One of your rights under EU law is that you must be informed when your personal data - also known as personal information - is processed (collected, used, stored) by any organisation including one of the EU institutions. You also have the right to know the details and purpose of that processing.

On these pages you will find information about the processing of personal data associated with this website including the use of cookies and social media and about the processing of your personal data if you are an attendee of the 2018 international conference.

As joint hosts of the 2018 international conference, the EDPS and the Bulgarian Commission for Privacy and Data Protection may collect your personal data only to the extent necessary for organisational purposes, to provide you with information about the conference (before, during and after) and process your application to participate. Where necessary, we may also share your information with service providers for the purposes of organising the conference and associated events.

  • The following personal data will be collected and processed:
    • contact details (title, first name, last name, city, country, e-mail, phone number, name of organisation);
    • financial information such as payment card number or bank account, necessary to pay the fees of the conference or for possible refunds;
    • dietary requests (if any);
    • relation to a accompanying guest;

Except for dietary requests and relation to an accompanying guest , providing this information is necessary for your registration and access to the conference premises.

  • Your consent is required for:
    • photos, video recordings and web streaming related to the conference;
    • conference attendee list containing your name and affiliation which will be shared among participants;
    • invitations to future events the EDPS may organise.
  • More detail is outlined in the following sections.
    • Under certain conditions outlined in law, we may disclose your information to third parties, (such as the European Anti-Fraud Office, the Court of Auditors, or law enforcement authorities) if it is necessary and proportionate for lawful, specific purposes.
    • We will never divulge your personal data for direct marketing purposes.
    • You have the right of access to the personal data we hold regarding you, and to rectify them, if necessary. We recommend that you use our secure online contact form or send it by post in a sealed envelope.
    • You can contact the EDPS DPO for any enquiry or complaint. You also have the right to recourse at any time if you believe your data protection rights have been breached; you should contact the EDPS as a Supervisory Authority.
    • We do not keep your personal information for longer than necessary for the purposes for which we collected it. You will find specific information in the sections below.
    • However, we may keep your information for a longer period for historical, statistical or scientific purposes with the appropriate safeguards in place.

Visit the Data Protection Officer at the EDPS page on this website for more information on your rights.

Your personal data and this website


Cookies are short text files stored on a user’s device (such as a computer, tablet or phone) by a website. 

Cookies are used for the technical functioning of a website or for gathering statistics.

Cookies are also typically used to provide a more personalised experience for a user, for example, when an online service remembers your user profile without you having to login.

When you visit this website, we may collect some data on your browser experience such as your IP address, the page you visited, when you visited and the website page you were redirected from.

This information is used to gather aggregated, anonymous statistics with a view to improving our services and enhancing your user experience.

When you visit this website, we will keep the browser history of your visit for a maximum of 13 months. This information will then be deleted.

The collection, aggregation and anonymising operations are performed in the data centre of the European Commission under adequate security measures.

Should you wish to opt your data out of our anonymised, aggregated statistics, you can do so on our cookies page.

Visit our cookies page for more information about the types of cookies this website uses.

Social Media

We use social media to inform about and promote the 2018 international conference through widely used and contemporary channels.

For instance, you can watch videos, which we upload to the EDPS YouTube page and follow links from our website to Twitter, Instagram and LinkedIn.

Cookies are not set by our display of Twitter, Instagram, YouTube and LinkedIn buttons to connect to those services when our website pages are loaded on your computer (or other devices).

You can watch videos related to the conference on our website. These will be played using YouTube player.

In the event that you click “play” on a video to watch it, a YouTube cookie will be installed on your computer or device. If you do not click on any videos at all, no cookie will be installed.

The use of social media does not in any way imply endorsement of them or their privacy policies. In the event that one or more social media are occasionally unavailable we accept no responsibility for lack of service due to their downtime.

We recommend that users read the Twitter, LinkedInInstagram and YouTube privacy policies. These explains each company’s policy of data collection and processing, their use of data, users' rights and the ways in which users can protect their privacy when using these services.

Security and the online contact form

The EDPS strives to ensure a high level of security for the information you may share with us in the contact form on this website, such as using Hypertext Transfer Protocol Secure (HTTPS). This measure provides a high level of assurance for the confidentiality and integrity of the communications between your browser and the EDPS. Nevertheless, a residual risk always exists for communication over the internet, including email. 

The EDPS relies on services provided by other EU institutions (the European Parliament and the European Commission) to support the security and performance of the EDPS website.

How we use your personal data if you are a conference delegate


If you register to attend the 2018 international conference, we will collect some of your personal data for the purposes of processing your registration and for organisational matters, including the arrangement of meals.

Unless you specify otherwise in the registration form, an account will be created for each registrant. This account will contain first name, last name, organisation name, job title and email address. Registrants can edit their own profiles and can choose to add, amend or delete their personal information. An account may be deleted if the registrant changes their mind about having an account at a later stage. 

When submitting the registration form for the conference, registrants are asked if they would like their details to be added to the conference attendee list which will be shared with all attendees.

Registrants can choose if they would like to be included in the conference attendee list or not and if they opt to be listed, they can choose if it is with or without their other details.

The personal data may be shared with selected service providers and the Executive Committee of the ICDPPC as necessary for organisational purposes.

Any and all service providers selected for the organisation of the 2018 international conference are contractually bound to process personal data on behalf of us, keep confidential any data they handle and protect it from unauthorised access, use and retention.  

The personal data of ICDPPC members will also be used to create login credentials for them to access the secure zone of this website for information and documents related to the closed session of the conference. These credentials will be shared individually and securely with those members; upon registration, members will receive an email to connect to the secure zone of the website with a temporary link to login. Upon login on the website or through the conference app, members are obliged to set their password. The EDPS will never send or be able to access secure zone passwords. 

The personal data collected will also be used to create login credentials for all registrants to use the conference app. These credentials will be shared individually with registrants in the way described for the secure zone above. Registrants are under no obligation to use the conference app.

The EDPS will delete these data six months following the conference or at the latest after the last follow-up action, unless you explicitly agree that we keep your contact details in order to invite you to future similar events. We provide you with the possibility to express your consent in the registration form.

If you want us to delete these data from our internal repositories at any point in time after you have given your consent please contact us and we will do so within ten working days upon receipt of your request or the latest correspondence with you about your request.

Any financial data collected for the payment of registration fees will be deleted 5 years following the conference for legal and audit purposes and for any possible refund of fees. See the notification to the EDPS DPO of 15.07.2015 for more detail.

Photos and videos

The EDPS may take photos and videos of the event and publish them on this conference website, the EDPS intranet, internet site and other EDPS social channels (Twitter, Instagram, LinkedIn and YouTube). Should you wish not to be photographed or not to appear in the photos and/or videos you are requested to contact us as soon as possible before the event so that suitable arrangements can be made, as far as is practicable.

In the registration form we provide you with the option to agree or not to being photographed or to appear in the conference video recordings or web streaming. In the event you do not consent, we will make arrangements, such as a special seating area or an indication on the conference lanyard, to implement your wishes as far as is practicably possible.

If you are a speaker, the information you provide us, such as your biography or presentations may be published.

This website will remain online for one year following the 2018 international conference. Thereafter, we will archive event material, including reports and audio-video footage in the EU historical archives. The website and event material will then be available in this online archive.