Privacy Statement for the EIB’s Exclusion Policy
1. Description of the Processing Operation
It is the duty of the European Investment Bank (EIB) to ensure that its funds are employed as rationally as possible and used only for the purposes for which they were granted. The ElB's Anti-Fraud Policy states that the Bank will not tolerate fraud, corruption, collusion, coercion, obstruction, money laundering and terrorist financing together "Prohibited Conduct") in its activities or operations.
In this framework, the EIB’s Exclusion Policy is intended to deter fraud and corruption in EIB financed projects and other activities by facilitating and regulating the reasonable exercise of discretion by EIB in responding to allegations of Prohibited Conduct.
2. What information is collected and for what purpose?
Information and identification data concerning entities subject to an exclusion proceeding by EIB are collected. This data might also include identification information of the persons with powers of representation, decision-making or control over an entity (where the entity is a legal person).
3. Who has access to the data and to whom information is disclosed?
Duly authorised officers of the EIB, for whom access to the data is indispensable for the proper exercise of their tasks has access to the data in the course of an exclusion proceeding. This includes the EIB’s Exclusion Committee, which is composed of five members including two external independent members subject to confidentiality agreement.
Under conditions ensuring protection of personal data and for the fulfilment of the purposes of the Exclusion Policy, the EIB may disclose the data to a national or EU authority, an international or multinational organisation or body, or an agency of State.
Furthermore, once a decision has been taken, EIB’s exclusion decisions related to a natural person are made available to EIB staff members who need access to the data for the proper exercise of their tasks until the end of the exclusion period.
4. How can you access your information, verify its accuracy and, if necessary, correct it?
You have the right to access, correct and complete the data we hold regarding the legal entity you are representing or regarding your personal data at any point. Upon request, you may be sent a copy of this data to correct and complete them. Any request for access, rectification, blocking and/or erasing these data should be directed to the EIB’s Data Protection Officer. You may also contact him in case of any difficulties or for any questions relating to processing of these data.
Exceptions and restrictions under article 25 of Regulation (EU) 2018/1725 and relevant EIB decision may apply to EIB investigations. The relevant EIB decision is available here.
5. How long is your data kept?
Personal data related to an exclusion proceeding is completely erased 10 years after the end of the exclusion period.
6. What are the security measures taken to safeguard your information?
In order to protect your personal data, a number of technical and organisational measures have been put in place. Only authorised users can access the data upon password authentication. Access can only be granted by the data controller. Each authorised user needs to be registered and any access to the data is recorded.
7. Who can you contact if you have queries or complaints?
You may contact the Data Protection Officer of the EIB (firstname.lastname@example.org). You are also entitled to have recourse to the European Data Protection Supervisor at any time if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data in the context of the EIB’s Exclusion Policy.