Primary repository privacy statement
PROTECTION OF YOUR PERSONAL DATA
This privacy statement provides information about the processing and the protection of your personal data.
Processing operation: Personal data processing taking place in the context of the EU tobacco traceability system Data Controllers: The European Commission, represented by Directorate-General for Health and Food Safety (hereinafter DG SANTE), and the EU Member States acting as joint controllersTable of Contents
- Introduction
- Why and how do we process your personal data?
- On what legal ground(s) do we process your personal data?
- Which personal data do we collect and further process?
- How long do we keep your personal data?
- How do we protect and safeguard your personal data?
- Who has access to your personal data and to whom is it disclosed?
- What are your rights and how can you exercise them?
- Contact information of the responsible Data Controller
- Where to find more detailed information?
Introduction
Why and how do we process your personal data?
On what legal ground(s) do we process your personal data
Which personal data do we collect and further process?
- submission of requests for economic operators’, facilities’ and machines’ identifier codes by economic operators and operators of first retail outlets in accordance with Articles 14(2), 16(2) and 18(2) of Commission Implementing Regulation (EU) 2018/574,
- transmission of information on the product movements of tobacco products by economic operators in accordance with Article 32(2) of Commission Implementing Regulation (EU) 2018/574,
- transmission of transactional information by economic operators in accordance with Article 33(2) of Commission Implementing Regulation (EU) 2018/574.
- economic operator’s registered name
- economic operator’s address
- economic operator’s email address
- economic operator’s VAT number
- economic operator’s tax registration number
- facility’s address (street name, house number, postal code and city)
- machine’s producer
- EO_ID (Economic operator identifier)
- F_Excise Number2 (facility’s excise number issued by the competent authority for the purpose of identification of persons/premises)
- F_ID (Facility identifier code)
- destination facility’s full address (street, house number, postal code, city)
- number plates of transport vehicles
- buyer’s registered legal name
- buyer’s address
- buyer’s tax registration number
- payer’s registered legal name
- payer’s address
- payer’s tax registration number
How long do we keep your personal data</u
How do we protect and safeguard your personal data?
Who has access to your personal data and to whom is it disclosed?
- authorised staff of the Commission and the Member States for the purposes of carrying out effective monitoring and enforcement activities in the context of Directive 2014/40/EU. Such staff abides by statutory, and when required, additional confidentiality agreements.
- authorised staff of the ID Issuers, the independent third party provider operating the secondary repository and the independent third parties’ providers operating the primary repositories. This access is subject to ID and password requirements.
What are your rights and how can you exercise them?
Contact information of the responsible Data Controller
- The responsible Data Controller
- The Data Protection Officer (DPO) of the Commission
- The European Data Protection Supervisor (EDPS)
Where to find more detailed information?