Last updated on 24 January 2025

 

This privacy notice explains how the Council of Europe processes personal data submitted for external recruitment, spontaneous applications, secondments, traineeships, and study visits, including the purposes for the processing of the candidates’ personal data, how that information is used, which protection of the personal data is provided, and what rights the candidates have in relation to their personal data. It also specifies the contact details that may be used in order to exercise data protection rights.

As information privacy is an ongoing responsibility, this notice will be updated where necessary.


1 - Who is responsible for data processing?

The Council of Europe Directorate of Human Resources (DHR or “we”) is the “data controller” with respect to the processing of personal data, which means it has the decision-making power concerning the data processing.

Processing of personal data is governed by the Council of Europe Regulations on the Protection of Personal Data adopted by the Committee of Ministers on 15 June 2022.


2 - What personal data do we process and for what purposes?

We process personal data to recruit candidates for available vacancies, collect external speculative applications, select candidates for secondment, traineeships, or study visit opportunities.

2.1 - Selection of application forms or CVs

For the purpose of selecting application forms or CVs of the suitable candidates, we, in particular:

  • Process the data relating to the identity and nationality of the candidates;
  • Verify that the candidate meets the conditions for recruitment, secondment or traineeship/study visit specified in the Organisation’s rules as well as in the relevant vacancy notice or call for candidates of secondment or traineeship/study visit opportunity;
  • Assess the professional experience, training and competencies of the candidate.

For these purposes, we process the following categories of personal data:

  • Name and surname, address, gender, nationalities, and date of birth;
  • Contact details (postal address, email address, telephone number);
  • Preferred minimum and maximum working time;
  • Motivation to apply;
  • Information related to the application, in particular, how did the candidate learn of the vacancy, and the candidate’s professional experience, if any, with the Council of Europe;
  • Information for the evaluation of eligibility or selection criteria (this may include specific information concerning nationality of a Member State of the Council of Europe, the candidate being under the Council of Europe pension age, specific qualifications or expertise, minimum professional experience, language competencies, family ties with serving staff of the Council of Europe, including their names and relationship to the candidate);
  • Educational background (type and field of education, name of educational establishment and country, title of the course, whether it is on-going or completed, start and end dates, and description of the main content of education);
  • Professional experience including details of current and past employments (job title, employer, country, type of employment, whether this is current or past employment, start and end dates, whether this is/was full-time or part-time employment, and description of the role and responsibilities);
  • Linguistic and other skills;
  • Publications.

With regard to candidates for secondment opportunities, for the purpose of assessing the candidate’s eligibility, we may also process the data concerning the candidate’s status as an employee or staff member of a public sector administration; any steps taken by the candidate to obtain the administration’s preliminary approval for the secondment; the name of a contact person within the administration; as well as a copy of the employment contract and a payslip.

The candidates may also be asked about any special needs they might have to determine whether reasonable accommodations in the workplace would be required.

2.2 - Tests and interviews

When candidates are invited to sit tests, we process the answers provided during these tests, as well as test results, scores, and evaluations. Where the candidates are invited to sit online tests with remote invigilation, the test may involve recording of a video of the candidate sitting the assessment with computer webcam.

When candidates are invited for an interview, we process the information they provide during the interview, as well as the observations made and notes taken by the interviewers in relation to the candidates.

2.3 - Pre-selection list

We ask candidates placed on pre-selection list to provide additional personal information, which includes:

  • References (names, e-mail addresses, and the context in which the candidate worked with the referee);
  • Information related to criminal proceedings and/or serious professional misconduct,
  • Notice period the candidate is currently subject to, if any.

Pre-selection lists may also include such information as the candidate’s availability, profile, motivation and areas of interest.

2.4 - Background checks

Prior to making a job offer to a preselected candidate, we may conduct a background check. The purpose of a background check is to confirm the accuracy of the details provided by the candidate as well as to evaluate the candidate’s character and integrity by checking for any past activity that might indicate potential risks for the Council of Europe’s operations and reputation.

We may conduct a standard background check on a preselected candidate to any job. It includes verification of the identity, academic and professional record, and references. For this purpose, we may contact the references the candidate provided, as well as her or his former or current employers and educational establishments. We will process any additional information about the candidate that they might volunteer. We may also consult commercial registers and public databases and process the relevant information concerning the candidate.

Enhanced background check only concerns shortlisted candidates for appointment to grades A6 and A7 as well as to any job at the Register of Damage for Ukraine, or any job related to security matters. It includes (i) verification of criminal record with respect to offences related to the vacant job and assessment of associated risks, and (ii) identifying any security risks associated with the possible recruitment, such as risk of compromise, risk of conflict of interest, risk of information leakage, and reputational risk. We will process any additional information about the candidate obtained as a result of these checks.

2.5 - Preparation of the offer
2.5.1 - Job offer

In order to prepare a job offer, we ask selected candidates to provide additional personal information. This is then used to calculate the final salary and allowances and to draft the contract. We may ask for the following:

  • copy of the candidate’s ID document for identity check;
  • candidate’s civil status and alimony obligations if divorced;
  • data of the person to be notified in case of emergency: contact details and the relationship to the candidate;
  • data concerning the candidate’s spouse/live-in or registered partner, including information on the spouse’s income,
  • data concerning the candidate’s dependent children.

2.5.2 - Secondment

In order to prepare the Memorandum of Understanding concerning the secondment, we may ask selected candidates to fill in a form with the following information:

  • name and surname, gender, date and place of birth;
  • preferred working language;
  • contact details (postal address, email, telephone number);
  • whether the candidate has already worked at the Council of Europe;
  • family situation, including information about the candidate’s spouse/live-in or registered partner and children;
  • whether any of the candidate’s family members are employed by an international organisation and, in particular, by the Council of Europe, and the relevant details, if applicable;
  • data of the person to be notified in case of emergency: contact details and the relationship to the candidate.

We may also ask for a copy of the candidate’s ID document for identity check and bank details.

2.5.3 - Traineeship/study visit

In order to prepare Traineeship Agreement, we ask selected candidates to provide additional personal information. We may ask for the following:

  • date of birth,
  • gender,
  • marital status,
  • contact details (postal address, email, telephone number),
  • bank details,
  • copy of the candidate’s ID document for identity check.

3 - What is the legal basis for our processing of personal data?

We process personal data on the basis of the Council of Europe Staff Regulations and Rules and other applicable internal legal instruments, which include Regulations adopted by the Committee of Ministers and Rules and Decisions adopted by the Secretary General or delegated authority, in particular:

We also process personal data in order to take steps at the request of the individual prior to entering into a contract with her or him.

We process personal data for the purposes of the Buddy Programme on the basis of consent.


4 - How do we collect and store personal data?

4.1 - Collection of personal data

We collect personal data that we receive directly from the candidates who fill in application forms on the Council of Europe website via our recruitment platform. We may also collect personal data from CVs, including unsolicited CVs submitted by individuals.

Where the candidates sit a test or exam or attend an interview, we collect the data they provide in response to the test via platforms of our service providers (see Section 5 on access to the data below) or exam questions or assignments, as well as the information they provide during the interview. Tests with remote invigilation may also involve recording of a video of the candidate sitting the assessment with computer webcam.

For the purpose of standard background checks, we process information about the candidate volunteered by the references provided by the candidate as well as by her or his former or current employers and educational establishments whom we may contact. We may also consult commercial registers and public databases for the relevant information concerning the candidate.

For the purpose of enhanced background checks, we process information about the candidate obtained from the collection and analysis of publicly available data. This may include, in particular, consulting judicial databases, institutional sites, commercial registers, company databases, sanctions lists, public procurement sites, press sources, social networks and web forums.

With regard to candidates for traineeships and study visits, additional personal information (see Section 2.5.3 above) is collected via Microsoft Forms which are also used to accept the official traineeship offer. You can find information on Microsoft Forms Security and Privacy here.

The selected trainees are also requested to upload a copy of their ID document and bank details to mycloud.coe.int, the Council of Europe internal tool.

4.2 - Storage of personal data

All personal data in electronic format are stored on the Council of Europe’s or on our contracted service providers’ servers located in the European Union. We have put in place measures to protect the security of personal information, including appropriate security measures to prevent the personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These measures include encrypted servers, limited access to any databases only for those people who need it and secure backup of all data.

Where certain personal information is stored by our service providers (see Section 5.1 below), we ensure that the data are stored in countries that ensure a level of protection equivalent to that of the Council of Europe Regulations on the Protection of Personal Data, and that the service providers implement appropriate technological measures to protect personal data against accidental loss, destruction, damage, alteration or disclosure. 


5 - Who has access to the personal data?

5.1 - Selection of candidates

The candidates’ personal data are accessible to the DHR staff members responsible for recruitment and may be shared with the HR Correspondents (staff members of a Major Administrative Entity (MAE) who coordinate all human resources questions for their entity and are the contact point for the DHR) and the hiring directorate/department/division/unit if needed for selection purposes.

The Secretary General may have access to any personal data of the candidates. Staff members to whom the Secretary General has delegated authority in accordance with the general delegation framework may also have access to the data in accordance with the delegation.

5.1.1 - Recruitment
  • Tests and exams

With respect to tests and exams, the data may also be accessed by assessment correctors, providers of online tests or online invigilators who may be the Council of Europe service providers. All our service providers are bound by specific contractual clauses for any processing operations of personal data on behalf of the Council of Europe to ensure that the data are processed in accordance with the Council of Europe Regulations on the Protection of Personal Data. We will share only the minimum personal data necessary for the provision of such services.

If a candidate is invited to sit online tests or exams provided by one of our service providers, the candidate will receive a dedicated privacy notice with the invitation.

  • Interviews

With respect to interviews, the personal data are also accessible to the interview panel, which is established on an ad hoc basis by the Secretary General or a staff member to whom the Secretary General has delegated authority in accordance with the general delegation framework. In particular, the interview panel may include a member of the Staff Committee, the standing body representing the staff of the Council of Europe.

  • Background checks

Information related to background checks is first collected by our service provider. In addition to being bound by specific contractual clauses for any processing operations of personal data on behalf of the Council of Europe, the service provider is selected as a result of a competitive procedure and has a proven track record and expertise in conducting background checks and handling personal data. Once the service provider has collected the relevant data, it is transmitted to the Council of Europe and deleted from the service provider’s servers.

With regard to standard background checks, the candidate’s personal data transmitted by the service provider are processed by the DHR staff member(s) responsible for recruitment for the purpose of verifying the information submitted by the candidate.

With regard to enhanced background checks, the candidate’s personal data transmitted by the service provider may be accessed by the Secretary General, the Deputy Secretary General and their Adviser in charge of administrative issues, the Director General of Administration, the Director of Human Resources, the Head of Division responsible for recruitment procedures, and the Head of Division responsible for security and safety, for the purpose of assessing potential risks that might arise out of the candidate’s recruitment.

  • Access by other entities/staff members of the Council of Europe

HR Correspondents (see Section 5.1 above) may have access to application forms and spontaneous applications after the shortlisting stage. They may also have access to pre-selection lists.

Heads of the MAE (see the first paragraph in Section 5.1 above) or other staff members of the hiring directorate/department/division/unit may have access to application forms or spontaneous applications at any stage of the recruitment. They may also have access to the candidate’s assessment score. If they act as a member of the interview panel, they will have access to the information provided by the candidate during the interview, as well as to the observations made and notes taken by the interviewers in relation to the candidate. They may also have access to pre-selection lists.

A Staff Committee representative participating in the interview has access to application forms and to the information provided by the candidate during the interview, as well as to the observations made and notes taken by the interviewers in relation to the candidate.

The Appointments Review Committee has access to personal data of the candidates on a pre-selection list, including the name and surname, gender, nationality/ies, assessment score, previous employment at the Council of Europe, if any, and the type of contract that might be offered to the candidate.

Personal data of shortlisted candidates for appointment to grades A6 and A7 may be shared by the Secretary General with the Committee of Ministers for informal exchange of views. Where the intended appointment relates to a vacancy in the Secretariat of the Parliamentary Assembly, the Bureau of the Parliamentary Assembly will also be informed of the intended appointment. As regards special appointments procedure (Article 4150 of the Council of Europe Staff Regulations and Rules), the candidates’ application forms are also shared with the relevant entities.

5.1.2 - Secondment

In case of secondment, applications are also accessed by the staff member(s) in the division/unit to which the candidate applied for secondment. Should the candidate not be offered a secondment in the division/unit of her or his choice, her or his application may be shared with a different division/unit that might be of interest to the candidate based on her or his profile.

Personal data of candidates for secondment, including their CVs, are shared with the Permanent Representation of the country which would second the candidate. This Permanent Representation is also informed about the selection of a successful candidate. If the successful candidate is appointed to a position of the Head of Office of Council of Europe, information about the appointment is published both on the Intranet and Internet website of the Council of Europe. The Ministry of Foreign Affairs of the Host State of the Office is also informed of the appointment.

5.1.3 - Traineeships and study visits

Applications of candidates may be accessed by staff member(s) in the division/unit to which the candidate applied for a traineeship or study visit. Should the candidate not be offered a traineeship or study visit in the division/unit of her or his choice, her or his application may be shared with a different division/unit that might be of interest to the candidate based on her or his profile.

5.2 - Visa support

Where the candidates need visa support for travelling to the exam, the interview or, should they receive a job offer, to their duty station, their personal data will be collected by the DHR and accessed by Protocol, the Council of Europe service in charge of issuing notes verbales.

5.3 - Buddy programme

For the purposes of the Buddy Programme, aimed at providing a welcoming onboarding experience for newly recruited staff, we process the name and surname, e-mail address and/or telephone number, spoken languages, nationality and work location of successful candidates who wish to participate in the programme. We share this information with the staff member who volunteered to act as “buddy” and who was matched with the successful candidate. The DHR will not have access to personal information that may be further shared between the successful candidate and the “buddy” for the purposes of the programme.

5.4 - Audit

Any personal data of the candidates may be disclosed to the relevant bodies of the Council of Europe for the purposes of internal and external audit, including the Internal Audit Unit of the Directorate of Internal Oversight (DIO).

5.5 - Internal investigation

Any personal data of the candidates may be disclosed to the DIO Investigations Division for the purposes of internal investigation.

5.6 - Legal advice and litigation

Legal services within the Organisation may have access to personal data insofar as it is relevant for litigation or providing legal advice with regard to a specific situation.

5.7 - Maintenance and technical assistance

The Directorate of Information Technology (DIT) may have access to personal data contained in databases, workflows and other IT tools used by the DHR if necessary for the purposes of maintenance and technical assistance.

5.8 - Issue of the badge to access premises

With respect to successful candidates, certain personal data, such as name and surname, may be transferred to the Accreditation Office, for the purpose of preparing a badge giving access to the Council of Europe premises. More detailed information about the processing of personal data for the purposes of issuing a badge is contained in a dedicated privacy notice available at the Organisation's entrance by scanning the QR code.

5.9 - Publication in the Intranet

Information about the recruited candidates is published on the Council of Europe Intranet in the monthly digest of staff movements. The information published includes the name and surname, grade, nationality, service/department, and the date of recruitment.

Information about successful candidates recruited to grades A6 and A7, including the name and surname, duration of the appointment and the start date, is also published on the Council of Europe Intranet.


6 - How long will the personal data be stored?

Personal data processed for the purposes of the recruitment procedure will be stored for five years.

Candidates, however, may delete their profile on our recruitment platform at any time. When they delete their profile, the data is no longer accessible to the DHR. It is, however, segregated and retained for an additional five years solely for audit purposes.

If candidates are placed on a pre-selection list, such lists remain valid for four years. Upon expiry of the pre-selection list, the candidates’ data, including the data processed for standard background checks, is stored for an additional five years for audit purposes.

Personal information processed for enhanced background checks is deleted as soon as the decision to recruit or not to recruit the candidate is made.


7 - Is there automated decision making?

The DHR may use an algorithm to assist in the initial screening of job applications. This technology helps to efficiently identify candidates whose qualifications and experiences best match the requirements of the position during the application form selection stage. However, all algorithm-generated results are always reviewed and overseen by the staff members of the DHR to ensure fairness and accuracy in the selection process. Human oversight ensures that decisions are made with consideration of all relevant factors and are free from bias.


8 - What are your data protection rights?

8.1 - General data protection rights

You have the right to:

  • request access to your personal information held by us;
  • request that we correct incomplete or inaccurate personal information that we hold about you;
  • request that we delete or remove your personal information when there is no valid reason for us to keep it;
  • object to the processing of your personal information on specific grounds relating to your situation;
  • where the processing of your personal data is based on consent, withdraw your consent at any time, in which case we will cease processing the data.

With regard to the personal data stored in our recruitment platform, it is open to the candidates to consult it, correct or delete the information contained in their application form(s) and delete their profile (see Section 6 above concerning deletion of the profile).

8.2 - Background checks

Specifically with regard to background checks, if any doubts arise about the possible recruitment of the candidate based on the information obtained, the candidate will be asked to provide clarifications before any decision is taken.

If a candidate is found to have a criminal record, an individualised assessment will be conducted, taking into account the nature and gravity of the offense, how long ago it occurred, and its relevance to the post in question.


9 - Contacts

If you wish to exercise the above rights, or for any queries, concerns, or requests you may have in connection with the way your data are collected and used, please contact the Council of Europe by:

If you feel that we have not adequately responded to your request and consider that your data protection rights have been violated as a result of our processing of your personal data, you have the right to lodge a complaint with the Council of Europe Data Protection Commissioner by sending an email to [email protected].

follow us