Skip to main content
European Union flag
Log in
Community Message
Membership to the Community Portal is only available to Community members.
Select Accept to continue to the Login page.

Online abuse – get help, report it!

Contact a helpline

Privacy statement

Privacy statement for the BIK community

PROTECTION OF YOUR PERSONAL DATA

Processing operation: Processing of personal data within the Better Internet for Kids (BIK) Community area (hereinafter “the community”).

Controller: European Commission, Directorate-General for Communications Networks, Content and Technology and Directorate-General for Communications Networks, Content and Technology (CNECT), Unit G3: Accessibility, Multilingualism and Safer Internet (hereinafter “Unit G.3”).

Processor: EUN partnership aisbl (hereinafter “European Schoolnet”), Rue de Trèves, 61 (3rd floor), 1040 Brussels, Belgium.

Sub-Processor: INHOPE (Co-Office), Bos-en Lommerplein 280, 1055RW, Amsterdam, The Netherlands

Record reference: DPR-EC-09707.2

  1. Introduction

This privacy statement concerns the data processing activities related to the to the Better Internet for Kids (BIK) community, administrated by Unit G.3 and European Schoolnet on behalf of Unit G.3.

It explains the reason for the processing, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you may exercise in relation to your data. The European Commission is committed to protecting and respecting your privacy. As this service collects and further processes personal data, specific data protection rules apply.

  1. Why and how do we process your personal data?

We collect and use your personal information to administer the community managed by European Schoolnet on behalf of Unit G.3. Collecting and using your data enables us to establish your membership within the community, to contact you with regard to online and offline activities relating to the community and ensure your participation therein, and to have an overview of the various types of members of the community.

Please note that the BIK Platform is composed of the BIK Portal, which is public and the BIK Community which is the private sign-in area for registered users. This statement covers the BIK Community only. For further information on the processing of your personal data on the BIK Portal please refer to the Privacy Statement for the BIK Platform available at https://better-internet-for-kids.europa.eu (for more information, please consult the Data Protection Record DPR-EC-00083 for Commission websites within the Europa.eu domain). 

  1. On what legal ground(s) do we process your personal data

The processing operations for the organisation and management of the community are lawful under Article 5(d) of Regulation (EU) 2018/1725, as the user provides their consent before becoming a member.

We have obtained your consent directly from you. You have given it by consenting to the processing of your personal data to become a member of the community during your registration process to the community. 

  1. Which personal data do we collect and further process

We process personal data necessary for the creation of your account on the website, which allows you to participate in the community, and for the organisation and management of the community.

Mandatory processing of personal data: 

  • To access the community, you must have an EU login account, which entails the processing of your first name, surname and e-mail address (collected from EU login services) These data become part of your user account; 
  • Country (required to complete your profile as a member of the community);
  • Organisation (required to allow access and browse the community pages).

Optional fields you can fill in when creating a profile include, in particular:

  • Pronoun
  • Salutation
  • Mobile number
  • Picture
  • Free text profile description 
  • Personal website

Registered users of the community can in any case provide additional information, some of which may contain personal data:

  • Resource or helpline cases;
  • Assessment platform submissions;
  • Free text fields and comments;
  • Pictures, text files;
  • Links, e.g. to videos.

Please note that Unit G.3 does not request nor expect that participants to the community to include (i) special categories of data under Article 10(1) of Regulation 2018/1725 (that is “personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”) or (ii) personal data related to criminal convictions and offences as provided for in Article 11 of Regulation 2018/1725, related to themselves or to third persons in their contributions to the community. Should participants nevertheless volunteer such special categories of personal data, these would be processed on the basis of Article 10(2)(a), that is to say explicit consent of the data subjects. The moderator might decide to delete such personal data on the basis of a case-by-case assessment.

The system administrator also processes personal data collected through CNECT Analytics (functional cookies), whose list is here: Europa Analytics

  1. How long do we keep your personal data?

 Unit G.3 keeps your personal data pertaining to you as a community user (all personal data that is mandatory to create an account) for as long as the support service is provided to you and this data will be retained for 5 years after your last date of login. 

Unit G.3 keeps your personal data pertaining to the community services (such as posted content) for 5 years after your last date of login.

Your personal data will be deleted from the platform before the end of the five-year retention period, upon request (see Contact Information in Section 9. below). 

Personal data collected through CNECT Analytics is deleted no longer than 13 months after logging out the community. 

  1. How do we protect and safeguard your personal data?

All personal data in electronic format (e-mails, documents, databases, uploaded batches of data, etc.) are stored on the servers of the Commission and European Schoolnet. All processing operations are carried out pursuant to Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the Commission.

In order to protect your personal data, the Commission and European Schoolnet have put in place a number of technical and organisational measures. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to the personal data solely to authorised persons with a legitimate need to know for the purposes of this processing operation.

The Commission’s processor (contractor), European Schoolnet, is bound by a specific contractual clause for any processing operations of your personal data on behalf of the Commission. European Schoolnet has to put in place appropriate technical and organisational measures to ensure the level of security, required by the Commission.

  1. Who has access to your personal data and to whom is it disclosed?

Access to your personal data is provided to Unit G.3 staff dealing with this processing operation as well as by European Schoolnet’s staff on a “need to know” basis.

Assessment platform submission reports are shared with European Schoolnet’s subcontractor, INHOPE, who analyse the assessment platform submissions to produce quarterly hotline reports. The personal data included in these reports are:

  • Name and surname of the submitter
  • Email address of the submitter
  • Country of the submitter
  • Organisation
  • Any non-requested personal data in the context of your submission.

Your data is visible to the other members of the community users. They can see:

  • Your profile information, including your picture, first name, last name, country, and profile text description. 
  • The content you upload and share (e.g. your posts, documents you upload).

The information collected will not be given to any other third party than the ones mentioned previously in this statement, except to the extent and for the purpose we may be required to do so by law.

External links disclaimer

Content made available within the community (e.g. content posted by other users, including users part of the European Schoolnet staff) may contain “external links” to other websites, which may not be owned or funded by the European Commission, over which Commission services have no control and for which the Commission assumes no responsibility.

When visitors to this website choose to follow a link to any external website, they leave the official domain of this website, and are subject to the cookie, privacy and legal policies of the external website. Our use of third-party IT tools to connect to those services does not set cookies when our website pages are loaded on your computer (or other devices), nor are you immediately redirected to those social media or other websites. Only in the event that you click on a button/link or “play” on a video to watch it, a cookie of the social media company concerned will be installed on your device. If you do not click on any social media buttons/links or videos, no cookies will be installed on your device by third parties. 

Compliance with applicable data protection and accessibility requirements of external websites linked to from Commission websites falls outside the control of the European Commission and is the explicit responsibility of the external website.

  1. What are your rights and how can you exercise them? 

You have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU) 2018/1725, in particular the right to access your personal data and to rectify them in case your personal data are inaccurate or incomplete. Under certain conditions, you have the right to erase your personal data, to restrict the processing of your personal data, to object to the processing and the right to data portability.

As a user of the community, you can modify or delete your posted content.

As a user, you can terminate your account. You may also ask Unit G.3 to remove your profile. Your created content on the platform will then be pseudonymised or deleted, at your choice.  If pseudonymized, your name will be changed to "unknown unknown", but the content will remain on the community page. 

Insofar you have consented to the certain processing of your personal data to Unit G.3 and European Schoolnet for the present processing operation, you can withdraw your consent at any time. The withdrawal will not affect the lawfulness of the processing carried out before you have withdrawn the consent.

You can exercise your rights by contacting Unit G.3, or in case of conflict the Data Protection Officer. If necessary, you can also address the European Data Protection Supervisor. Their contact information is given under Section 9 below. 

Where you wish to exercise your rights in the context of one or several specific processing operations, please provide their description (i.e. their Record reference(s) as specified under Section 10 below) in your request.

In accordance with Article 14(3) of Regulation (EU) 2018/1725, your request as a data subject will be handled within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. In such case you will be informed of the extension of the time limit, together with the reasons for the delay.

  1. Contact information

- The Data Processor 

For any questions or concerns about this privacy statement or the BIK Community, please contact the Data Processor: EUN Partnership aisbl (European Schoolnet) at privacy@eun.org. Your questions will be transferred to Unit G.3 if necessary. 

You may also contact Unit G.3 directly. 

  • The Data Controller

If you would like to exercise your rights under Regulation (EU) 2018/1725, or if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the controller at CNECT-G3@ec.europa.eu.

  • The Data Protection Officer (DPO) of the Commission

You may contact the Data Protection Officer (DATA-PROTECTION-OFFICER@ec.europa.eu) with regard to issues related to the processing of your personal data under Regulation (EU) 2018/1725.

  • The European Data Protection Supervisor (EDPS)

You have the right to have recourse (i.e. you can lodge a complaint) to the European Data Protection Supervisor (edps@edps.europa.eu) if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data by the Data Controller.

  1. Where to find more detailed information?

The Commission Data Protection Officer (DPO) publishes the register of all processing operations on personal data by the Commission, which have been documented and notified to him. You may access the register via the following link: http://ec.europa.eu/dpo-register.

This specific processing operation has been included in the DPO’s public register with the following Record reference: DPR-EC-09707.