gsa logo green lane logo

Privacy statement on the protection of personal data in relation to the Galileo Green Lane application

All personal data are dealt with in compliance with the applicable rules on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data (currently Regulation (EU) No 2018/1725).

The following data protection information notice outlines the criteria by which the GSA collects, manages and uses the data in relation to the Galileo Green Lane application.

Identity of controller and data protection officer:

Controller: European Global Navigation Satellite Systems Agency (GSA), Head of the GSA Market Development Department, market@gsa.europa.eu

DPO: European Global Navigation Satellite Systems Agency (GSA), Data Protection Officer; dpo@gsa.europa.eu

Purpose(s) of processing:

The purposes of the processing of personal data through the application are the following:

  • provision of the functionalities offered by the application, specifically real-time awareness on the main European border crossings in terms of traffic and waiting time;
  • fixing bugging issues related to the use of the application;
  • provision of support or additional information on the Galileo Green Lane initiative

Description of the processing undertaken when using the application:

The application creates an unique application instance ID for each user, in line with the procedure recommended by Google ( https://developer.android.com/training/articles/user-data-ids#instance-ids-guids ).

The used method “UUID.randomUUID()” foresees that the running instance is globally unique. It ensures user anonymity, as it does not require any device or user specific data compared to non-resettable, device-scoped hardware IDs.

The Universally unique identifier (UUID) is generated on the first start of the application after its installation and, from that point on, each user is fully anonymised, considering that the location data collected from the device can be linked only to the UUID, not to a specific identifiable device.

Users need to allow for only one permission: to access device location

Location data is collected and used every few seconds to update the user’s position on the map. In this case the location coordinates are only stored on the application itself not on the server.

Coordinates are only sent and stored to the server in the following cases:

  • In geofencing mode, once the driver enters the geofenced area (2km diameter on the border crossing) coordinates are used to calculate the delay between the outer diameter and the broader crossing point. These coordinates are sent to the server referenced with the mentioned UUID.
  • In border crossing mode, coordinates are taken at the time of reporting the status on the border crossing. Data is sent to the server for statistical evaluation.

Data/Categories of data concerned:

  • location data
  • Universally unique identifier (UUID) allocated to each user as per the process explained above

Recipients/Categories of recipients of the data processed:

  • Data processors: GSA engages the following external contractors which are bound by personal data protection rules equal to those applying to the GSA:
    • a limited number of staff of the GSA contractors (and their (sub-)contractor) in charge of the development and operation of the application;
  • Bodies charged with a monitoring or inspection task in application of Union law (e.g. internal audits, Financial Irregularities Panel, European Anti-fraud Office – OLAF)

Any recipient shall be reminded of its obligation not to use the data received for other purposes than the one for which they were transmitted

Legal basis/Lawfulness of the processing:

Processing is based on the consent of the data subject (Art. 5(1)(d) of Regulation 2018/1725): data subjects unambiguously give their consent to the collection and processing of their personal data, when opening the application for the first time.

Considering that the location data is collected from the terminal equipment of the application’s users, the provision of consent is also in line with Article 37 of Regulation (EU) 2018/1725.

Information on the storage locations and retention period of data:

Personal data is stored electronically on the servers of the GSA contractors. These servers are located in the EU and abiding by the necessary security provisions.

Data deletion process:

  • Data stored on the application’s server: location coordinates which are sent to the application’s server (i.e. when the application is in the geofencing and border crossing modes as explained above), are stored on the server’s database for aggregation and analysis. These data points are deleted on regular basis; specifically, location coordinates older than 7 (seven) days are deleted from the database automatically and cannot be recovered in the future.
  • Data stored in the application: location coordinates stored on the application on the device itself are kept only until:
    • the data is sent to the application’s server (i.e. when the application is in the geofencing and border crossing modes as explained above), and/or
    • the user quits the application

After either of the above eventualities, the location coordinates are automatically deleted from the user’s device.

The data subject’s rights:

  • Right of access: users can obtain confirmation as to whether or not his or her personal data are being processed, access the data and obtain detailed information on the processing;
  • Right to rectification: users can update, correct and complement at any time their data;
  • Right to erasure: users may obtain the erasure of their personal data provided that there are grounds for the exercise of this right, as per the applicable rules (Article 19 Regulation 2018/1725);
  • Right to restriction of processing: users may obtain from the GSA restriction of processing of their personal data provided that there are grounds for the exercise of this right, as per the applicable rules (Article 20 Regulation 2018/1725);
  • Right to data portability: users may obtain their personal data, submitted to the GSA, in a structured, commonly used and machine-readable format and transmit them to another controller provided that there are grounds for the exercise of this right, as per the applicable rules (Article 22 Regulation 2018/1725);
  • Users are entitled to lodge a complaint at any time with the European Data Protection Supervisor (http://www.edps.europa.eu; EDPS@edps.europa.eu) if they consider that their rights under the applicable rules on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data have been infringed as a result of the processing of their personal data by the GSA;
  • Users can withdraw their consent at any time before by recalling the location permission of the Galileo Green Lane application, without this affecting the lawfulness of the processing before the withdrawal; depending on the user’s operating system, this setting can be found as follows in:
    • Android: settings →biometrics and security →app permissions →location

Any request for the exercise of any of the abovementioned rights shall be addressed to the GSA Market Development Department at market@gsa.europa.eu; users are kindly requested to describe their requests explicitly.

Contact information:

  • Regarding the processing of your personal data: market@gsa.europa.eu citing the UUID which can be found in the “configuration section” of the app.
  • Regarding the interpretation, application or breach of Regulation (EU) 2018/1725, please contact the GSA Data Protection Officer (DPO) at dpo@gsa.europa.eu.