ECFR Clarifies GDPR & UK GDPR Handling Procedures
The European Council on Foreign Relations (ECFR) has clarified its data handling procedures, outlining roles and responsibilities in line with the GDPR and UK GDPR. The organization, based in Berlin, has appointed a Data Protection Officer and established a talent pool for potential candidates.
ECFR (ECFR) e.V., based in Berlin, takes the lead in managing GDPR and UK GDPR obligations within the organization. Applicants are directed to use the online form for applications, with data transferred securely through encrypted channels. The data, including name, email, and application documents, is processed to assess suitability for positions.
The organization operates as a network of five legal entities, each with its own contact details in London, Madrid, Paris, Rome, and Warsaw. Personal data is processed on servers provided by a service provider within the European Union. If consent is given, data may be stored in a talent pool for up to two years. The primary responsibility for GDPR and UK GDPR compliance lies with the Data Protection Officer or equivalent function. The legal basis for processing data is primarily Article 6 (1) b GDPR, with additional bases potentially applying depending on the country.
ECFR has implemented robust data protection measures, including secure transfer and storage of personal data, and has appointed a Data Protection Officer to oversee compliance. Applicants can be assured of the organization's commitment to protecting their personal information throughout the application process.
