Legal framework for data protection
All personal data collected are processed in accordance with EU Data Protection Law.
What information is collected from visitors?
- First and last name
- Date of birth
- Email address
- Date and time of scheduled visit to the ECB
Who is responsible for this processing of your personal data?
The ECB is the data controller for the processing of personal data. The Internal and External Engagement Division in the ECB’s Directorate General Communications is the unit responsible for processing personal data.
Why do we process personal data?
Personal data are collected for the following purposes: to organise visits to the ECB, to ensure that visitors are protected, and to keep track of who is visiting our premises. Therefore, processing these personal data is mandatory.
Data you provide will be further anonymised and aggregated in a way that means you cannot be identified. They are used for statistical purposes related to visits to the ECB.
Who will receive and have access to your data?
The following dedicated staff will receive your personal data: staff from the Internal and External Engagement Division, the tour guide, and the internal and external security staff at the ECB.
How long do we keep your data?
Personal data are stored for up to five years, starting from the day they were obtained, after which time they will be deleted.
Personal data collected for the purposes of access control to the ECB’s premises are stored for up to one year, after which time they will be deleted.
You have the right to access, correct, delete (under certain conditions) and restrict or object to the processing of your personal data. You can exercise your rights by contacting the Internal and External Engagement Division in the ECB’s Directorate General Communications at firstname.lastname@example.org.
If you have any further questions, please contact the ECB’s Data Protection Officer at email@example.com.
You may also contact the European Data Protection Supervisor any time regarding this processing of your personal data.
- Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, and the ECB Decision 1/2007 of 17 April 2007, adopting implementing rules concerning data protection at the European Central Bank and subsequent legislation replacing or amending these legal acts.