South-East Asia IPR SME Helpdesk

Privacy Notice

Protecting your privacy is of the utmost importance to the SOUTH-EAST ASIA IP SME Helpdesk (‘Helpdesk or ‘us’). The Helpdesk is committed to respecting and protecting your personal data and ensuring your rights as a data subject. All data of a personal nature that identifies you directly or indirectly will be handled fairly, lawfully and with due care.

This processing operation is subject to Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

1. What is the nature of the processing operation and what do we do with your data?

Personal data is processed for the purposes of communication/transparency to provide and make available information on the projects’ activities/initiatives/events, etc.

Based on the above, we use your data to:

  • Compile project statistics for project reporting purposes;
  • If you are using the Helpline service, to ask for more information about your query in the case that clarifications are needed; to send an answer to your IP question; ask your feedback about the usefulness of the answers provided; and in limited instances, to follow up on your case; use of pictures and/or audiovisual items on social media and on the project’s website;
  • If you chose to subscribe to the Newsletter, to send you a Campaign-Monitor-based Newsletter via e-mail;
  • If you attend to a training session or awareness-raising event, to send you information about the services or event as well as a follow-up email with useful materials (when relevant);
  • In addition, you may exceptionally be contacted by our services in very limited instances – e.g. information about an update to the privacy policy, offering collaboration opportunities, or for a survey about user needs and service improvements.

2. What personal data do we process?

The categories/types of personal data processed are the following:

  • Email
  • Given name and family name
  • Telephone • Website address
  • HQ location • Company name (if any)
  • Type of organization • Sector/Industry
  • Number of employees
  • Company annual turnover
  • Annual sales • Countries of scope
  • Stage of business in ASEAN
  • Number of employees in ASEAN
  • Official photos of events
  • Multimedia items showing the people participating in official events, their image, voices, statements, opinions, etc.

3. Who is responsible for processing the data?

The data controller of the processing operation is Head of Unit A.1 COSME, representing the Executive Agency for Small and Medium-sized Enterprises (EASME), which acts under the powers delegated by the European Commission.

Personal data is processed by PRACSIS sprl, the agencies of EURACSIS and PRACSIS SOUTH-EAST ASIA office, EURICE – European Research and Project Office GmbH, SPI – Sociedade Portuguesa de Inovaçao and Eurocham VN – European Chamber of Commerce in Vietnam.

4. Who has access to your personal data and to whom is it disclosed?

Images and other audiovisual items are published on the websites and social media and available to the general public.

Other personal data is only accessible by the Helpdesk and the controller, as well as the bodies charged with monitoring or inspection tasks in application of EU law (e.g. internal audits, Court of Auditors, European Anti-fraud Office (OLAF)) and other EU institutions and bodies on a need-to-know basis. Personal data is not used for any other purposes or disclosed to any other recipient nor third countries or international organisations.

5. How do we protect and safeguard your information?

We take appropriate technical and organisational measures to safeguard and protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

All personal data related to the projects’ procedures is stored in secure IT applications according to the Office’s security standards, as well as in specific electronic folders accessible to authorised recipients only. Appropriate levels of access are granted individually only to the abovementioned recipients.

The database is password-protected under a single sign-on system and connected automatically to the user’s ID. E-records are held securely to safeguard the confidentiality and privacy of the data therein.

6. How can you access your personal information and, if necessary, correct it? How can you receive your data? How can you request that your personal data be erased, or restrict or object to its processing?

You have the right to access, rectify, erase, and receive your personal data, as well as restrict its processing or object to the same, as provided in Articles 17 to 24 of Regulation (EU) 2018/1725.

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. You also have the right to have your data completely removed from our database. To modify or remove your personal information completely from our website and database, please send an email to:

Your request will be answered without undue delay, and in any event within 1 month of receipt of the request. However, according to Article 14(3) of Regulation (EU) 2018/1725, this period may be extended by up to 2 months where necessary, taking into account the complexity and number of requests. The Office will inform you of any such extension within 1 month of receipt of the request, together with the reasons for the delay.

Alternatively, note that you can log in to your profile and edit your own data at any time.

Third-party platforms

Finally, it may be possible that the Helpdesk webpage contains links to other sites whose data processing practices are different from ours. Neither the consortium partners nor the European Union are responsible for the privacy practices implemented on any of these external sites. You should be aware of this when leaving the Helpdesk website and we encourage you to read the privacy statements on such external websites, as we have no control over the information that is submitted to or collected by these third parties.

We also use third-party platforms to carry out some of our services for you and you can find their privacy policies separately on their website, namely:

7. What is the legal basis for processing your data?

Personal data is processed in accordance with Article 5(1)(a) of Regulation (EU) 2018/1725, which states that ‘processing is necessary for the performance of a task carried out in the public interest’.

Personal data is collected and processed in accordance with the contract signed between the Project Contracting Authority, namely the Executive Agency for Small and Medium-sized Enterprises (EASME), PRACSIS sprl, the agencies of EURACSIS and PRACSIS SOUTH-EAST ASIA office, EURICE – European Research and Project Office GmbH, SPI – Sociedade Portuguesa de Inovaçao and Eurocham VN – European Chamber of Commerce in Vietnam.

8. How long can data be kept?

Personal data will be kept only for the time needed to achieve the purpose for which it is processed.

All data related to the project will be stored for the duration of the project. This is normally 7 years. Information will be shared on the website and in the media and is stored for as long as the European Commission considers it appropriate.

In the event of a formal appeal, all data held at the time of the appeal will be retained until the completion of the appeal process.

9. Contact information

Should you have any queries on the processing of your personal data, please address them to the data controller, Head of Unit A.1 COSME, at:

You shall have right of recourse at any time to the EASME Data Protection Officer at EASME-DPO@ec.europa and to the European Data Protection Supervisor at

10. Links to other websites

It may be possible that the Helpdesk web pages contain links to other sites whose privacy practices may differ. Neither the Helpdesk nor the European Commission, nor EASME are responsible for the Privacy Policy of these websites.

We encourage you to read the privacy statements on other web sites you visit, as we have no control over information that is submitted to, or collected by, these third parties.

11. Cookies

What is a cookie?

A cookie is a simple text file that is stored on your computer or mobile device while you browse a website by such website’s and allows a website storing you browse preferences such as visits frequency, preferred options, etc.

Below there is a list of the most important cookies is using:

Name of the cookie Origin Purpose of the cookie Expiration


To track visitors

2 year


To track visitors

1 year


To track visitors

1 year


To track visitors

1 year


To track visitors

24 hours


To track visitors

24 hours


Drupal uses this cookie to indicate whether or not the visitors browser has JavaScript enabled.

cookie-agreed Acceptance of these Terms 3 months


To track visitors.

15 days


To track visitors.