DSO Entity’s Privacy Policy

  1. Introduction

EU DSO Entity (hereinafter ‘DSO Entity’) is an expert entity that brings together Distribution System Operators (DSOs) to support the development and effective operation of the internal electricity market. DSO Entity aims to promote the optimal management and coordinated operation of distribution and transmission systems, in alignment with its tasks and mandate under the Regulation (EU) 2019/943 (hereinafter ‘’).

The protection of personal data is essential for DSO Entity, and we want you to be aware of the kind of data we collect about you, the purposes we use it for, and inform you about your options and rights. Please review the following Privacy Policy carefully.

For clarity, please note that the Privacy Policy only applies only to the personal data processed in the context of DSO Entity’s activities. It does not apply to the data processing activities of other organisations or companies, including DSO Entity member organisations when they process personal data in connection with their own activities.

  1. Who processes your data?

DSO Entity (data controller) collects, uses and stores (i.e., processes) personal data in the context of our activities which are coming from EU legislation or based on your consent. Any processing of personal data is done in compliance with:

  • the General Data Protection Regulation or GDPR (Regulation (EU) 2016/679),
  • the Belgian Data Protection Act of 8th December 1992 on the protection of privacy in relation to the processing of personal data (as amended).
  1. What constitutes personal data and what types of personal data do we process?

Personal data refers to any information that directly identifies or indirectly makes an individual (a natural person) identifiable. The information provided in this Privacy Policy applies exclusively to the personal data of natural persons. For that reason, it does not apply to data regarding companies, legal entities, or institutions. However, the Privacy Policy does cover the personal data of natural persons engaged in professional activities, including employees of companies or organisations.

Types of personal data we collect

  • Our members: We collect personal information from our members, including names, email addresses, professional titles, and contact details. For members of expert groups or task forces or other DSO Entity bodies, we additionally collect any information provided during the application process or when attending meetings.
  • Event (including meetings) registrants and participants: For individuals registering or participating at our events, we collect your name, organisation, title, and email address.
  • Newsletter and surveys: We gather names, organisation names, titles, and email addresses for individuals subscribing to our newsletter or participating in surveys.
  • Visual data: We may collect video recordings of meetings or workshops where participants are present.
  1. What are our grounds and objectives for processing personal data?

DSO Entity uses personal data only for the purposes for which it was collected and to the extent necessary to achieve those purposes.

Processing based on legal obligations

As part of its mandate from the Energy Regulation to represent DSOs as an expert body, DSO Entity processes the personal data of representatives from its member organisations to comply with the legal obligations of record-keeping and association administration. This processing in necessary to ensure adherence to organisational management rules and to meet competition and antitrust law principles. We process personal data to manage membership and representation within the association, including maintaining records of representatives, overseeing participation in various bodies, contact persons, attendance at meetings, and proxies granted.

Processing for contractual obligations

DSO Entity also processes personal data when entering into or performing under contracts. For contractual purposes, we use personal data to prepare, enter into, and fulfil the obligations of contracts, or to exercise rights as specified within them. Additionally, if you apply for a position at DSO Entity, we process the personal data provided in your CV and cover letter, along with your contact details, to facilitate recruitment and prepare for potential employment.

Consent-based processing

Where personal data processing is based on consent, DSO Entity only processes data for purposes for which explicit consent has been granted. Consent-based processing includes instances such as subscribing to DSO Entity’s newsletter or participating in a survey. You may withdraw your consent at any time by following the link provided at the end of each email message. For example, we process data as needed to organise events, manage event registration, and distribute newsletters or surveys to consenting individuals.

  1. How do we protect your data?

DSO Entity safeguards the confidentiality of personal data in accordance with applicable laws and has implemented appropriate technical and organisational measures to protect personal data against unauthorised access, unlawful processing or disclosure, accidental loss, alteration, and destruction.

  1. How do we use cookies and other monitoring technologies?

In the same way many websites, DSO Entity also uses cookies on its website. Cookies are small text files that are stored on the computer of the user via the server of the online environment. The purpose of this activity is to enable the recognition of the same user as the web browser sends the cookie data back to the online environment every time it is used.

  1. Are there third parties, in addition to DSO Entity, who may process my personal data?

DSO Entity engages trusted contractual partners to deliver certain services that it cannot provide independently. Similarly to other member organisations, DSO Entity uses established, widely recognised tools for organisational purposes, such as conducting meetings, collecting relevant input, and sharing updates. These tools include platforms such as Mailchimp, Google Forms, Microsoft Forms, Microsoft Teams, and other reputable, commonly used platforms.

  1. How long do we store personal data?

DSO Entity keeps personal data only for as long as necessary to fulfil its legal obligations, perform contractual agreements, or prepare for potential legal claims. Retention periods are determined by the requirements of applicable contracts, DSO Entity’s legitimate interests, or relevant legal requirements (e.g., accounting regulations, statutory data retention obligations, or legally prescribed expiration periods).

  1. Rights in relation to personal data
  • The right to access data

You will always be able to examine your personal data that has been collected and is being used as well as its sources and objective for the use thereof. You are also able to receive information as to how long DSO Entity stores the data and to whom and to what extent the data is disclosed. The right to access your personal data may be limited by legislation, the rights of other persons for ensuring their privacy or other justified needs (e.g., know-how, business secrets, internal evaluations, and other materials of DSO Entity).

  • The right to rectify personal data

If your data is incorrect, incomplete or irrelevant, you are able to request that your data be rectified or deleted, taking into consideration the limitations arising from applicable legislation and the rights related to the processing of data.

  • The right to object

You have the right to object to the processing of your personal data, including in cases in which DSO Entity refers to its legitimate interests when processing data.

  • The right to limit data processing relating to you

You have the right to limit the processing of your personal data on the basis of applicable legislation.

  • The right to be forgotten

If personal data is processed on the basis of your consent and you have withdrawn your consent, you have the right to apply for the deletion of your personal data. This right does not apply if the personal data that you request to be deleted is also processed on the grounds of another legal basis, e.g., on the basis of contract, for the performance of a legal obligation or for the performance of a task in public interest.

  • Right to data portability

If the DSO Entity uses data on the basis of your consent or on the basis of an agreement and the data processing is automated, you have the right to receive a copy of the submitted data in an electronic machine-readable format.

  1. Contact information

If you have any questions concerning your rights in relation to the processing of your personal data or if you have any questions about how we collect and use your personal data, please send a dated and signed request with the proof of your identity to info@eudsoentity.eu. If you are not satisfied with how we process your personal data and your inquiry to us did not result in satisfactory result, you are also able to file a complaint with the supervisory body, the Belgian Data Protection authority, the contact details of which are: Data Protection Authority – Autorité de protection des données – Gegevensberschermingsautoriteit, Rue de la Presse 35 – Drukpersstraat 35, 1000 Bruxelles – Brussel.