European Central Bank - eurosystem
European Central Bank - eurosystem
Search
Search Options
Home Media Explainers Research & Publications Statistics Monetary Policy The €uro Payments & Markets Careers
Suggestions
Sort by
  • PRIVACY STATEMENT

Privacy statement for processing of personal data in the context of teleworking

This privacy statement explains the reason for the processing of your personal data in the context of teleworking, the way we collect, handle and ensure protection of the data provided, how that information is used and what rights you have in relation to your personal data. It also specifies the contact details of the responsible Data Controller with whom you may exercise your rights, the Data Protection Officer and the European Data Protection Supervisor.

What is our legal framework?

All personal data are processed in accordance with European Union data protection law, that is to say in line with Regulation (EU) 2018/1725 (‘EUDPR’).

Why do we process personal data?

We collect and process your personal data in the context of teleworking for these reasons:

To manage the rights and obligations of ECB personnel[1] relating to the ECB teleworking rules to ensure the continuous functioning of the ECB and the performance of its task and exercise of its mandate as an EU institution

To ensure a sound financial management of the budget in terms of salary and allowances, e.g. monitoring the entitlement to financial benefits that are paid to members of staff and which are dependent on their habitual residence in the Frankfurt area

To ensure that the ECB can fulfil its duty of care as employer

To monitor compliance with the teleworking registration at an aggregate level and with teleworking quotas at an individual level.

To enable HR to avail of the information necessary to activate the accident at work insurance policy'

For business continuity management purposes

More specifically, the ECB collects and processes your teleworking data for the following reasons:

  • the generic data “Frankfurt area/EU/Outside EU” is provided by members of staff when requesting teleworking in ISIS to allow for monitoring adherence to the applicable teleworking quotas, to monitor the fulfilment of the residence requirement and entitlement to benefits such as salaries and allowances
  • the country location of the member of staff’s teleworking session should be shared with their manager who may then refer the member of staff to the list of high risk countries where ECB equipment cannot be brought into, or advise on the need to request derogations to the bandwidth due to the time difference or, in case of business needs, recall to the ECB premises the ECB personnel based on their assessment of a combination of factors such as who is best suited for the job/task and geographically the closest
  • the teleworking address is requested when the ECB personnel works from an address that is different from the ones specified in the ECB personnel’s Personal Profile (e.g. permanent and home addresses), in case of significant changes to the remote work location: the address of the place of telework is requested taking into account the Conditions of Employment (Art. 10 (a)) and to comply with the Staff Rules on safety and health requirements (Article 5.1bis.3 of the Staff rules, and more specifically in Article 5.1bis.8) as well was on the activation of the accident at work insurance policy and ensure cover of the member of staff (in line with Art. 6.3.1 (a) and (c) (viii) of the Staff Rules)
  • the generic data “reason for cancelling a teleworking request” is provided by the ECB personnel to enable DG/HR to identify potential issues with the implementation of the teleworking policy

In the TW dashboard for managers, non-anonymised teleworking data is made available to managers for their own monitoring of compliance with the rules. Individual non-anonymised data can also be accessed by dedicated HR staff in the table view. Access is only granted on a need-to-know basis to individual staff members.

Reporting and statistical analysis (non-personal data) on teleworking is done by designated staff of DG/HR. For that purpose, personal data is anonymised or aggregated before processing. Analyses are done with a view to providing attendance statistics are in done to assess the appropriateness of the policies, develop and evaluate HR solutions as well as to manage and improve the respective business.

See Privacy Statement People Analytics and HR Analytics Data Privacy Statement - HR Analytics DPIA (TW dashboard covered in 4.1.d, purpose (ii))

Besides, we collect and process your personal data in the context of teleworking also with the purpose of granting teleworking exceptions which can be of a medical or non-medical nature. Teleworking exceptions of a medical nature are covered by the Privacy Statement for the ECB Medical Centre.

[1] The wording ‘ECB personnel’ refers to fixed-term and short-term contract employees (including graduate programme participants), and trainees.

What is the legal basis for processing your personal data?

Your personal data are processed by the ECB in the performance of a task in the public interest related to the contractual relationship with ECB personnel, based on:

REGULATION (EU) 2018/1725, Art. 5(1)(a): processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body (including management and functioning of the institution)

Thus, at the ECB, processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the ECB - to ensure the continuous functioning of the ECB and the performance of its task and exercise of its mandate as an EU institution

REGULATION (EU) 2018/1725, Article 10(2) in conjunction with Articles 4(1)(a) and 5(1) regarding the processing of health data in exceptions. The ECB DPO advises that it is enough that staff members inform their family/dependents of the sharing of their information (no need to add another provision in the Staff rules)

ECB Conditions of Employment in conjunction with Staff Rules and Rules for Short-term employment or Traineeship rules: the Conditions of Employment (Article 9(c) on health and safety, Article 25 on working week, working pattern, teleworking, Article 34(a) on insurance cover), and the Staff Rules, Article 5.1bis Teleworking (generic address Frankfurt area/EU/Outside EU, country location), Article 6.3.1(b) and (c)viii (telework address, if different from home address and in case of significant changes to that remote work location, needed for accident at work insurance policy and to ensure cover of staff member, ensuring that the ECB can exercise properly its duty of care including the activation of the accident at work insurance provisions), Article 5.1bis.3 and Article 5.1bis.8 (ensuring compliance with minimum health and safety requirements and preventing fraud), Rules for Short-term Employment (Art.5.1bis refers to the same article in the Staff Rules), and the Traineeship rules (Art. 9a which contains equivalent provisions for teleworking)

ECB Business Rulebook, BRB.4 IT & communication equipment & IT services - ECB IT security, management of information and confidentiality rules (risks differ if teleworking is in the EU or outside the EU) - to protect the ECB’s data, equipment and interests.

Who is responsible for processing your personal data?

The ECB is the controller for the processing of your personal data. The DG-HR/ESE (Employee Services) division is responsible for this processing.

Contact point: dghr-ese-secretariat@ecb.europa.eu; the ECB Medical Adviser (medical documentation processed in the context of medical teleworking exceptions)

There is a second level of support where DG/IS or a third party may intervene for IT maintenance and IT support: the company which maintains the SAP database, IBM, and the developers who support HR dedicated staff, CapGemini. The access is only via a special user called FireFighter and all actions are logged.

Contact point at external third party (e.g. Privacy/Data Protection Officer): DPO contact for IBM: ECB.PMO@de.ibm.com & ChiefPrivacyOffice@ca.ibm.com and DPO contact for Capgemini: Shahram Faridani shahram.faridani@capgemini.com

Who will be the recipients of your personal data?

Recipients of your personal data are selected ECB personnel for the legitimate performance of their tasks, based on their specific roles. Access to data is strictly regulated by a need-to-know approach, and subject to an annual reconciliation exercise.

Dedicated HR staff in the HR Operations team with SAP expertise may access the generic data “Frankfurt area/EU/Outside EU” to monitor adherence to the teleworking registration and quotas, and the generic data “reason for cancelling a teleworking request” to identify potential issues with the implementation of the teleworking policy. Less than 10 HR/ESE staff with SAP expertise may access the address of the place of telework in case it would be necessary to locate a staff member not responsive to the usual communication means. The country location communicated by the ECB personnel to their line manager may be useful for the line manager to recall the geographically closest staff to the premises in case of business need. The line manager neither has access to the generic data via ISIS nor to the teleworking address of the ECB personnel. Direct line managers receive daily notifications of teleworking requests which their staff members registered in the preceding 24 hours and are provided with staff members’ use of teleworking days (including teleworking threshold deviations, if any) via the Teleworking dashboard for managers. Your data is processed and monitored on a non-anonymised basis in this context. See DPIA HR Analytics section 4.1.d

DG/HR/ESE management and the HR Operations team process personal data in the context of teleworking exceptions. DG/HR/ESE management processes personal data in the context of medical teleworking exceptions (high-level recommendation containing no medical information sent by the ECB Medical Adviser), saved in the P-file and uploaded in the ECB Medical Center database - see also Privacy Statement for the ECB Medical Centre. Teleworking exceptions of a non-medical nature are currently processed by a dedicated HR staff in the HR Operations team, by email registered in Darwin restricted folders and then uploaded in the P-file. The process will be fully automated in SAP.

Besides, in the context of the medical teleworking exceptions, the ECB Medical Adviser is the recipient of your personal medical information which they process to decide on whether to issue a recommendation to DG/HR/ESE management for a teleworking exception due to medical reasons - see also Privacy Statement for the ECB Medical Centre.

Finally, all staff members can access their ISIS ‘Team calendar’ where teleworking and absences of the Team’s staff members can be accessed which is useful for teamwork coordination.

What categories of personal data are collected?

The ECB processes the following personal data:

  • Name
  • Generic location data (Frankfurt area/EU/Outside EU) for teleworking
  • Country location for teleworking
  • Address of the place of teleworking
  • Generic data “reason for cancelling a teleworking request”
  • Health-related and other relevant data related to a personal or family situation of a staff member (processed in the case of teleworking exceptions)

Will your personal data (in a clear or encrypted form) be processed (e.g. transferred, accessed or stored) in third countries or by international organisations?

No.

How long will the ECB keep personal data?

The period of data storage is based on the ECB’s Filing and Retention plan (series 3.4.1.1 of the ECB Filing and Retention Plan). Teleworking generic data (registration, generic location for quota purposes and reason for cancelling a teleworking request) are kept for 5 years.

The address indicated by the ECB personnel in the dedicated New Note field, is only stored in a workflow [2], nowhere else. When the workflow is deleted, this information is deleted. The workflow is deleted after 2 years. In the workflow, the address may only be visible to the ECB personnel themselves and the few dedicated HR/ESE staff in the teleworking request registered and automatically approved after two days. DG/IS support and the external service providers may also have access to the data and their access is managed by a privileged access management solution (GRC). It is not shared with anyone else, in particular not with any manager. The individual address data cannot be easily extracted or reported or even consulted as there are thousands of workflows every day.

In the context of non-medical exceptions, personal data is kept 2 years in the restricted Darwin folder/P-file. With regard to exceptions for medical reasons see Privacy Statement for the ECB Medical Centre.

[2] Workflow: A workflow is a process which includes a trigger, a task or series of tasks and a result.

What are your rights?

You have the right to access your personal data and correct any data that is inaccurate or incomplete. You also have (with some limitations) the right to delete your personal data and to object to or to restrict the processing of your personal data in line with EUDPR. The ECB may restrict your rights to safeguard the interests and objectives referred to in Article 25(1) EUDPR.

Who can you contact for queries or requests?

You can exercise your rights by contacting dghr-ese-secretariat@ecb.europa.eu. You can also directly contact the ECB’s Data Protection Officer at dpo@ecb.europa.eu for all queries relating to your personal data.

Addressing the European Data Protection Supervisor

If you consider that your rights under the EUDPR have been infringed as a result of the processing of your personal data, you have the right to lodge a complaint with the European Data Protection Supervisor at any time.