Introduction

The European Space Agency (herein the “Agency” or “ESA”) is an intergovernmental organisation established by its Convention opened for signature in Paris on 30 May 1975 having its headquarters located at 24 rue du Général Bertrand, CS 30798, 75345 Paris Cedex 07, France.

Protection of Personal Data is of great importance for ESA, which strives to ensure a high level of protection as required by the ESA Framework on Personal Data Protection (herein the “ESA PDP Framework”) which applies in this field. ESA implements appropriate measures to preserve the rights of data subjects, to ensure the processing of personal data for specified and legitimate purposes, in a not excessive manner, as necessary for the purposes for which the personal data were collected or for which they are further processed, in conditions protecting confidentiality, integrity and safety of personal data and generally to implement the principles set forth in the PDP Framework, available at: http://www.esa.int/About_Us/Law_at_ESA/Highlights_of_ESA_rules_and_regulations
ESA PDP Framework is composed of the following elements:

• the Principles of Personal Data Protection, as adopted by ESA Council Resolution (ESA/C/CCLXVIII/Res.2 (Final)) adopted on 13 June 2017;
• the Rules of Procedure for the Data Protection Supervisory Authority, as adopted by ESA Council Resolution (ESA/C/CCLXVIII/Res.2 (Final)) adopted on 13 June 2017; and
• the Policy on Personal Data Protection adopted by Director General of ESA on 5 February 2018 and effective on 1 March 2018.

This notice is intended to inform you, as data subject, about:

• the identity of the data controller and contact details of ESA Data Protection Officer ("DPO");
• the type of personal data which is collected and processed;
• the modalities of collection of personal data;
• the purpose of the collection and processing;
• the recipients (if any) to whom the personal data of the data subject shall be disclosed;
• the time-limits for storing the personal data;
• the practical modalities of exercising the rights of the data subject under the ESA PDP Framework.

This notice is also enables ESA to obtain your consent relating to the collection and further processing of your personal data, under ESA PDP Framework.

(1) Who is the Data Controller ?

Your personal data are collected and further processed as shown below upon the decision taken alone by ESA. Thus the Data Controller is ESA.

(2) What are the contact details of ESA Data Protection Officer?

According to ESA PDP Framework, your first point of contact concerning personal data matters is the ESA Data Protection Officer ("DPO"), who may be contacted at DPO@esa.int For further information on the situations in which you may contact the ESA DPO, please refer to the questions below.

(3) What kind of personal data about you are collected and further processed?

The personal data which may be collected and further processed for the purposes mentioned below are in particular:

• First Name
• Last Name
• Affiliated Company
• Country
• E-mail
• Information in connection with your use of the website, such as information in server logs, including information on how the website was used by you, your search queries
• Cookies
• IP (internet protocol) address and data about your system activity

You are required not to send to the Agency any sensitive information (including information that indicate, directly or indirectly, the personnel’s ethnic origin, political opinions, adhesion to unions, parties etc., health situation, sexual orientation).

(4) How are your personal data collected or further processed?

Your personal data may be collected by various means, including via:

• enquiry
• registration
• direct interaction with the website

(5) Why are your personal data collected and further processed?

Your personal data are collected and further processed so that:

• provide you access to, and enable the use of the website;
• send you notifications in connection with the scope of the website;
• to send you newsletters and new features in relation the website;
• to communicate your personal data to third-parties collaborators, contractors and/or partners involved in the development and maintenance of the website;
• other purposes that will be disclosed to you when such information is requested;
• The information is used for aggregated on the use of this website, authentication on the website as well as to enable interaction on the website.
• may be used to categorise the browser on your computer and support us in storing user preferences and usage trends an aggregated basis.

In addition to these purposes, the Agency may use your personal information for any of the purposes mentioned in Article 5 of the Policy on Personal Data Protection.

(6) To whom might we disclose your personal data?

The Agency may disclose your personal data to any of the following third party recipients for the fulfilment of all or part of the purposes of the collection and processing of personal data, which are mentioned above:

The Agency does not consider your personal data as an asset for sale and, thus, does not does not sell your personal data to any third parties.

(7) How long do we retain your personal data for?

The Agency may keep your personal data for as long as necessary for the fulfilment of the above mentioned purposes. Your Personal Data shall be deleted thereafter.

(8) How can you erase, rectify, complete or amend your personal data?

The Agency is keen to collect and process accurate personal data and to keep it to date.
You may request the erasure, rectification, completion or amendment of your personal data if, and to the extent that it is inaccurate or incomplete, having regard to the purposes for which they are collected and processed, or if they are processed in violation with the principles referred in ESA PDP Framework.
If you choose to make a request for the erasure of personal data, you understand and agree that that your account will be deleted and you will no longer be able to use the website.

The above-mentioned request should be submitted to the ESA DPO, as first point of contact, by sending an email to: DPO@esa.int copy to due@esa.int

You may also be allowed access to your personal data and have the possibility to erase, rectify, complete or amend it, according to the following modalities:

• by accessing your account after "Log in"

If you do not remember your password, you can reset your password by clicking "Forgot your password"

If you're unable to access your account, please contact due@esa.int for assistance.

Use of cookies

Cookies are pieces of information that a website transfers to an individual hard drive for record-keeping purposes; passwords are not saved in cookies. Cookies help ESA to know which pages are visited most often and helps ESA to ensure that its website responds to users needs.

If you do not wish to receive a cookie, or if you wish your browser to notify you when you receive a cookie, you may use the option on your web browser to disable cookies. Click on the 'help' section of your browser to learn how to change cookie preferences. However, please note that if you disable all cookies you may not be able to take advantage of all the features available on this website.

ESA does not use personal identification details transferred through cookies either for promotion or marketing purposes, nor will such information be shared with a third party.