TRACES Privacy Statement
1. What is TRACES?
TRACES (TRAde Control and Expert System) is an integrated web-based veterinary system, maintained by the European Commission 'Health and Consumer Protection Directorate General', networking veterinary authorities and business users in all Member States, EFTA/EEA countries (Iceland, Lichtenstein and Norway) and a certain number of ThirdCountries with whom the Commission has special agreements. TRACES assists in the management of intra and extra community trade of live animals and animal products.
TRACES is established by the "Commission Decision 2004/292/EC of 30 March 2004 on the introduction of the TRACES system and amending Decision 92/486/EEC".
In order to ensure correct operation of TRACES, we need to collect personal data which is indicated in point 2 of this statement.
TRACES is under the responsibility of Mr. Bernard Van Goethem, Health and Consumer Protection Directorate General, Director of directorate D, - acting as the 'Controller' (cf. Regulation (EC) No 45/2001).
As the Commission's services collected and will further process these personal data, Regulation (EC) 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, is applicable.
2. What personal information does TRACES collect and for what purpose?
2.1. IDENTIFICATION DATA
2.1.1. Personal data is collected in TRACES, for the following data subjects:
- Member State, EFTA/EEA and Third Country Administrators
- Authority users at central, regional, local veterinary units and border inspection posts
- Business and Laboratories users
- Commission officials
2.1.2. Contact details of the TRACES data subjects:
- first name
- last name
- e-mail address
- preferred language
- telephone, fax and additional information only when specified by the data subject (optional)
- business details (name, address, country, type and code) in regards to business users
- authority details (name, address, country and code) in regards to veterinary inspectors
2.2. PURPOSE OF THE PROCESSING OF PERSONAL DATA IN TRACES
The purpose of the integrated computerised veterinary system "TRACES" is to provide assistance in the certification for all veterinary authorities within an informatics network to improve the sanitary protection in the EU: sanitary control of animals and animal products, tracing back and forth of outbreaks of diseases, integration of EU, EFTA/EEA and Third Country competent veterinary authorities.
Contact details of the TRACES users indicated in point 2.1.2, are collected in TRACES in order to ensure that the access to the system and the signature of certificates is limited only to well and clearly identified persons and thus that data stored in the application are well protected.
3. Who has access to your information and to whom is it disclosed?
3.1. PERSONS WHO HAVE ACCESS RIGHTS, IN THE MEMBER STATES, EFTA/EEA AND THIRD COUNTRIES:
- The persons who have access to the collected personal data (indicated in point 2.1.2) of the higher level authorities (e.g.: Commission Officials, administrators, central/regional units), and who have the possibility to modify them upon their request, are the Controller and the TRACES Team in the Health and Consumer Protection DG of the European Commission.
- The persons who have access to the collected personal data (indicated in point 2.1.2) of the lower level authorities (e.g.: Local veterinary units, Border inspection posts, Business and Laboratory users), and who have the possibility to modify them upon their request, are the higher level authorities in these countries which are registered in TRACES. This access is strictly limited by country and by associated authority.
3.2. TRACES CONTACT POINTS:
A list of all TRACES Contact Points in the different Member States, EFTA/EEA and Third countries containing their contact details (country, language, first name, last name, fax and email) is published on the CIRCA website. This list is published in PDF Format. The Commission and in particular the Controller cannot be held responsible for the utilisation and the processing of this information that may be made by external persons.
4. How do we protect and safeguard your information?
The collected personal data and all information related to the above mentioned activities are stored on the European Commission servers in Data Centre in Luxemburg, the operations of which underlie the Commission's security decisions and provisions established by the Directorate of Security for this kind of servers and services.
Access to the collected personal data is only possible to the above described populations (point 3.1), with a User Id and personal password.
Access to the collected personal data of the higher level authorities is given only to Controller and the TRACES Team within the Commission (the Health and Consumer Protection DG of the European Commission).
Access to the collected personal data of the lower level authorities must be requested to the higher level authorities of your country and associated authority.
5. How can you verify, modify or delete your information?
In case you belong to the higher level authorities, and you want to verify which personal data is stored on your behalf by the responsible Controller, please write an e-mail message to the mailbox address mentioned hereafter, by explicitly specifying your request (modification, correction or deletion): firstname.lastname@example.org
In case you belong to the lower level authorities and you want to verify which personal data is stored on your behalf by the responsible higher level authority, please write an e-mail message to the relevant mailbox address published on the CIRCA website, by explicitly specifying your request (modification, correction or deletion).
6. How long do we keep your data?
Contact details of the TRACES users as specified in p. 2.1.2, are kept in the system as long as they are users. Contact details will become unavailable onto the GUI (Graphical User Interface) of the application, immediately after the receipt of information that a certain person is no longer a user of the system.
Please note that some details are stored in certificates for traceability reasons in case of animal health or public health problems (e.g.: outbreak of animal diseases...) for a period of 10 years.
7. Contact Information
In case you have questions, feel free to contact your TRACES contact point, specified in the list published on the CIRCA website, or the support team, operating under the responsibility of the Controller, using the following contact information:
Health and Consumer Protection Directorate General
Animal health and Committees
The higher and lower level authorities in the Member States, EFTA/EEA and Third Countries have a shared responsibility with the Controller and the TRACES Team in the Health and Consumer Protection DG of the European Commission, as described in point 3.1.
Because of this shared responsibility you can address your complaints, in case of conflict, to:
1/ The European Data Protection Supervisor, in case you are part of the higher level authorities, via the following e-mail address: email@example.com
2/ Your National Data Protection Commissioner, in case you are part of the lower level authorities, via the following URL: http://ec.europa.eu/justice_home/fsj/privacy/nationalcomm/index_en.htm