1. Introduction
WISE is a joint initiative of the European Commission and the EEA,
which have a mandate in freshwater and marine legislation and
knowledge at European level. WISE has two main components,
freshwater and marine environment. An introduction is provided
here:
The personal data collected by the European WISE portal are
processed in accordance with Regulation (EU) 2018/1725 of the
European Parliament and of the Council of 23 October 2018 on the
protection of natural persons with regard to the processing of
personal data by the Union institutions, bodies, offices and
agencies and on the free movement of such data
[1]. Collection and processing of data are
under the responsibility of the European Environment Agency (EEA),
NCE2 - Water and Marine Head of Group (NCE - Natural Capital and
Ecosystems Programme), acting as Data Controller. WISE Data
processor is the external contractor, in charge of the development
of the WISE portal.
2. What personal information we collect and for what purpose
In the context of the WISE portal, we are not collecting and
publishing personal data. We collect personal information only
when we create an account in the Eionet User Directory (Eionet
account) to authorise experts that might directly contribute to
the WISE web content. Please see the privacy statement of the
Eionet website[2] for details on the Eionet
User Directory.
For generic WISE visitors, as personal data we only process:
IP-addresses, browser versions and other devices information (i.e.
transactional data) that are necessary to securely deliver web
pages to the internet client. These transactional data are also
processed by the personnel at CERT-EU (https://cert.europa.eu) which provides security services for EEA and available to the
EEA’s Internet Service Provider (tdc.dk) and cloud provider Amazon
in EU, therefore for them, their privacy policy applies.
WISE visitors can request information about WISE, providing
feedback and reporting bugs by sending an email at:
WISE@eea.europa.eu; this email is accessible and managed by authorised staff
composed by the EEA Eionet helpdesk staff and the WISE
administrators via the EIONET Help Desk system (OTRS). Authorised
staff can directly reply and solve a request, forward it to the
EEA or ETC/ICM experts that can also reply, close the ticket of a
request and prepare the annual anonymised statistics about the
type of requests. We do not store personal data in cookies. By
default, the browsing experience of WISE visitors is tracked by
the EEA Matomo[3] software in order to
produce anonymised statistics. For example, EEA staff may collect
some data on browsing experience such as masked IP address[4]
(anonymized by removing the last two bytes), the web pages visited
by a user, the website page an user were redirected from. The
statistics aims at improving WISE portal and the browsing
experience. The analytical reports generated by the EEA Matomo can
only be accessed through the Eionet Directory authentication
system by EEA staff, other relevant EU institutions’ staff or by
duly authorised external contractors, who may be required to
analyse, develop and/or regularly maintain WISE. By default, EEA
software Matomo installation respects users’ preferences and do
not track visitors which have specified "I do not want to be
tracked" in their web browsers (aka "Do not track").
3. How long personal data are stored
Transactional data (security logs) are stored for a maximum of 1
year for security audit purposes unless there is an individual
reason to keep information for a longer period of time (e.g. when
individual IP addresses are blocked if part of a DoS-attack).
4. How to contact EEA and right to appeal
WISE users may contact the EEA’s Data Protection Officer (DPO) in
case of any enquiry relating to the processing of personal data at
the following email address:
dpo@eea.europa.eu. WISE
users are entitled to have recourse at any time to the European
Data Protection Supervisor (https://edps.europa.eu; edps@edps.europa.eu)
if they consider that the rights under Regulation (EU) 2018/1725
have been infringed as a result of the processing of personal data
by the EEA
Please also see:
[1] OJ L 295/39 of 21.11.2018.
[2]
https://www.eionet.europa.eu/about/privacy-statement/index
[3] Matomo is an open-source and privacy-oriented web analytics
software. The term "EEA Matomo" refers to our installation,
managed directly by EEA Staff and installed within EEA/EU.
[4] Masking of IP addresses. Institution, city and country origin
are determined from the full IP, then stored and aggregated before
a mask is applied. EEA Matomo uses an IP de-identification
mechanism that automatically masks a portion of each visitor's IP
(Internet Protocol), effectively making it impossible to identify
a particular website visitor via the sole IP address.