news backtotop calendar clock cubes home meal questions warning plus minus caret-down caret-up caret-left caret-right angle-left angle-right angle-up angle-down file-pdf file share-square-o

Data protection

Parent's note


Privacy statement

Articles 15 and 16 of Regulation (EU) 2018/1725 of the European Parliament and the Council of 23 October 2018 apply to the processing of personal data carried out by the European Parliament.

Who processes your personal data?

  • The data controller1 is the European Parliament, more specifically the Working Time and Childcare Facilities Unit in the Directorate-General for Personnel, represented by the head of unit, Florence WALLERAND.
  • You can contact the controller at for staff in Brussels and for staff in Luxembourg and Strasbourg.

For what purpose are your personal data being processed?

Your personal data are processed in connection with an application for admission to a crèche or family room for which the European Parliament is responsible.

What is the legal basis for the processing?

Legal basis for the processing:

Luxembourg site:

  • Interinstitutional rules on the Early Childhood Centre

Brussels site:

  • Rules on the crèches and nursery sections
  • Medical Rules
  • Rules on the family room in Brussels (day-care centre)

Strasbourg site:

  • Rules on the family room in Strasbourg (Les Cigognes)

What personal data are processed?

Personal identification numbers (NUP, staff numbers), surnames, first names, addresses, private and professional telephone numbers of staff members, spouses, children, contact persons in the event of an emergency, persons authorised to take charge of the child, family links, main language of the child, data appearing on salary statements, data on family situation (certificates of family composition, residence, marriage and birth certificates, divorce and custody judgments, etc.) and professional situation (career, promotions, recruitment, working hours, grade, employer, employment contracts, tax sheets, certificates of membership of a family benefits fund, etc.), pregnancy certificates, leave declarations, missions, absences, bank accounts, health information concerning the child, such as weight, height, diets, health status, deficits, disabilities, illnesses, surgical procedures, allergies, medication prescribed and vaccines.

How will your personal data be processed?

Your data are processed electronically and are stored in an Access database accessible only to staff in the EP’s crèche service and in Papyrus, a web application used to manage the internal archives in DG PERS. The crèche section of Papyrus is accessible only to staff in the EP’s crèche service. The child’s administrative file is also archived in paper form by the crèche service in locked cupboards. The medical file is archived in paper form in a locked cupboard in the infirmary of the crèches and in Luxembourg also in the child’s file in the crèche service.

How long will your personal data be stored for?

The file is retained for up to one year after the child leaves the crèche. The part concerning the calculation of the parental contribution may be retained until the last contribution due has been paid.

Who are the recipients of your personal data?

The administrative managers, the head of service and the head of unit responsible for the crèche service. The recipients of the medical data are the crèche infirmaries.

Will your personal data be shared with a non-EU country or international organisation?

No, your personal data will not be shared with a non-EU country or international organisation.

Are any automated processes2 and/or profiling3 used to make decisions which could affect you?


If personal data have not been obtained from you, what is their source?

Your personal data can also come from the HRM Portal, the human resources management portal of the European Parliament.

What rights do you have?

You have the following rights:

  • right of access to your personal data;
  • right to rectification of your personal data;
  • where applicable, right to erasure of your personal data;
  • where applicable, right to restriction of processing of your personal data;
  • where applicable, right to object to processing of your personal data;
  • right to contact the European Parliament’s Data Protection Officer at;
  • right to lodge a complaint with the European Data Protection Supervisor at



1 A controller is the public authority, institution or other body which, alone or jointly with others, determines the purposes for and the means by which personal data are to be processed. The controller is represented by the head of the organisational entity concerned.

2 Making a decision solely by automated means and without any human involvement. {For example: internet page where selecting certain options automatically leads to your name being included on mailing lists for a monthly newsletter / using an automated system to mark multiple choice test answers and give a mark on the basis of the number of correct answers.}

3 Profiling analyses aspects of an individual’s personality, behaviour, interests and habits in order to make predictions or decisions about them. Profiling is used to analyse or predict aspects relating to the data subject’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements, etc. {Example: when you use social media tools, data are collected and your user patterns are recorded. These data are then used to make new predictions about you.}