Privacy notice

1. Introduction

The European institutions are committed to protecting and respecting your privacy. As this service/application collects and further processes personal data, Regulation (EC) No45/2001 , of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.

This privacy statement is specifically about our e-learning centre, also known as the Learning Management System (LMS). It tells you what information we collect about you through it, the purpose for which we collect that data and how we do so.

This statement concerns the eu-LISA‘s Learning Management System (LMS). This system is used to plan, organise, manage and evaluate training actions and learning opportunities for staff of eu-LISA. The Data Controller is the Human Resources and Training Unit.



2. Why do we process your data?

Purpose of the processing operation for eu-LISA learners: The Learning and Development Team/HRTU collects and uses your personal information:

  • to plan and organize training activities for the whole of the eu-LISA staff;
  • to manage all the procedures of training actions (create and publish courses, create training applications, validate training requests, register and enrol, follow-up of participation and evaluation)
  • to facilitate learning and internal communication towards different target groups according to their functions or centres of interest
  • to create a training history log for all staff
  • to evaluate the training actions in view of quality control and
  • to evaluate participants learning status in view of career steps according to staff regulations


3. Which data do we collect and process?

Data subjects are:

All staff members (including internal trainers, intramuros and interns). The Learning Management System keeps logs of the staff member’s activity within the LMS. This includes enrolment to courses, time spent in courses, grades, viewing of resources and any other activity carried out within the system. We are not going to use personal information which is not relevant to the Learning and Development function. We may use generalised information for the purposes of administering and improving the online learning platform, improving our services or communicating with users.



4. How long do we keep your data?

eu-LISA only keeps the data of the course participants for the time necessary to fulfil the purpose of collection or further processing

1. All training records are kept for the duration of the staff member‘s career and for ten years after that staff member leaves the employment. Certain data need to be conserved for a longer period if they are related to ongoing rights and obligations, i.e. certification of participation in a training.

This is particularly important for training activities that have an impact on the career path of the staff member, i.e. for language training connected to Article 45(2) (proficiency in a third language before promotion) and for training of a compulsory or pre-requisite nature.

2. Presence lists of the training actions that are completed are kept in paper version for the periods determined under the Financial Regulations as justification document for the payment of the external contractor‘s invoices.



5. Who has access to your data and to whom is it disclosed?

Access to your data is provided to authorised staff according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements.

  1. Learners can access details of their learning history and planned learning activities
  2. Course managers for the planning, organisation, management and evaluation of courses and learning opportunities
  3. Learning and Development Team for the planning, organisation, management and evaluation of learning and development opportunities in their DG, service, institution, agency or body and the monitoring of their learning and development budget.
  4. Line managers for the validation of the learning requests of their staff, as well as for human resources management and career development of staff.
  5. Platform Administrators


6. What are your rights and how can you exercise them?

According to Regulation (EC) no45/2001, you are entitled to access your personal data and rectify and/or block it in case the data is inaccurate or incomplete. You can exercise your rights by contacting the data controller, or in case of conflict the Data Protection Officer and if necessary the European Data Protection Supervisor using the contact information given at point 8 below.



7. Contact information

If you have comments or questions, any concerns or a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller using the following contact information:

The Data Controller: eu-LISA – eulisa-LEARNING@eulisa.europa.eu

The Data Protection Officer (DPO) of eu-LISA: dpo@eulisa.europa.eu

The European Data Protection Supervisor (EDPS): edps@edps.europa.eu.



9. Where to find more detailed information?

The Commission Data Protection Officer publishes the register of all operations processing personal data. You can access the register on the following link : \\nas-tll\nastll\COMMON\DATA PROTECTION\Register_Public.xlsx or further information on DPO here: https://intranet.eu-lisa.eu.int/team/DataProtection/SitePages/Home.aspx