Search Options
Home Media Explainers Research & Publications Statistics Monetary Policy The €uro Payments & Markets Careers
Suggestions
Sort by

PRIVACY STATEMENT

for the processing of personal data relating to business meetings with financial market participants in an ECB-internal register (meeting register)

Data Protection legal framework applicable to the European Central Bank

All personal data are processed in accordance with EU Data Protection Law, i.e. Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC, OJ L 295, 21.11.2018, p. 39-98.

The European Central Bank as controller of processing personal data

The ECB is the controller for the processing of personal data in the ECB's meeting register.

Purposes for processing personal data

The ECB processes personal data relating to business meetings with financial market participants in an internal register ("Meeting Register"). The purpose is to facilitate the implementation of the ECB's good governance framework for meetings with external stakeholders. In particular, the processing of personal data in the meeting register enables the ECB to maintain an internal overview of meetings and of related internal documentation, to coordinate planned meetings and to apply a level playing field approach with regard to its external stakeholders and thereby to effectively strengthen compliance and monitor adherence to the framework.

Legal basis of processing operations

Personal data of contact persons and participants for business meetings with financial market participants are processed by the ECB in the performance of its tasks in the public interest, based on Article 5(1)(a) Regulation (EU) 2018/1725 in conjunction with Article 0.3.2 of the ECB Staff Rules.

Categories of personal data processed by the ECB

The following personal data relating to business meetings with financial market participants may be processed in the ECB's meeting register:

  • full name of the contact persons and participants (ECB-internal and external)
  • position and function of external contact persons and participants in their organisation/company
  • contact details of external contact persons, e.g. email address, business/mobile telephone number, fax number, (professional) postal address.

Such personal data is collected from relevant email, telephone or personal exchanges with the representatives of financial market participants regarding planned business meetings.

Access to personal data processed by the ECB

Access to personal data relating to business meetings with financial market participants processed by the ECB in its meeting register may be given to the following persons:

  • staff members of the ECB's Compliance and Governance Office (CGO) and staff members of the concrete ECB business area(s) planning to participate in the meeting
  • a limited number of dedicated ECB staff members in other business areas who have responsibility for the overall coordination of business meetings with financial market participants.

Time limits for storing personal data

The personal data are stored for a maximum of five years and are deleted thereafter.

Your rights as data subject

You have the right to access your personal data and correct any data that is inaccurate or incomplete. You have also (with some limitations) the rights to delete your personal data or to restrict the processing of your personal data in line with Regulation (EU) 2018/1725.

Contact Information in case of queries and requests

You can exercise your rights by contacting the ECB contact person that you have been previously in contact with regarding a specific business meeting. The ECB's Data Protection Officer at dpo@ecb.europa.eu answers all queries relating to personal data.

Addressing the European Data Protection Supervisor

You have the right to lodge a complaint with the European Data Protection Supervisor at any time if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data.