PRIVACY POLICY

If you are visiting a website with a .eu domain, you may be wondering how your personal data is protected and what rights you have. This text will provide you with some general information on the privacy policy for websites within the .eu domain.

The .eu domain is the official top-level domain of the European Union (EU). It is used by EU institutions, agencies and bodies, as well as by other organisations and individuals that are based in or have a connection with the EU. The .eu domain is managed by EURid, a non-profit organisation appointed by the European Commission.

The EU is committed to the protection of your personal data and respects your privacy on all its websites on the .eu domain. The EU follows the principles and rules of the Regulation (EU) 2018/1725 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies.

This means that when you visit a website with a .eu domain, your personal data is:

- processed lawfully, fairly and transparently
- collected for specific, explicit and legitimate purposes
- adequate, relevant and limited to what is necessary
- accurate and kept up to date
- stored for no longer than necessary
- secured and protected against unauthorised or unlawful processing, accidental loss, destruction or damage

You also have certain rights regarding your personal data, such as:

- the right to access, rectify or erase your data
- the right to restrict or object to the processing of your data
- the right to data portability
- the right to lodge a complaint with the European Data Protection Supervisor (EDPS), who is the independent supervisory authority for data protection in the EU

However, not all websites with a .eu domain are under the control of the EU. Some websites may belong to other organisations or individuals that have their own privacy policies and practices. Therefore, it is important that you always check the specific privacy policy or statement of each website that you visit, to understand how your personal data is processed and what rights you have.

The specific privacy policy or statement should provide you with more detailed information about:

- the identity and contact details of the data controller and data protection officer
- the purposes and legal basis of the processing of your personal data
- the categories and sources of personal data collected and processed
- the recipients or categories of recipients of your personal data
- the retention period or criteria for determining the retention period of your personal data
- the security measures applied to protect your personal data
- how to exercise your rights and how to contact the EDPS if you have any questions or complaints

If you have any doubts or concerns about the privacy policy or statement of a website with a .eu domain, you should contact the data controller or data protection officer directly. You can also contact EURid if you have any questions about the .eu domain itself.