Privacy Notice

Introduction

The European Space Agency (herein the “Agency” or “ESA”) is an intergovernmental organisation established by its Convention opened for signature in Paris on 30 May 1975 having its headquarters located at 24 rue du Général Bertrand, CS 30798, 75345 Paris Cedex 07, France.

Protection of Personal Data is of great importance for ESA, which strives to ensure a high level of protection as required by the ESA Framework on Personal Data Protection (herein the “ESA PDP Framework”) which applies in this field. ESA implements appropriate measures to preserve the rights of data subjects, to ensure the processing of personal data for specified and legitimate purposes, in a not excessive manner, as necessary for the purposes for which the personal data were collected or for which they are further processed, in conditions protecting  confidentiality, integrity and safety of personal data and generally to implement the principles set forth in the PDP Framework, available at: http://www.esa.int/About_Us/Law_at_ESA/Highlights_of_ESA_rules_and_regulations

ESA PDP Framework is composed of the following elements:

• the Principles of Personal Data Protection, as adopted by ESA Council Resolution (ESA/C/CCLXVIII/Res.2 (Final)) adopted on 13 June 2017;
• the Rules of Procedure for the Data Protection Supervisory Authority, as adopted by ESA Council Resolution (ESA/C/CCLXVIII/Res.2 (Final)) adopted on 13 June 2017; and
• the Policy on Personal Data Protection adopted by Director General of ESA on 5 February 2018 and effective on 1 March 2018.

This notice is intended to inform you, as data subject, about:

• the identity of the data controller and contact details of ESA Data Protection Officer (“DPO”);
• the type of personal data which is collected and processed;
• the modalities of collection of personal data;
• the purpose of the collection and processing;
• the recipients (if any) to whom the personal data of the data subject shall be disclosed;
• the time-limits for storing the personal data;
• the practical modalities of exercising the rights of the data subject under the ESA PDP Framework.

This notice is also enables ESA to obtain your consent relating to the collection and further processing of your personal data, under ESA PDP Framework. This privacy notice was last updated on: 6 June 2022

Who is the Data Controller?

Your personal data are collected and further processed as shown below upon the decision taken by ESA and NRSCC (National Remote Sensing Center of China) as separate Data Controllers, as follows:
ESA: Management of Conf Tool; check proposals; send notifications;
NRSCC: check proposals;

What are the contact details of ESA Data Protection Officer?

According to ESA PDP Framework, your first point of contact concerning personal data matters is the ESA Data Protection Officer (“DPO”), who may be contacted at DPO@esa.int

What kind of personal data about you are collected and further processed?

The personal data which may be collected and further processed for the purposes mentioned below are in particular:

-    Name
-    Title (e.g. Mr, Ms. Dr…)
-    E-mail
-    Country
-    Affiliation (Organisation / Company)
-    Company address
-    Photograph (optional)
-    Video recordings (presentations: where you have agreed)
-    Publishing of the presentations and recordings (where you have consented)
-    Other information that you provide and which may directly or indirectly identify you;

You are required not to send to the Agency any sensitive information (including information that indicate, directly or indirectly, an individual’s racial or ethnic origin, political opinions, adhesion to unions, religious or philosophical beliefs, health life, sexual orientation, genetic or biometric data, criminal convictions).

How your photograph/video recordings may be taken by the Agency
Your photograph and video recordings may be taken by various means, including via:
- Uploading your photo and recordings of presentation on ConfTool

How are your personal data collected or further processed?

Your personal data may be collected by various means, including via:
-    ConfTool
-    E-mail

Why are your personal data collected and further processed?

Your personal data are collected and further processed so that:

• to manage your participation to the Dragon symposium
• to send you notifications in connection with the Dragon symposium
• to publish online symposium agenda
• to record and make your presentation available during and after the symposium

In addition to these purposes, the Agency may use your personal information for any of the purposes mentioned in Article 5 of the Policy on Personal Data Protection.

To whom might we disclose your personal data?

The Agency may disclose your personal data to any of the following third party recipients for the fulfilment of all or part of the purposes of the collection and processing of personal data, which are mentioned above:

Recipient acting as…	Servers and sub-processors of the recipient are  located in:
ConfTool GmbH for the online registration to the meeting	Germany
Serco Italia S.p.A. contractors working for ESA	Italy
NRSCC	China
Social media: Twitter	World-wide

Your personal data and the presentations will be available in Europe and China subject to applicable Data Protection Regulations in the relevant territory. The material you provide will be used to promote the results achieved in various media.

The Agency does not consider your personal data as an asset for sale and, thus, does not sell your personal data to any third parties.

How long do we retain your personal data for?

The Agency may keep your personal data for as long as necessary for the fulfilment of the above mentioned purposes. Your Personal Data shall be deleted 1 year after the event.

Presentations/recordings are kept for the duration of the cooperation and for the context of monitoring change in the areas of research.

How can you erase, rectify, complete or amend your personal data?

The Agency is keen to collect and process accurate personal data and to keep it updated.
You may request the erasure, rectification, completion or amendment of your personal data if, and to the extent that it is inaccurate or incomplete, having regard to the purposes for which they are collected and processed, or if they are processed in violation with the principles referred in ESA PDP Framework.

If you choose to make a request for the erasure of personal data, you understand and agree that ESA cannot process the inscription to the symposium.

The above-mentioned request should be submitted to the ESA DPO, as first point of contact, by sending an email to: dpo@esa.int copy to: dragon@esa.int

You may also be allowed access to your personal data and have the possibility to erase, rectify, complete or amend it, according to the following modalities:

1. by accessing your account at https://www.conftool.pro/ 2022DragonSymp/
2. by entering your account User Id and password
3. by clicking on “Log In”
4. by actually erasing, rectifying, completing or amending your personal data
If you do not remember your password, you can reset your password by https://www.conftool.pro/ 2022DragonSymp/index.php?page=sendPassword
If you are unable to access your account, please contact dragon@esa.int  for assistance.

What could you do in case of a data protection incident?

In case of a data protection incident, you should contact ESA DPO, as first point of contact, by sending an email to: dpo@esa.int

In case you wish to submit a complaint, you are required to comply with the Rules of Procedure of the Supervisory Authority set forth by ESA PDP Framework. You will be required to demonstrate that a data protection incident occurred in relation to your personal data, following a decision of the Agency or at least to justify serious reasons to believe that such incident occurred.

Your consent

The processing of personal data described in this privacy notice is based on your consent. You may provide your consent by accepting this privacy notice (selecting the ‘I accept the data privacy agreement’ checkbox) prior to submitting the registration form.
You can withdraw such consent by requesting ESA to stop the processing. This will not affect the legitimacy of the personal data processing that took place prior to the withdrawal of user consent.
You can withdraw your consent at any time:
- by sending an email to ESA DPO at:  dpo@esa.int ;   copy: dragon@esa.int

If users choose to withdraw their consent, they understand and agree that they will no longer be able to ESA cannot process the inscription to the symposium.
You will be able to withdraw your consent depending on the modality used to collect your personal data, in particular:

• by accessing your account at https://www.conftool.pro/2022DragonSymp/
• by entering your account User Id and password
• by clicking on “Log In”
• by actually erasing your personal data

Media Rights – Identification information - Personal Data

By submitting an Application to the Dragon symposium, the Participants irrevocably accept (and obtain acceptance from any concerned individuals, including Team members) that:

a.    ESA and NRSCC(and any third parties acting on their behalf) may collect, further use and process, generate identification information and personal data, including:
i.    first name, last name, professional e-mail address, affiliation details and
ii.    images, video and/or audio recordings, photographs submitted by the Participant or by any Team member.

b.    The collection, use and processing are done:
(i)    for the purpose of the Dragon symposium (e.g. to provide access, for request or delivery of information, etc.) as well as for communication purposes, in particular to highlight the Dragon symposium and to promote similar events in the future;
(ii)    in all media and/or by all networks, anywhere throughout the world;
(iii)    without additional permission or compensation being necessary;
(iv)    for as long as the above-mentioned purposes subsist.

c.    Identification data as well as images, video and/or audio recordings, photographs provided by a Participant on its own behalf and on behalf of the Team members are deemed to be provided as part of the Application and, thus, their use by ESA and NRSCC.

d.    If, at the submission of an Application, the Participant does not submit all the required identification information and/or personal data, the Participant will not be given access to the corresponding Website page and may be considered as non-eligible.

e.    The Website is using cookies that are placed on the hard disk by a web page server.