Privacy Statement


European Education and Culture Executive Agency


Collection and publication of personal data on Higher Education Reform Experts (HEREs)

Privacy Statement

The European Education and Culture Executive Agency ("EACEA") is committed to preserving your privacy. All personal data are dealt with in accordance with Regulation (EU) No 2018/1725 on the protection of personal data by the Union institutions, bodies, offices and agencies[1] ("the data protection regulation").

The following Privacy statement outlines the policies by which the EACEA collects, manages and uses the personal data of the concerned individuals within the Higher Education Reform Experts (HEREs).

The SPHERE team based in the University of Barcelona is a contractor of EACEA and, as part of its tasks, runs the HERE platform which is subject to the privacy policy set-out below.


  1. Who is responsible for processing your personal data (data controller)?

The controller is the European Education and Culture Executive Agency, Avenue du Bourget 1, BE-1049 Brussels

The person designated as being in charge of the processing operation is the Head of Unit A4 Erasmus+: Higher Education – International Capacity Building



  1. Which personal data are processed?

All information of personal nature is provided by users in order to register on the website. The following fields will be required on the HERE portal during the registration:

  • Personal title
  • Academic title
  • First name
  • Last name
  • Country
  • Institution/Organisation name
  • Address (optional)
  • E-mail address
  • Role in the Virtual Community
  • Field of expertise in higher education reform topics
  1. For which purpose do we process your data?

The Higher Education Reform Expert Portal aims to provide mechanisms of information, communication and coordination, which will ensure a smooth functioning of the national teams of Higher Education Reform Experts. The web platform shall serve as a communication tool for the expert community, as a source of information and as a registration website for events. The personal data is collected so that the EACEA and its service provider, the SPHERE team, can have regular contacts with the members of the HERE network for training and information purposes. Making the personal data visible to registered users of the portal will also facilitate networking and contacts between individual HEREs.

  1. Where the data is collected from?

In order to register on the HERE portal, users are requested to fill in the fields required in order to finalise the registration.

  1. Who has access to your personal data and to whom is it disclosed?

Data on the website will be visible to the staff of the service provider the SPHERE team and to registered users of the website.

Access to personal data may be given on a need-to know basis to the following recipients:

  • EACEA's Unit A4 - Higher Education – International Capacity Building
  • European Commission, DG EAC
  • EU Delegations
  • National Erasmus+ Offices

In case of control or dispute the bodies charged with a monitoring or inspection task in application of Union law (e.g. Internal Audit Service, European Commission, OLAF, EU Courts etc.).

  1. How long do we keep your personal data?

As a registered user of the HERE portal you will receive a reminder one year after the last login. If you do not login at that stage, your data will be set to inactive. After 3 years from your last login, another reminder will be sent. If there is still no answer, the data will be deleted. Data can be deleted at any stage upon your request.

  1. What are your rights concerning your personal data and how can you exercise them?

Under the provisions of the data protection regulation, you have the right to:

  • Request to access the personal data EACEA holds about you;
  • Request a rectification of your personal data where necessary;
  • Request the erasure of your personal data;
  • Request the restriction of the processing of your personal data;
  • Request to receive or to have your data transferred to another organization in commonly used machine readable standard format (data portability).

As this processing of your personal data is based on point  of Article 5(1)(a) of the data protection regulation, you have the right to object to processing of your personal data on grounds relating to your particular situation under the provisions of Article 23 of the data protection regulation.

In addition, as this processing of your personal data is based on your consent [Article 5(1)(d)], please note that you can withdraw it at any time, and this will have effect from the moment of your retraction. The processing based on your consent before its withdrawal will remain lawful.

To exercise your rights, please contact the controller as indicated under point 1 above by explicitly specifying your request.

  1. Your right to have recourse in case of conflict on any personal data issue

In case of conflict on any personal data protection issue you can address yourself to the Controller at the above mentioned address and functional mailbox.

You can also contact the Data Protection Officer of EACEA at the following email address:

You may lodge a complaint with the European Data Protection Supervisor at any time:

  1. On which legal basis are we processing your personal data?

The Agency is processing personal data on the basis of Article 5(1)(a)-(c) of the Regulation(EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018:

(a) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Union institution or body (to be laid down in Union Law);

  • Commission Implementing Decision of 18 December 2013 establishing the ‘European Education and Culture Executive Agency’ and repealing Decision 2009/336/EC (OJ L 343/46  of 19.12.2013);
  • The Erasmus+ Programme established under REGULATION (EU) No 1288/2013 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 11 December 2013 (OJ L347/50 of the 20.12.2013).


(d) the data subject has given consent to the processing of his or her personal data for one or more specific purposes.


[1] Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC Text with EEA relevance, OJ L 295, 21.11.2018, p. 39.



Cookie Policy

What Are Cookies?

As is common practice with almost all professional websites this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or 'break' certain elements of the sites functionality.

How do we use cookies?

This website uses ‘technical’ cookies that do not track users and serve the website’s normal functionality.

A number of our pages use cookies to remember if you have agreed (or not) to our use of cookies on this site.

  • We do not sell, trade, or otherwise transfer your personal information to outside parties.
  • We do not include or offer third-party products or services on our website.
  • We honour Do Not Track signals and do not track, set cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
  • We do not allow third-party behavioural tracking.

This website uses Google Analytics, a web analytics service of Google Incwhich is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. Google Analytics uses cookies stored on your computer that enable analysis of your usage of the website by you. Google Analytics will store IP addresses in anonymized form. Further information on the conditions of use and data protection of Google Analytics can be found at:

These cookies are not used for any purpose other than those described here.

Private data

In order to comply with the General Data Protection Regulation, if a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, we will communicate the personal data breach to the data subject as soon as possible via email.

Should any changes to this data protection declaration occur, they will be published on this website together with the date of the change.

Disabling/Enabling Cookies

You can prevent the setting of cookies by adjusting the settings on your browser. You can delete all cookies that are already on your device and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.