Privacy Policies

1.  Serco Privacy Policy

1.1    About Serco Italia S.p.A

This Privacy Policy is released by Serco Italia S.p.A., with registered office at viale dell’Astronomia 13, Cap 00144 (Rome, Italy) (“Serco” or the “Data Controller” or “we” or “us”), which can be contacted at the following email address desp-support@serco.com.

Serco Italia S.p.A. operates DestinE Platform (available at platform.destine.eu) and in this context Serco Italia S.p.A collects and processes data as follows:

(i) upon decision taken by another separate controller (e.g. ESA, EUMETSAT, European Commission etc.) within the framework of the Destination Earth initiative; the information related to the processing of personal data decided upon by such third-party controller is given in the separate privacy notices released by the corresponding third-party and made available on the DestinE Platform, in particular in connection with DestinE Core Service Platform;

and

(ii) upon decision taken by solely Serco Italia S.p.A only, acting in its capacity of separate data controller; for this case, this Serco Privacy Notice applies and made available on the DestinE Platform, in connection with DestinE Platform Services.

1.2    General

Serco Italia S.p.A is committed to protecting and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) and any applicable national laws and regulations.

This privacy policy provides information to you about the basis on which any personal data we collect from you, or that you provide to us, will be processed by us, for purposes decided solely by Serco Italia S.p.A., if you are a client of the DestinE Platform, as defined in the Agreement for the provision of DestinE Platform Services (the “T&C”), provided through the site platform.destine.eu (the “Site”).

This privacy policy shall be read in conjunction with our cookies policy ([RD]) and the agreement for the provision of DestinE Platform (the “T&C”). In the event of any conflict or inconsistency between this Privacy Policy and the T&C or Cookies Policy, the provisions of this Privacy Policy shall prevail. This Privacy Policy is intended to comply with the requirements of the General Data Protection Regulation (GDPR) and any applicable national laws and regulations and shall be interpreted and applied in accordance with the GDPR and such laws and regulations.”

In this privacy policy, the terms “we”, “our”, and “us” are used to refer to Serco Italia S.p.A., as the separate Data Controller responsible for your personal information solely in respect and purpose of the development and operation of DestinE Platform decided upon by Serco Italia S.p.A as separate data controller.

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to the relevant contact above.

1.3    Information we collect from you

We will collect and process the following data about you from your use of our Site:

  1. Registration data and other information you give us. This is data about you that you give us when you register to use our Site, subscribe to any of the DestinE Platform Services, use the DestinE Platform provided by our Site. The data you give us may include your name, surname, e-mail address, and in case of companies the details of the company.
  2. Technical information. We also collect technical data, including the Internet protocol (IP) address used to connect your computer to the Internet, MAC addresses, traffic data, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and cookies, which will be collected in accordance with our cookies policy which comply with the requirements of the General Data Protection Regulation (GDPR) and any applicable national laws and regulations.

1.4    How we use your information

We use information held about you solely in respect of the development and operation of DestinE Platform for the following purposes decided upon solely by Serco Ialia S.p.A::

  1. to allow you to have access to, and use our Site and use the DestinE Platform Service offer and therefore carrying out our obligations arising from any agreements entered into between you and us and to provide you with the information, products and services that you request from us;
  2. to carry out appropriate and necessary investigations and discharge our legal and regulatory obligations and duties, including to comply with (to the extent applicable):
  • the guidance of any relevant regulatory body;
  • the requirements of applicable legislation for the combatting of money laundering, fraud, terrorist financing, bribery, corruption, tax evasion, the provision of financial or other services to persons who may be subject to economic or trade sanctions; and
  • any other local laws, regulations, directions, codes of practice, circulars, orders notices or demands which may otherwise apply;

(purposes from a) to b) are jointly defined as the “Contractual Purposes”)

  1. for fraud prevention purposes within the limits not already required by applicable laws as well as to defend or claim a right, also as part of court proceedings;
  2. for credit recovery procedures and credit assignment to authorized companies, also by means of third parties;
  3. for the completion of a potential merger, sale of assets or transfer of all or a material part of its business, by disclosing and transferring your personal data to the third party or parties involved in the transaction as part of the transaction;

(the purposes of letters c) to e) above are jointly referred to as “Legitimate Interest Purposes”)

  1. with your prior consent, to provide you with marketing communications by means of electronic and physical channels of communication about the services or products we offer and to run surveys solely in respect and purpose of the development and operation of DestinE Platform;
  2. with your prior consent, to customize the DestinE Platform Services and the marketing communications referred above on your preferences and habits (see Cookies Policy) solely in respect and purpose of the development and operation of DestinE Platform.

(the purposes of letters f) and g) above are jointly referred to as “Marketing Purposes”).

1.5    Legal basis for the processing of your personal data

The General Data Protection Regulation (GDPR) and any applicable national laws and regulations require that we meet certain conditions before we are allowed to use your data in the manner described in this privacy policy. We take our responsibilities under data protection rules extremely seriously, including meeting these conditions.

The processing of your personal data is necessary with regard to the Contractual Purposes as it is essential:

  • for the performance of the Terms and Conditions between you and us solely in respect and purpose of the development and operation of DestinE Platform.
  • In order for us to fulfil our obligations under such contract, we will need to collect and process your personal data.
  • in order to comply with applicable guidance provided by any relevant regulatory body and the obligations under applicable legislation, including anti-money laundering/fraud legislation.

Failure to provide the data for the above purposes will unfortunately mean we cannot provide our services to you, as to allow you to use our service would mean we would be in breach of our legal obligations.

The processing of your personal data with regard to the Legitimate Interest Purposes of Section 2 letter e) is carried out in compliance with article 6, letter f) of the EU General Data Protection Regulation 2016/679 (the “European Privacy Regulation”), for the pursuit of Serco’s legitimate interest to the detection of potential frauds, the recovery of debts towards to company and the performance of the economic activities referred therein, which is adequately balanced with your interest since the data processing is performed within the limits strictly necessary to their performance.

This data processing activity with regard to the Legitimate Interest Purposes is not mandatory and you can object to the data processing at any time through the modalities as per this Privacy Policy.

Finally, the data processing with regard to the Marketing Purposes is based on your prior consent. Such data processing is not mandatory however should you refuse to provide the relevant consent you will not receive marketing communications as per Section 2 letters f) and g). In any case, you can withdraw your consents at any time through the modalities as per this Privacy Policy.

1.6    How do we process your personal data

Your personal data will be processed both electronically and/or manually, in any case in such a way as to guarantee the security, protection and confidentiality of the data, thanks to appropriate administrative, technical, personnel and physical measures against loss, theft and unauthorized use, disclosure or modification.

1.7    How long we keep your information for

Your Personal data will be stored for the period necessary to fulfil the purposes for which the data was collected as outlined in this privacy policy and in accordance with the General Data Protection Regulation (GDPR) and any applicable national laws and regulations. In any case the following retention periods will apply to the processing of your personal data for the purposes indicated below:

  • data collected for Contractual Purposes and for Legitimate Interest Purposes is retained during the provision of the services plus a period of 5 years after the termination or withdrawal from the contract with us, except when the detention of the data is necessary to respond or to file a legal action, upon request of the competent authorities or in compliance with the applicable laws;
  • data collected for Marketing Purposes relating to the delivery of marketing communications and running of surveys is retained for the duration of the Contract and a subsequent period of 24 months;
  • data collected for Marketing Purposes relating to the profiling of your preferences for marketing purposes is retained for a period of 12 months from the time it is collected.

1.8    Disclosure of your information

For the Contractual Purposes, personal data may be transferred to the following categories of recipients located within the EU solely in respect and purpose of the development and operation of DestinE Platform and within the limits  as set below:

  1. third parties service providers entrusted with processing activities that provide hosting cloud services or assistance and advice to Serco, with special but not exclusive reference to technology (in particular, but not exclusively analytics and search engine providers that assist us in the improvement and optimisation of our site and other selected third parties), accounting, administrative, legal, insurance, IT matters;
  2. EUMETSAT and ECMWF, implementing the Destination Earth Data Lake and the Digital Twins and Digital Twin Engine components of the Destination Earth initiative, for whose services Personal Data transfer is necessary for the performance of their activities;
  3. affiliates; and
  4. persons and authorities whose right to access personal data is recognized by law, regulations or provisions issued by legally empowered authorities.

The above-mentioned recipients will process personal data as data controllers, data processors or persons in charge of processing, depending on the circumstances. To know the point of contact for personal data protection matters concerning separate Controllers (which are independently responsible for the collection and processing of personal data they decide upon in respect and purpose of the tasks entrusted to them within the framework of the Destination Earth initiative), please refer to the privacy notices of these separate Controllers.

Management of Your account to DestinE Core Service Platform may render necessary the communication of Your personal Data to the European Commission. Provided this is necessary, a separate privacy statement will be released by the European Commission accordingly.

We will also disclose your personal data to the European Space Agency, for the purposes described in the “ESA Privacy Notice for DestinE Core Service Platform”.

For the Legitimate Interest Purposes, personal data may be transferred to the following categories of recipients located within the EU and within the limits set below:

(a) potential purchaser of Serco and the entities resulting from mergers or any other transformation involving Serco, (b) competent authorities.

For the Marketing Purposes, personal data may be transferred to the following categories of recipients located both within the EU and, within the limits set below:

(a) third parties service providers entrusted with processing activities that provide services or assistance with regard to the delivery of marketing communications solely in respect and purpose of the development and operation of DestinE Platform.

The data processors appointed by Serco include OVHCloud.

1.9    Your rights

You have a number of rights under the General Data Protection Regulation (GDPR) and any applicable national laws and regulations in relation to the way we process your personal data. These are set out below. You may contact us by sending a communication to the email address desp-support@serco.com or by contacting our DPO directly – details below) to exercise any of these rights, and we will respond to any request received from you within one month from the date of the request.

At any given time, you can exercise the following rights:

  1. to obtain from Serco confirmation of the existence of personal data and to be informed of its content and source, verify its accuracy and request its integration, update or amendment;
  2. to request the erasure, anonymization or restriction of the processing of personal data processed in breach of the applicable laws;
  3. to object in whole or in part, on legitimate grounds, to the processing of the data;
  4. to withdraw the consent to the processing of the data (if and to the extent such a consent is necessary).

You will have the right, in any given moment, to:

  1. request Serco to limit the processing of your personal data where:
    • you contest the accuracy of the personal data until Serco have taken sufficient steps to correct or verify its accuracy;
    • the processing is unlawful but you do not want us to erase your personal data;
    • Serco no longer needs your personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
    • you have objected to processing justified on legitimate interests, pending verification as to whether Serco has compelling legitimate grounds to continue processing.
  1. object to the processing of your personal data;
  2. request the erasure of your personal data without undue delay;
  3. receive an electronic copy of your personal data, if you would like to port your personal data to yourself or a different provider, when Serco is relying upon your consent or the fact that the processing is necessary for the provision of the services and the personal data is processed by automatic means; and
  4. lodge a complaint with the relevant data protection supervisory authority.

1.10 Transfer of personal data

  • Serco shall process (and have processed by its authorised subcontractors or sub-processors) personal Data only in the agreed territory of processing (European Union) solely in respect and purpose of the development and operation of DestinE Platform. Transfer of Personal Data outside the agreed territory shall only take place for the purpose of implementing, managing, monitoring the activities under the T&Cs and solely in respect and purpose of the development and operation of DestinE Platform, and will only concern Data Recipients located in a country or international organisation offering an Adequate Level of Protection.
  • The transfer of personal data towards a country not recognized as offering an Adequate Level of Protection may only be done after being authorised by the Serco Data Protection Officer (DPO) and subject to “adequate safeguards with respect to the protection of the Personal Data and data subject’s rights”.
  • As “adequate safeguards”, the Parties agreed to adopt the level of protection resulting from the provisions of the EU Standard Contractual Clauses for the Transfer of Personal Data to Third Countries pursuant to Regulation (EU) 2016/679.

1.10.1   The Data Protection Officer

The data protection officer appointed by Serco pursuant to Section 37 of the Privacy Regulation can be contacted at the following email address: dpo@serco.com.

1.10.2   Changes to this Privacy Policy

Any changes to this privacy policy in the future will be posted on this page, and where appropriate, notified to you by email. Please check back frequently to see any updates or changes to this privacy policy.

Document version information:

Version: 2.7
Last Updated: 14 October 2024

Document Download

2. ESA Privacy Policy

ESA PRIVACY NOTICE FOR DESTINE CORE SERVICE PLATFORM

Released by: European Space Agency, as Data Controller for the DestinE Core Service Platform

Addressed to individuals whose personal data are collected and processed (“You”)

Concerning collection and processing initiated by: ESA EOP Department

(hereinafter referred to as the “Department”)

Introduction

The European Space Agency (hereafter “the Agency” or “ESA” or “We”) is committed to protecting Personal Data in line with the ESA Framework on Personal Data Protection (herein the “ESA PDP Framework”) available at: http://www.esa.int/About_Us/Law_at_ESA/Highlights_of_ESA_rules_and_regulations

composed of:

  • the Principles of Personal Data Protection adopted by ESA Council on 13 June 2017
  • the Rules of Procedure for the Data Protection Supervisory Authority adopted by ESA Council on 13 June 2017
  • the Policy on Personal Data Protection (including its Annex entitled “Governance Scheme of the ESA’s Personal Data Protection”) adopted by the Director General of ESA on 1 March 2022 (“ESA PDP Policy”).

The Destination Earth (DestinE) Platform is a platform leading to the collection and processing of personal data for various purposes, as described in the corresponding privacy notices, as follows:

  • This notice is released by ESA and is intended to describe why and how Your personal data are collected and processed by or on behalf of ESA as separate Data Controller, in relation to the Destination Earth initiative, the DestinE Core Service Platform implementation and the Contribution Agreement (hereinafter Agreement), as well as what rights You have in relation to Your personal data. It also informs You about the contact details of the Data Protection Officer. This privacy notice was last updated on 09/10/2024. It must be read in conjunction with the ESA PDP Framework.
  • Other privacy notices may apply, as indicated on the DestinE Platform.

2.1 How can you contact the Data Protection Officer regarding this notice?

The ESA Data Protection Officer (“DPO”) may be contacted in line with the ESA PDP Framework at DPO@esa.int. Specific information is available upon request from the DPO.

SEPARATE CONTROLLERS:

To know the point of contact for personal data protection matters concerning separate Controllers (which are independently responsible for the collection and processing of personal data they decide upon), please refer to the privacy notices of these separate Controllers. Your queries regarding these matters will not be dealt with by ESA or its DPO.

2.2 What kinds of personal data are collected and further processed?

We collect and process various kinds of personal data and may require You to provide personal data for the purposes mentioned later in this notice. Depending on the purpose for which they are collected and further processed, the personal data may include the following:

  • Identity Data: including Your names;
  • Copies of identity documents: including copies of Your diplomatic cards, copy of passport (including visa if necessary), the identity card or other identity documents, certificates, Your photograph;
  • Contact information: email address;
  • Technical data, including online identifiers: for example, internet protocol (IP) address or domain names of the devices utilised, login data, browser data, in particular the type plug-in version, user preferences and history; MAC data, device information, uniform resource identifier (URI) address, time zone setting, operating system and platform and other technology of the devices you are using; geolocation server logs data, log data;
  • Other personal information You may provide: in particular the content of exchanges with ESA, for instance assistance data;
  • Other data, such as:
    • Your messages, date, and time the message was sent;
    • the content of the questions you have asked;
    • other data mentioned in Your messages;
    • feedback and interaction on the tools provided, support requests, etc.

2.3 How are Your personal data collected or further processed?

When ESA acts as a Data Controller, ESA collects and processes Your personal data via the DestinE Core Service Platform and via ESA systems, networks and devices that interconnect with DestinE Core Service.

In addition to the personal data We collect directly from You, we may, depending on Your situation, collect certain personal data about You indirectly including from third-parties.

2.4 Why are Your personal data collected and further processed?

ESA collects and processes Your personal data to enable ESA to fulfil its role, tasks and obligations for the legitimate purposes as set out in this privacy notice under point 5.1., e.g., for security and for fulfilment of a contractual legal agreement, e.g., for the Contribution Agreement and to enable the services for Your legitimate interest in Your use of the DestinE Core Service Platform and for the implementation of the Destination Earth initiative.

The collection and processing of personal data carried out by, or on behalf of, ESA in connection with the DestinE Core Service Platform will ensure adequate protection of personal data in accordance with the ESA’s positively assessed Personal Data Protection (PDP) Policy. The collection and processing of personal data will be limited to what is strictly necessary for the implementation of the DestinE Core Service Platform as specified in the Contribution Agreement.

In any case, we do not process Your personal data for activities where our interests are overridden by the impact on you, unless we have your consent or are otherwise required or legally permitted.

Further information on the purpose of processing is provided by clicking on links associated with each section below, which correspond to various situations that may be relevant to You.

What is the purpose of processing Your personal data?

IF YOU REQUEST, OR ARE PROVIDED ACCESS, TO YOUR ACCOUNT IN THE DESTINE CORE SERVICE PLATFORM

Your personal data are collected and further processed for the following purposes:

(i)            to manage Your free-of-charge account (e.g. validation, authorization and creation) in DestinE Core Service Platform (herein “Your account”);

(ii)           to manage access to Your account according to the user access policy;

(iii)          to exchange correspondence or any types of messages with You about the DestinE Core Service Platform functionalities available via Your Account;

(iv)          to inform and raise awareness in relation with the DestinE Core Service Platform functionalities accessible via Your account;

(v)           to perform monitoring of your use via Your account to DestinE Core Service Platform;

(vi)          to analyse and monitor Your interactions with the DestinE Core Service Platform via Your account;

(vii)         to deal with your current and future queries or requests submitted via Your account or to otherwise engage with you;

(viii)        to analyse and monitor Your reactions to content available in the DestinE Core Service Platform via Your account, and initiatives;

(ix)          to ensure measurement of various criteria in relation to the availability of Your account in DestinE Core Service Platform;

(x)           to gather statistics with a view to enhancing the user experience of DestinE Core Service Platform;

(xi)          to identify and track unauthorised access or any attempts to access Your account in DestinE Core Service Platform without permission; to defend ESA’s rights and interests, including to defend ESA from possible liability claims that may arise.

The management of Your account on the DestinE Core Service Platform may render necessary the communication of Your personal Data to the European Commission. Provided this is necessary, a separate privacy notice will be released by the European Commission accordingly.

IF YOU FORMULATE A REQUEST OR A COMPLAINT IN THE EXERCISE OF YOUR RIGHTS

In particular, Your personal data are collected and further processed for the following purposes:

(i)            to handle any questions or complaints you submit to ESA;

(ii)           to respond to any request relating to your rights;

(iii)          to defend ESA from possible liability claims that may arise.

IF YOU USE ESA IFORMATION AND COMMUNICATION TECHNOLOGY (IT) INFRASTRUCTURE, TOOLS AND SERVICES (operated by ESA or on behalf of ESA) IN RELATION TO THE DestinE Core Service Platform

Your personal data may be collected and further processed for the following purposes:

(i)            to provide You access to the IT infrastructure, tools and services operated by or on behalf of ESA;

(ii)           to provide optimal data flow between target environments in an automated manner;

(iii)          to provide access and proper performance of the service to end-users;

(iv)          to provide support services and to ensure the management and maintenance of the service;

(v)           to manage provision of IT services such as identity and access management; incident prevention, management, reporting;

(vi)          to ensure data subject rights management;

(vii)         to ensure personal data quality and accuracy.

(viii)        to provide tools that facilitate transcription, evaluation, reporting or automated processing.

NOTA BENE:    If your personal data processing is subject to one of the situations above, other sections may be relevant to You. You are thus invited to take knowledge of information provided under all the sections that are relevant to your case. In the description of the purpose, we made the choice to avoid duplication.

2.5 On what legal grounds do We collect and process Your data?

We collect and process Your personal data in relation to the Destination Earth initiative, the DestinE Core Service Platform implementation and the Contribution Agreement in accordance with the ESA PDP Framework, in particular pursuant to Article 5 of the ESA PDP Policy, for fair, specified and legitimate purposes or for purposes compatible therewith. Other ESA Rules and Regulations may serve as legal basis, as they may be indicated to You in additional notices, as appropriate.

What are the legal basis for processing Your personal data?

2.5.1 General basis for processing under ESA PDP Policy

The processing referred to in this notice falls under Article 2.5.2 of the ESA PDP Policy, e.g., it is necessary:

a)    for security; or

b)    for the performance and implementation of the Contribution Agreement concluded by ESA within its purpose in relation with an activity carried out by ESA in the framework of, and in conformity with, the ESA Convention and the applicable rules and procedures and for the implementation of the DestinE Platform;

c)     for Your legitimate interest.

2.6 In which circumstances may We transfer or provide access to Your personal data?

The validation of Your Account to DestinE Core Service Platform may require the transfer of the necessary personal data to the European Commission, which may separately decide to process Your data. Provided this is necessary, a separate privacy notice will be released by the European Commission accordingly.

At times, it is necessary for us to disclose Your personal data to authorised recipients within the scope of the implementation and management of the DestinE Core Service Platform, to the extent this is necessary for carrying out the processing operations referred to in this notice. Typically, the third-party recipients include:

1/ third party providers: We may engage various service providers such as:

  1. providers of cloud/data hosting services,
  2. providers of platform-maintenance related services,
  3. providers enabling Us to manage our contracting process,
  4. providers ensuring the security of our premises,
  5. providers enabling Us to provide you with working tools, etc.
  6. providers in charge with the organisation and management of communication activities,
  7. providers involved in the management of social media accounts,
  8. providers involved in marketing, advertising activities, managing newsletters, managing statistics and media services,
  9. providers of website related services.

other third parties interacting with ESA for the purpose of the DestinE Core Service Platform and within the scope of the implementation and management of the DestinE Core Service Platform.

These third-party recipients are generally situated in the European Union, the European Economic Area or in countries that offer an adequate level of protection equivalent to that offered within the European Union and the European Economic Area (e.g. Argentina, Canada, Japan, Switzerland, United-Kingdom).

When the third-party data recipients are located in a country or international organisation not offering an adequate level of protection (e.g., Australia, United States, etc.), we take necessary measures to safeguard your data, in line with the conditions set forth in the ESA PDP framework.

Additionally, we may utilise services provided by IT providers or integrate social media features into our platforms. In such instances, these IT providers or social media platforms may provide links to their respective websites, where they conduct their own data processing activities. It is entirely at your discretion whether you choose to access and utilise these social media features, depending on the terms and conditions applicable to each platform. If you prefer not to engage with social media or not to accept their terms and conditions, you have the option to refrain from accessing or using these platforms. Your decision regarding social media usage is within your control.

In exceptional cases, for instance in case of a criminal offence evidenced by the collection or processing of data, we may share the said data with the appropriate authorities or bodies, including those having an investigative role or those involved in the concerned legal proceedings.

2.7 How long do We retain Your personal data for?

Your data are stored for the shortest time possible, considering the reasons why we need to process Your data, as well as all legal obligations applicable to ESA. The ESA established time limits to erase or review the data stored. Retention periods applied by the ESA are proportionate to the purposes for which they were collected. Thus, the ESA will keep Your personal data for as long as necessary for the fulfilment of those purposes and shall be deleted afterwards. By way of exception, We may keep Your personal data for a longer period, for archiving purposes in the public interest or for reasons of scientific or historical research, being reminded that appropriate technical and organisational measures are put in place (e.g. anonymisation, encryption, etc.).

2.8 How do We protect and safeguard Your personal data?

All processing operations are carried out pursuant to ESA Rules and Regulations, including ESA PDP Framework and ESA Security Regulations. In particular, the ESA collects and processes personal data in conditions protecting confidentiality, integrity and security of personal data.

In order to protect Your personal data, ESA has implemented a number of technical and organisational measures against the risks of loss as well as against unauthorised access, destruction, use, modification or disclosure of personal data, in particular when such risks concern sensitive personal data.

These measures consider the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. They may include, as appropriate, the pseudonymisation and encryption of personal data.

2.9 What are Your rights as data subject and how can you exercise them?

Under conditions detailed in the ESA PDP Framework, You have:

  • the right to be informed about the identity of the data controller, the contact details of the data protection officer, the purpose of the data processing, the data recipients to whom the personal data shall be disclosed, the rights of rectification or erasure of his/her data, the storage time-limits (if any), the practical modalities of exercising the rights, etc. ; this is the purpose of this privacy notice and any other notice referred to herein ;
  • the right to access the personal data We process about You; unless you have access to such data via an account, you may send us your request by email to dpo@esa.int ;
  • the right to have Your personal data erased, rectified, completed; if you want to review and correct the personal information, you can either do it yourself, in case you have access to such data via an account, or you may send us your request by email to dpo@esa.int ;
  • the right to lodge a complaint before the Supervisory authority, in accordance with the latter’s rules of procedure. In case You demonstrate, or have serious reasons to believe, that a data protection incident occurred in relation with Your personal data, following a decision of ESA, you may send notify us thereof by email to dpo@esa.int.

Once a request to erase data is received, we will ensure that the data are deleted unless it can be processed on another legal ground, as mentioned in Article 5.1 above. If Your data was processed for several purposes, We do not process personal data for the part of the processing for which consent has been withdrawn.

For instance:

  • Your personal data may continue to be processed for the performance of a legal obligation of ESA or where such data is necessary for the establishment, exercise, or defence of legal claims;
  • If there are multiple processing concerning You, based on consent, You have to expressly indicate which consent you wish to withdraw.

When the processing of Your personal data are based on Your consent and unless a specific case applies (e.g. see Article 6 above), You have also the right to withdraw Your consent.

You may wish to exercise any of the above-mentioned rights, by sending a request explicitly specifying Your query to the ESA DPO via e-mail at dpo@esa.int

You may be asked additional information to confirm your identity and/or to assist ESA to locate the data You are seeking.

Document version information:

Version: 1.0
Last Updated: 14 October 2024

Document Download

Filter by:

TERMS AND CONDITIONS FOR DESTINATION EARTH (DestinE) USERS GRANTED UPGRADED ACCESS

The following Terms and Conditions are released by the European Commission and will be applicable for the initial stage of the operation of DestinE, which is still under development.

Please read them before registering for the upgraded access to DestinE.

ARTICLE 1: DEFINITIONS

For the purposes of these Terms and Conditions, the following definitions apply:

Academia and Research: Public academia and research teams contributing or participating to the development of DestinE, either directly or through EU-funded research projects and activities or through relevant EU Member States or Associated Countries programmes or initiatives.

Associated Country: non-EU country associated to the Digital Europe Programme.

Destination Earth (DestinE): a flagship initiative of the European Commission to develop a highly accurate digital model of the Earth to model, monitor and simulate natural phenomena, hazards and the related human activities.

DestinE Core Service Platform (DestinE Platform): a user-friendly platform that provides a large number of users with evidence-based policy and decision-making tools, applications and services, based on an open, flexible, scalable and evolvable secure cloud-based architecture.

DestinE Data: Earth-system monitoring and prediction system output as provided by Destination Earth Digital Twins, as well as data that are generated by applications for Destination Earth and made available in the DestinE Data Lake.

DestinE Data Lake: a self-standing DestinE system component, interfacing with the Core Service Platform, Digital Twins and Digital Twin Engine, built from geographically distributed physical elements, that references and provides seamless access via GUIs or APIs to data in accordance with the DestinE Data Portfolio. The Data Lake supports near-data processing to maximize throughput and service scalability.

DestinE Data Portfolio: the DestinE Data Portfolio is tailored to user needs and composed of federated data, Digital Twin data and DestinE user generated data with a specified and agreed lifecycle.

(DestinE) Digital Twin(s) (DT(s)): Highly accurate replicas of the Earth-system that simulate the system’s behaviour, allowing to monitor and predict environmental change, test scientific hypotheses and adaptation scenarios. DestinE’s DTs combine several cutting-edge Earth-system models and Earth observations as well as advanced data analytics and integration and interoperability with impact sector applications. They are DestinE system components, interfacing with the Digital Twin Engine, offering a seamless production service of actionable knowledge for users that results from the fusion of observational and simulated data of the physical Earth system and of impact-sector relevant information.

Digital Twin Engine (DTE): Software-defined environment to operate DestinE’s DTs and manage their corresponding control and data flows across distributed HPC and cloud computing resources. It provides a common system approach to a unified orchestration of Earth-system Digital Twins. Moreover, it creates a framework for the fusion of observations with Earth-system simulations and the integration of applications targeting specific impact-sectors via selected use cases. The DTE enables the porting and optimization of codes, developing and managing the digital twin workflows, and provides the data handling and model interaction and interactivity capabilities that run on diverse HPC and cloud infrastructures including the Data Warehouse hosted on the data bridges. The DTE concept focuses on interoperability and interactivity and delivers the expected access agility and performance for the digital twins and associated data access.

DestinE Entrusted Entity: an entity implementing respective entrusted tasks in connection with DestinE in accordance with their respective contribution agreements, such as ECMWF, ESA and EUMETSAT.

DestinE Entrusted Entity’s Contractor(s): a legal entity with which a DestinE Entrusted Entity has a contract for provision of services, supplies or works for the implementation of DestinE in accordance with a respective contribution agreement.

DestinE Services for Users Granted Upgraded Access: all services accessible to Users Granted Upgraded Access through DestinE Platform.

EU Emblem: The official emblem of the European Union. Download the EU Emblem and graphical information

Intellectual Property Rights (IPR): any exclusive or non-exclusive right which exist in any intellectual property, in particular (but not limited to) any copyrights, database rights, patents, trademarks, service marks, design rights, or trade secrets together with any benefits which such Intellectual Property Rights give to the holder, in particular (but not limited to) the right to use, copy, modify, correct, adapt, enhance, improve, update, make new releases or new versions of, make derivative works of, offer, sell, lease, rent, license, distribute in any other way against or without payment, display, broadcast, transmit, or make accessible in networks (e.g. Internet, Intranet) the intellectual property in question in whole or in part and any copies thereof.

Member States: the States which are members of the European Union.

User Granted Upgraded Access (User): a registered user whose Upgraded Access to DestinE has been validated by the European Commission. Users Granted Upgraded Access are the following categories: Public authorities, Academia and Research, SMEs and start-ups, Third-country public authorities, DestinE Entrusted Entities’ staff and DestinE Entrusted Entities’ Contractors.

Public authorities: selected public authorities of EU Member States and Associated Countries. These include the EU institutions, agencies and bodies, public authorities of EU Member States and Associated Countries that have been granted Upgraded Access to the DestinE Services for Users Granted Upgraded Access and DestinE Data for official duty activities.

SME’s & start-ups:           EU and Associated Countries SME’s and start-ups contributing to or participating in the implementation and further development of DestinE.

Third country public authorities: selected third country public authorities following EU’s international commitments. These include The National Oceanic and Atmospheric Administration of the United States (NOAA), other public sector entities authorised under the AI4Good Administrative Agreement, and selected public authorities from the member states of DestinE Entrusted Entities.

Upgraded Access: access to all DestinE’s (advanced) features and services available on the DestinE Platform to test, help improve and develop the system.

ARTICLE 2: GRANT OF RIGHTS AND LIMITATIONS

2.1. The European Commission grants the User personal access to the DestinE Services for Users Granted Upgraded Access and DestinE Data strictly for official use within the scope of activities of the User, subject to the User’s acceptance of these Terms and Conditions.

2.2. The Users’ access rights are linked to their personal accounts and are non-transferable.

2.3 The User may only create and distribute services/applications/tools/data from which the original DestinE Data cannot be retrieved or reverse engineered.

2.4. The User shall not use the DestinE Services for Users Granted Upgraded Access and DestinE Data or any associated data, software, documentation, or other information for any purpose that contradicts the purposes outlined in Articles 2.1 and 2.3 without the prior written consent of the European Commission.

2.5. The User shall not reproduce, distribute, license, transfer, assign, sell, disclose to, or otherwise forward the DestinE Data or any associated data, software, documentation, or other information to any third party without the prior written consent of the European Commission.

ARTICLE 3: OWNERSHIP, INTELLECTUAL PROPERTY RIGHTS, AND ATTRIBUTION REQUIREMENTS

3.1. The DestinE Data remain the exclusive property of the European Union. The User’s rights to use the DestinE Data are specified in these Terms and Conditions, and the European Union retains all rights not expressly granted to the User in this document. The User may be required to clear additional rights if a specific content depicts identifiable private individuals or includes third-party works. To use or reproduce content that is not owned by the European Union, you may need to seek permission directly from the rightsholders.

3.2. The User acknowledges that all intellectual property rights to the DestinE Data belong to the European Union.

3.3. Subject to Articles 3.1 and 3.2, the intellectual property rights related to services/applications/tools/data created by the User using the DestinE Services for Users Granted Upgraded Access and DestinE Data are owned by the User creating those services/applications/tools.

3.4.   The Users creating services/applications/tools/data using the DestinE Services for Users Granted Upgraded Access and DestinE Data shall mention that they rely on these elements and refer to the European Commission in their distribution, as well as indicate if changes were made to DestinE Data. For avoidance of doubt, ‘changes’ will include but will not be limited to aggregation, transformation, interpolation or integration with other data sources, which results in services/applications/tools/data that are distinct from the DestinE Services for Users Granted Upgraded Access and DestinE Data and must be clearly identified as such. The User shall not describe, present, or otherwise represent any services/applications/tools/data derived from or based on the DestinE Services for Users Granted Upgraded Access and DestinE Data as original DestinE Services for Users Granted Upgraded Access and DestinE Data. The attribution must be displayed prominently and provided alongside, within, or co-located with the services/applications/tools/data in the form of the following wording: “This service/application/tool/data is created [based on data of the European Commission] and/or [using Destination Earth Platform] (but has been modified by [User’s name]).”  The User may be required to include additional attributions if a specific content depicts such a requirement.

3.5. The User accepts all responsibility and liability for the services/applications/tools/data created by the User using the DestinE Services for Users Granted Upgraded Access and DestinE Data.

ARTICLE 4: NON-LIABILITY

4.1. The European Commission shall accept no responsibility or liability regarding any services, data and information on the DestinE Platform.

4.2. DestinE Data are provided without any express or implied warranty from the European Commission as regards their quality, accuracy, completeness, availability, reliability, speed and suitability for any purpose. The European Commission may make changes to their content at any time and will notify the users of these changes on best effort basis.

4.3. By using the DestinE Platform, Services for Users Granted Upgraded Access and DestinE Data, the user renounces any claim for damages against the European Union. The scope of this waiver encompasses any dispute, including contracts and torts claims, that might be filed in court, in arbitration or in any other form of dispute settlement.

ARTICLE 5: EXTERNAL WEBSITE DISCLAIMER AND DATA PROTECTION

5.1. The DestinE Platform website is an external website, which is not owned by the European Commission, and for which the European Commission assumes no responsibility.

5.2. When Users choose to use the above-mentioned external website, they are subject to the cookie, privacy, and legal policies of that external website. The European Commission can instruct the external website to display or include a link to the European Commission’s privacy notice, which shall be identified as such.

5.3. Compliance with applicable data protection and accessibility requirements of external websites is the explicit responsibility of the external website.

ARTICLE 6: USE OF THE EU EMBLEM BY THIRD PARTIES

6.1. The principles of use of the EU emblem by third parties have been set out in an administrative agreement with the Council of Europe. This agreement has been published in the Official Journal of the European Union on 08/09/2012 (2012/C 271/04). According to this agreement, any natural or legal person (“third-party user”) may use the EU emblem or any of its elements, as long as this use:

  1. does not create the impression or assumption that there is a connection between the third-party user and any of the institutions, bodies, offices, agencies and organs of the European Union or the Council of Europe where this connection does not exist;
  2. does not lead the public to believe that the user benefits from the support, sponsorship, approval, or consent of any of the institutions, bodies, offices, agencies and organs of the European Union or the Council of Europe where this is not the case;
  3. is not made in connection with any objective or activity which is incompatible with the aims and principles of the European Union or the Council of Europe or is otherwise unlawful.

6.2. If the use of the EU emblem complies with the above conditions, there is no need to ask for written permission.

6.3. Registration of the EU emblem, or a heraldic imitation thereof, as a trademark or as any other IP right is not acceptable.

ARTICLE 7: ENTIRE AGREEMENT

These Terms and Conditions constitute the entire agreement between the User and the European Commission regarding the use of the DestinE Services for Users Granted Upgraded Access and DestinE Data.

ARTICLE 8: CHANGES TO TERMS AND CONDITIONS

The European Commission reserves the right to modify or update these Terms and Conditions at any time without prior notice. The User’s continued use of the DestinE Services for Users Granted Upgraded Access and DestinE Data shall be deemed acceptance of the modified or updated Terms and Conditions.

ARTICLE 9: ACKNOWLEDGMENT

By accepting these Terms and Conditions, the User acknowledges that they have read, understood, and agreed to be bound by these Terms and Conditions.