Privacy Notice for CAF Purpose

Last updated: December 16, 2021

This page informs you of the privacy policies the European Institute of Public Administration, with its headquarters in Maastricht (NL), 22 Onze Lieve Vrouweplein , 6211 HE (hereinafter referred to as EIPA, “us”, “we”, or “our” ), has in place when collecting, processing, using and disclosing your personal data.

We collect, process, use and disclose your personal data in order to comply with the mandate given to EIPA by the European Public Administration Network (EUPAN) to act as the European Common Assessment Framework Resource Centre (hereinafter referred to as the “European CAF RC”). We collect and archive your personal data, in order to comply exclusively with the tasks mandated to the European CAF RC, at its creation, these being:


“The EIPA CAF Resource Centre, with the help of the national correspondents and its network of organisations, keeps track of CAF users in Europe and invites them to introduce their good practices in the EIPA database. When registering as a CAF user at the website of the European Institute of Public Administration (EIPA) – – an organisation is able to register its organisation details, its CAF self-assessment scores (optional & confidential) and information on its good practices. By offering key information the database can help public sector organisations identify suitable bench learning partners i.e. to allow a search for CAF users in a particular country, sector of activity, or good practice area” SOURCE : CAF 2006.

Based on the above mentioned mandate, EIPA is hosting the EU_CAF_RC digital database.

We collect and store the personal data that:

a) You share with us when registering into the European CAF RC database and

b) The CAF national correspondents collect from you or that you provide to the CAF national correspondents in any way (e.g. by e-mail, input into the national CAF database, if any) for the purposes specified under the previous mentioned mandate.

We use your personal data for the purpose described in 2 above, only for research, bench learning and facilitation purposes on the use of CAF. We work in close cooperation with the Network of CAF national correspondents and share with them our data only for research purposes, and for the invitations to the European CAF Users annual events.

The categories of data we receive, store and process are as follows: name and surname of the person of contact, e-mail address, organisation using CAF details,; case studies or best practice as described by the organisation, when such case studies or best practices include the personal data of projects coordinators, employees of the organisation using CAF, etc.

We also collect e-mail communication data from you to help us with the research, bench learning and facilitation purposes on the use of CAF, e.g. we often receive a confirmation when you open the survey, e-mail from EIPA’s website or third party provider assisting EIPA in deploying such a survey.

Your personal data is an important part of our business and we are only using it as per the purpose we explained in point 3 above and strictly in connection with the mandate EIPA has as the European CAF RC. EIPA shares customer data only as described below.

  • Third party service providers & partners in CAF activities: We employ other companies and individuals to perform functions on our behalf. Examples include internet use, website, cloud providers for the management of our business, third provider analysing data (e.g. surveys’ results and other online tools we share with you for research and analysis), third parties providing assistance in research and analysis and deployment of such request (e.g. automatic delivery of online tools when you take part in one of our survey or case studies), providing search results and links. They have access to personal data needed to perform their functions, but may not use it for other purposes.
    Further, they must process the personal data in accordance with this Privacy Notice herein and as permitted by applicable data protection laws. In addition, EIPA, based on its mission as a European CAF RC, collaborates with different partners on various CAF related projects, e.g. European institutions, agencies and bodies, universities, international organisations, public sector organisations and may use your personal data for common or partnership projects, to collect insights and assess recent experience with CAF, facilitate exchange of good practices and other similar activities. For these purposes, your personal data may be used to develop and deliver such co-projects, nevertheless the personal data will be not be transferred to these third parties, except in an anonymised form.
  • Protection of EIPA and others: We release account and other personal data when we believe release is appropriate to comply with the law; enforce or apply our general terms and conditions and other agreements; or protect the rights, property or safety of EIPA, our users or others. This includes exchanging data with other companies and organisations. Obviously, however, this does not include selling, renting, sharing or otherwise disclosing personally identifiable data from customers for commercial purposes in a way that is contrary to the commitments made herein.
  • With your consent: other than as set out above, you will receive notice when data about you might go to third parties and you will have an opportunity to choose not to share the data.
  • You can request a copy of the personal data we hold about you
  • You can request us to correct the personal data we hold about you when this personal data is incomplete or not accurate
  • You can ask us to delete some of your personal data (for example if your personal data are no longer necessary for the purpose we indicated in point 3 above; e.g. you are no longer working in a public sector organisation)

You can request the above by sending an e-mail to

EIPA retains your personal data no longer than is necessary and proportionate for the purpose for which it has been gathered or supplied and will store the personal data for the shortest amount of time possible. If you need more information on the retention policy, please contact

If you have any concern about privacy at EIPA, please contact please contact us at with a thorough description and we will try to resolve the issue for you.

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

Like many websites, third party providers involved in the online tools we share with you may place cookies to your browser. For more information on the cookies, please check our Cookie Policy here.