European Commission logo
enEnglish

 

Social media monitoring privacy notice

Processing operation: Green Trip -campaign

Data Controller: European Commission – Directorate General Urban and Regional Policy

Record reference: DPR-EC-07206.1

 

Introduction

In the framework of its activities, European Commission – DG REGIO – Unit A2 Communication (Hereinafter “DG REGIO” “we” or “us”) as data controller wants to understand how its communication campaign and  activities are being perceived and discussed by internet users on different social media platforms  and other online sources including forums, blogs, news sites. For this main purpose, DG REGIO analyses social media activity related to its tasks, activities, campaigns and monitors the efficiency of its own social media channels. The conclusions from this social media monitoring will help us analysing the impact of our communication campaigns and ensure we define a relevant communication strategy.

This privacy notice is dedicated to the purpose of social media monitoring. You can find general Green Trip privacy statement here.

 

Legal Framework and legal ground

Your personal data are processed in accordance with Regulation (EU) 2018/1725 [1] on the protection of individuals regarding the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data.

Specifically, we collect and process personal data for the performance of the DG REGIO’s tasks carried out in the public interest (Article 5(1)(a) of Regulation (EU) 2018/1725).

[1] Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJEU L295/39, 21.11.2018).

 

Data controller and data recipients

DG REGIO is the controller for the processing of personal data.

ICF NEXT S.A. is DG REGIO’s contractor, acting as data processor on DG REGIO behalf.  ICF NEXT S.A. uses an approved third-party tool provided by Talkwalker (subprocessor, called hereinafter the “external tool”) to process, analyse and monitor public social media data on behalf of DG REGIO. The external provider hosts the collected personal data on servers in Europe (Germany). For further information on how Talkwalker uses cookies and it how processes personal data, please see Talkwalker’s privacy policy at: https://www.talkwalker.com/privacy-policy and  https://www.talkwalker.com/author-privacy-policy.

Authorised DG REGIO staff will receive reports which may contain personal data.

 

Origin, type of the data and purpose of processing

The external tool automatically collects and analyses data from public posts by social media users on different social media channels, and tracks different online sources including public forums, blogs and online news websites. The external tool only processes information that is publicly available.

The external tool processes the following personal data on our behalf:

  • identification data (name, username, user identification and geographical area)
  • IP address
  • Geolocalisation
  • personal characteristics (age, gender and family status)
  • consumer habits
  • hobbies and interests
  • professional and educational background
  • pictures and videos
  • any other information published on a website that is analysed or on a third-party platform.

We also set up strict limitations on the topics we monitor. We will only track the hashtag @dingdongEU, we will also check the activity on @euinmyregion.

In addition, even if the external tool collects all the above listed data, we do not use all of it. Mostly we work on aggregate and anonymous data for our analysis and reports.

In some cases, identifiable publications (quote, posts, tweet) may be exploited as examples if relevant for us to understand the general attitude towards our social media communications. In principle, we limit publications identifying an individual to those publications originating from individuals in their professional capacity or those of influencers.

Personal data will be processed to analyse, monitor and improve our communications activities and will not be used for taking individual decisions on the internet users, whether by automated means or not.

 

Data Confidentiality and security

Our staff, our subcontractor’s staff and the external tool’s staff are bound by confidentiality obligations.

We ensure that adequate and specific safeguards are implemented for the processing of personal data in line with the applicable data protection legislation.

 

How long will we keep your personal data?

Upon DG REGIO’s instructions, our subcontractor and the external tool will delete the results of searches. Reports containing personal data will be stored for a maximum of one year as from 31th May 2021. Data will then be destroyed/deleted.

 

Your rights

You have the right to access and rectify your personal data, to restrict the processing of your data and, under certain conditions, to ask for your data to be deleted or to object to processing of your personal data on grounds relating to your particular situation. You have the right to make these requests of DG REGIO.

You also have the right to complain to a data protection supervisory authority.

DG REGIO does not directly interact with social media users whose data are being processed. In principle, we do not have access to their contact details, and we do not need contact information for the purpose of this processing. Therefore, in our opinion, contacting and informing social media users individually is impossible or would involve a disproportionate effort.

For these reasons, we inform users through this privacy statement which will be published on Green Trip dedicated website, on Green Trip Instagram account (@euinmyregion).

 

Questions, rights, contact and DPO contact details

The Commission Data Protection Officer (DPO) publishes the register of all processing operations on personal data by the Commission, which have been documented and notified to him. You may access the register via the following link: http://ec.europa.eu/dpo-register.

This specific processing operation has been included in the DPO’s public register with the following Record reference: DPR-EC-07206.1

For further information related to the processing of your personal data, any questions, complaints or in case you which to exercise your rights you may contact:

  • the Data Controller DG REGIO – Unit A2 Communication using this email address: regio-a2-communication@ec.europa.eu

Or

 

Recourse

Furthermore, you have the right to contact the European Data Protection Supervisor at any time about the processing of your personal data : https://edps.europa.eu or edps@edps.europa.eu