly accessible:
Data Protection Officer
The EuroHPC JU has appointed a DPO. The task of the DPO is to ensure, in an independent manner, that the Union body complies with the data protection law and protects individuals’ rights and freedoms by protecting effectively their personal data. For any questions related to your rights as a data subject, please contact the EuroHPC Data Protection Officer at firstname.lastname@example.org.
Data Protection Principles
Personal data is any information relating to an identified or identifiable person. The complete statement of rights can be found in Article 3 (1) of Regulation (EC) 1725/2018.
The following data protection principles are applicable to all the processing activities that address personal data:
- lawful and fairness: meaning that personal data should be lawfully and fairly processed in accordance with the Regulation (EC) 1725/2018;
- data minimization: meaning that the collection of personal data must be adequate, relevant and not excessive, following a necessity test;
- purpose limitation: meaning that personal data should be obtained only for specified purposes and not further processed in a manner incompatible with those purposes;
- data accuracy: meaning that personal data should be accurate and up-to-date;
- storage limitation: meaning that personal data should not be kept for longer than necessary to complete the indicated purpose;
- data retention: meaning that a specific time limit should be defined for retaining personal data;
- data transfer: meaning that personal data should not be transferred to countries outside the European Union that don’t offer adequate protection;
- accountability: meaning that measures should be implemented and documented in order to guarantee the respect of data protection rules for all processing activities.
Your rights when we process your personal data
When your personal information is processed by EuroHPC JU you have the right to know about it.
By making a written request to the EuroHPC Data Protection Officer data subjects have also the right to:
- access the data processed, collected and used concerning themselves;
- rectify the information in case of inaccuracy and incompleteness;
- block inaccurate data collected;
- under certain conditions, delete the personal data or restrict its use;
- where applicable, object to the processing of your personal data, on grounds relating to your particular situation, at any time, and the right to data portability;
- withdraw their consent if it no longer represents the legal basis of the processing;
- be informed in case personal data is disclosed to any third party.
Without undue delay and in any case within one month of receipt of the request, the EuroHPC JU will provide information on action taken on the data subject’s request to exercise her/his rights. In case of complex or voluminous requests, this period may be extended by another two months, in which case the EuroHPC will inform the data subject.
Your rights on your personal data are stated in Articles 17 to 24 of Regulation (EU) 2018/1725.
How to exercise your data protection rights at the EuroHPC
If the EuroHPC JU is processing your personal data and you would like to exercise your data protection rights, please send us a written enquiry. We cannot accept verbal enquiries (telephone or face-to-face) as we may not be able to deal with your request immediately without first analysing it and reliably identifying you.
You can send your request to the EuroHPC JU by post in a sealed envelope to the following address 12E rue Guillaume Kroll, L-1882, Luxembourg, Office Drosbach Building (DRB) - Wing E – 1st floor or by e-mail to email@example.com. Your request should contain a detailed, accurate description of the personal data you want access to.
Recourse to the EDPS
The Supervisory Authority, in terms of processing personal data, is the European Data Protection Supervisor (EDPS). The EDPS is responsible for the monitoring of European Union institutions and bodies and their compliance with data protection rules, ensuring that the rights to privacy and data protection, as fundamental human rights, are respected. If data subjects consider that the EuroHPC JU has infringed their rights, they can lodge a complaint to the European Data Protection Supervisor (EDPS). The EDPS, after assessing the admissibility, will carry out an inquiry and take appropriate measures to solve it. For more information regarding how to complain to the EDPS, please refer to the EDPS website.