Privacy Policy

This privacy statement concerns the staff of the European Schools, the Office of the Secretary-General of the European Schools, the staff of the Accredited European Schools where applicable and other external personnel (trainees, external trainers and contractors, staff of external organisations, guest users). 

1. Introduction 

This privacy statement concerns the staff of the European Schools, the Office of the Secretary-General of the European Schools, the staff of the Accredited European Schools where applicable and other external personnel (trainees, external trainers and contractors, staff of external organisations). 

The Office of the Secretary-General of the European Schools (hereafter ‘OSGES’) is committed to protecting your personal data and to respecting your privacy. 

OSGES is committed to respecting your privacy and to complying with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, referred to as the ‘GDPR’). 

This privacy statement explains the reason for the processing of your personal data, the way we collect, handle, and ensure protection of all personal data provided, how that information is used and what rights you have in relation to your personal data. 

It also specifies the contact details of the responsible Data Controller with whom you may exercise your rights, the Data Protection Officer and OSGES. 

The information in relation to processing operation “online CPD platform”, commonly known as “the Platform” undertaken by OSGES is presented below.  

2. Why do we process your data? 

We process your data for the following purposes:  

  • to provide staff and externals with an access point for training to a centralized repository of training resources and courses.
  • to keep track of professional development opportunities in which they have participated, to deliver the training and to receive the certificates of completion.
  • to create courses at central level. 

Reporting will be done on aggregated data. 


You can find further details in this section: 

OSGES collects and uses personal information to optimise the access of staff to learning and development opportunities. Data is collected in order to identify the users on the platform as well as their interaction with the platform contents for continuous professional development purposes.  The online CPD platform (“The Platform”) allows staff to identify and register for courses and other learning-related activities which are appropriate for their current and future jobs within the European School system. Depending on the staff relationship with the OSGES, this training is aimed at complying with: 

  • Regulations for members of the Seconded Staff of The European Schools (2011-04-D-14). Chapter I, Article 14. 
  • Service Regulations for the Locally Recruited Teachers in the European Schools (2016-05-D-11). Chapter IV, Article 21. 
  • Service Regulations for Locally Recruited Managerial Staff of the European Schools (2020-04-D-23). Chapter IV, Article 15. 
  • Service Regulations for the Administrative and Ancillary Staff (AAS) of the European Schools approved by the Board Of Governors at its meeting in Lisbon on 17-18 April 2007 (2007-D-153). Chapter III, Article 14. 
  • Regulations on Accredited European Schools (2019-12-D-12). Title III, Article 17.

Please refer to the European Schools website for the latest updates on the above-mentioned documents.

It also allows the OSGES to organise and manage training actions and learning opportunities. The underlying aim of the online CPD platform is to improve the quality of the European School system and the efficiency of its institutions. 

This implies:

  • to plan and organize learning and continuous professional development activities for the staff;
  • to manage the procedures of learning actions (create and publish courses, publish multi-media learning content (documents, recordings, etc), provide access to external learning platforms / third-party content providers, create training applications, validate course enrolment requests, register, and enrol, enter test results, follow-up of participation and evaluation);
  • to facilitate internal communication towards different target groups according to their functions or centres of interest;
  • to evaluate the learning actions in view of quality control;

3. On what legal grounds do we process your personal data? 

If you are an OSG or ES staff, we process your data based on article 6.1 (C) necessity for compliance with a legal obligation to which the controller is subject.

If you are external, we process your data based on article 6.1 (a) consent.

We process your personal data because of the specific regulations regarding training and continuous professional development for the staff of the European School system:  

  • Regulations for members of the Seconded Staff of The European Schools (2011-04-D-14). Chapter I, Article 14.
  • Service Regulations for the Locally Recruited Teachers in the European Schools (2016-05-D-11). Chapter IV, Article 21.
  • Service Regulations for Locally Recruited Managerial Staff of the European Schools (2020-04-D-23). Chapter IV, Article 15.
  • Service Regulations for the Administrative and Ancillary Staff (AAS) of the European Schools approved by the Board Of Governors at its meeting in Lisbon on 17-18 April 2007 (2007-D-153). Chapter III, Article 14.
  • Regulations on Accredited European Schools (2019-12-D-12). Title III, Article 17.

Please refer to the European Schools website for the latest updates on the above-mentioned documents.

4. Which data do we collect and process? 

To carry out this processing operation, OSGES collects the following categories of personal data:

The following data are generated in the online CPD platform: 

  • Participation in learning activities (learning history).
  • Evaluation of the training course and the trainer (entered anonymously by the learners)
  • Test scores either entered by the trainer or the outcome of an online test 
  • Skills and skill levels acquired as a result of learning activities, assessments or self-declaration 
  • Attendance data of the learner in classroom courses (registered by the platform, entered by the trainer, the contractor or the course manager) 
  • Staff of the European School system: set up the profile of external trainers/contractors in order to grant them the required access to mark presences and enter test scores of participants. 
  • Professional data about internal staff (@eursc.eu) in the online CPD platform come from HR / ICT user database: full name, professional e-mail address, work location, role. 
  • Professional data about external staff (non @eursc.eu) in the online CPD platform is provided by the users on a voluntary basis: full name, professional e-mail address, work location, role.
  • For external trainers, OSGES needs to receive some basic information related to the contractual relationship. Course managers in OSGES create a profile in the online CPD platform. An email is sent to the external trainers explaining how to access the platform to perform their service. 
  • In the near future, access to third-party content providers could be necessary to participate in specific training activities. This privacy policy will be updated and announced when this happens. 
  • For guest access users, the data collected is: 
    • if unregistered: no data is collected. 
    • if voluntarily registered (when available): (full) name, e-mail address, other information on a voluntary basis.  

5. How long do we keep your data? 

OSGES only keeps your personal data for the time necessary to fulfil the purpose of collection or further processing, namely for:

  • Training records are kept for the duration of the career of the staff member and 3 years after the end of service or contract.   
  • Evaluation forms are kept depending on the use of the training and deleted no later than 1 year after the end of the course.  
  • For external (non "eursc.eu") users (AES staff, external experts, guests) who may access the platform for specific courses, and accredited European schools' users the account will be suspended at the end of the school year. Data will be deleted automatically six months after suspension unless the user requests to reactivate the account.  

6. How do we protect your data? 

The OSGES’ contractors are bound by a specific contractual clause for any processing operations of your data on behalf of the OSGES, and by the confidentiality obligations deriving from the transposition of the General Data Protection Regulation in the EU Member States (‘GDPR’ Regulation (EU) 2016/679). 

To protect your personal data, the OSGES has put in place a number of technical and organisational measures in place. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, the creation of a pseudonym, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to the personal data solely to authorised persons with a legitimate need to know for the purposes of this processing operation. 

7. Who has access to your data and to whom is it disclosed? 

Access to your personal data is provided to the OSGES staff responsible for carrying out this processing operation and to authorised staff according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements.  

  • Participants of the online CPD platform can access details of their learning history, current and planned learning activities as well as data held in their personal profile, including results of the continuous assessments and final tests, competences/skills and corresponding proficiency levels. They can download their learning history in the available formats. For specific learning spaces (as professional communities), participants may also be able to see the first name, last name, email address and the school / institution of other participants who are registered in the same course or community of practice as they are.  
  • Course managers (i.e., staff responsible for planning and administering courses) have access to specific data for the planning, organisation, management, and evaluation of courses and learning opportunities. 
  • Trainers (internal staff or external experts) can access details of their course, the participants in the courses for which they are the trainer and test results of data subjects/participants in the course they teach. Trainers may receive anonymous statistics about the ratings of the course and the trainer, submitted by the participants.  
  • The contractors (external training service providers) may have access to the data of the courses they are contracted to deliver and manage. 
  • Suppliers of externally hosted online learning-related platforms that don’t use sub-processors outside the EU, will have access to the identification data required to access the platform (usually first name, last name and email address) and to the results of the learning-related activities that occurred on their platform.
  • System administrators have access to all above mentioned data and any activity in the system. The collected information will not be given to any third party, except to the extent and for the purpose we may be required to do so by law. 

8. What are your rights and how can you exercise them? 

You have specific rights as a ‘data subject’ under Regulation (EU) 2016/679, in particular the right to access, rectify or erase your personal data and the right to restrict the processing of your personal data. Where applicable, you also have the right to object to the processing or the right to data portability. 
 
You can exercise your rights by contacting the Data Controller, or in case of conflict the Data Protection Officer. If necessary, you can also address the Belgium Data Protection AUthority. Their contact information is given under Heading 9 below.

Where you wish to exercise your rights in the context of one or several specific processing operations, please provide their description in your request.

9. Contact information 

If you would like to exercise your rights under Regulation (EU) 2016/679, or if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller, OSGES (OSG CONTACT <OSG-CONTACT@eursc.eu>). 

You may contact the Data Protection Officer (OSG DATA PROTECTION OFFICER <OSG-DATA-PROTECTION-OFFICER@eursc.eu>) with regard to issues related to the processing of your personal data under Regulation (EU) 2016/679.  

If you consider that OSGES has not complied with the data protection laws applicable (including the GDPR) or that your rights have been infringed as the result of the processing of your personal data, you have the right of recourse and can contact the  Belgian National Supervisory Data Protection Authority. 

Autorité de protection des données
Rue de la Presse 35, 1000 Bruxelles,
Contact avec l'autorité de protection des données:

J’accepte la Privacy Policy.
Retour en haut