Privacy statement for BCL recorded and non-recorded Webex sessions
1. BCL’s legal framework
When processing personal data, the BCL complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (the GDPR).
When processing personal data, Cisco relies on the standard contractual clauses approved by the European Commission for transfer mechanisms:
and on the EU Code of conduct for Cloud providers:
Cisco’s privacy statement is available on its website:
https://www.cisco.com/c/en/us/about/legal/privacy-full.html
2. Why do we process personal data?
Personal data is processed to provide the service to you.
3. What is the legal basis for processing your personal data?
Your personal data is processed by the BCL:
Based on your consent to the processing (article 6.1(a) of the GDPR, by providing the personal data requested. Participation in Webex sessions is voluntary, and you can decline to consent at the time of your connexion to a Webex session. Should you do so, the BCL shall not process your personal data, but potential processing of prior personal data shall remain lawful.
Your personal data is processed by Cisco:
Based on the contractual relationship between the BCL and Cisco in order to provide the Webex service. Limited categories of personal data (user name, email address) are processed by Cisco to manage the service.
4. Who is responsible for processing your personal data?
The BCL is the controller of the personal data collected for Webex sessions.
5. Who has access to your personal data?
The panelists of the Webex session shall have access to your data, for the time of the session. IT administrators may have access to your data for troubleshooting purpose.
Dedicated employees of Cisco in charge of managing the service have access to your personal data.
6. Where is your data transferred to, processed and stored?
Cisco processes your data in compliance with EU data protection standards (standard contractual clauses approved by the European Commission);
Cisco stores your data in the EU. Recorded sessions with Webex Webinar shall be stored by Cisco on one of its datacenters located in Europe:
7. How long will the BCL and Cisco keep your personal data?
The BCL stores the personal data recorded during the session for as long as necessary for the purpose of the meeting session.
At Cisco, most of the personal data collected will only be stored until the end of the Webex session.
8. What are your rights?
You have the right to access your personal data and correct any data that is inaccurate or incomplete. Subject to certain limitations, you also have the right to:
- delete your personal data;
- restrict or object to the processing of your personal data in line with the relevant provisions of the GDPR.
9. Who to contact in case of queries or requests?
You can send any query related to your personal data or exercise any of your rights by contacting the BCL Data Protection Officer (dpo@bcl.lu) at the following address:
Banque centrale du Luxembourg
Att. Data Protection Officer
2, bd Royal
L-2983 Luxembourg
If you consider that your rights under the GDPR have been infringed as a result of the processing of your personal data, you have the right to lodge a complaint with the CNPD at any time.