Privacy Policy

Date: December 09, 2021

The EU Healthy Gateways Joint Action (hereinunder “EU Healthy Gateways” or “We”) ( has been assigned by a number of European Union Member States to develop and support the EU dPLF application and database, to function as a contact tracing tool during the COVID-19 pandemic.

Roles of Personal Data Processing and Purpose of this Policy

During your browsing and use of the dPLF site and application, you will need to provide some of your personal data to be able to complete the dPLF form for your chosen destination country.

The competent authorities/public bodies of the destination country, to which you are travelling, is acting as a Controller for the processing of your Personal Data, collected through the dPLF platform, in accordance with the relevant national legislation.

We are functioning as a Processor, on behalf of each Controller, and only process your personal data in accordance with their instructions, to the extent necessary for us to provide each Controller with our consulting, hosting, and tech support services.

The purpose of this privacy policy is to explain to provide you with basic details about the processing of your personal data, within the dPLF application, and clarify how you can obtain detailed information on this issue, depending on your destination country.

In addition to this Privacy Policy, you will be provided with a detailed Personal Data informative text, which will provide all the necessary details on how each specific Controller/destination country is processing your data, after you chose your destination country and before you fill in your dPLF.

Our contact details

Name: EU Healthy Gateways joint action Preparedness and Action at Points of Entry (Ports, Airports, Ground Crossings)

Address: 22 Papakyriazi str, 41222, Larissa, Greece

E-mail: [email protected]

How do we collect your personal information

If you are a passenger using the platform to travel, we only collect personal information about you that you have directly provided to us when you create your account and when you fill in you Digital Passenger Locator Form before travelling to a Destination Country.

We also may collect the following information for the following categories of data subjects:

  • Emergency Contact Information (full name; mobile number; email address; country/city).
  • Information about travel companions – family: full name; age and seat number.
  • Information about travel companions non-family/non-same household): Full name and details about group travel (i.e. tour; team; business).
  • EU Member States’ competent Personnel/Officials/Contractors: Main personal information in terms of performing the tasks assigned to them: name; surname; job title; PoE details (as appropriate); contact information (work address, telephone; business email address), employer

Purpose and Legal Basis of Data Processing

The specific purposes and legal bases for the processing are set by each Destination Member State/Controller, and you will be informed about them in detail by the informative text with which the destination member state will provide you before you fill in your dPLF.

In general, we use the information that has been given to us to develop and maintain the online platform where Digital Passenger Locator Forms related data are to be stored, on behalf of the Controller/Destination Member State and only under its documented instructions, to assist the Controller with infectious disease contact tracing and preventative measures which are established by law. For us to support the controller, we also share this information with a hosting service provider and an application development, maintenance and technical support provider, both of which act as a sub-processor of personal data and have been contractually bound to comply with their responsibilities under the General Data Protection Regulation (GDPR).

Your data protection rights

Under data protection law, you have rights including:

  • Your right of access – You have the right to ask the Controller for copies of your personal information.
  • Your right to rectification – You have the right to ask the Controller to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask the Controller to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask the Controller to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, you shall receive a response within one month.

Please contact the country of your destination country’s competent authority/Controller, if wish to make a request, at the following contact details:

Country: France

Address: Ministère des Solidarités et de la Santé – 14, avenue Duquesne – 75350 Paris

Email: [email protected]

Country: Italy

Address: Viale Giorgio Ribotta, 5, 00144, Roma, Italia/IT

Phone Number: +39 06 5994 2878

Fax: 06 5994 3278

Email: [email protected], [email protected]

Country: Malta

Address: Department for Health Regulation, Office of the Superintendent of Public Health, St. Luke’s Hospital, Outpatients Block Level 1, St. Luke’s Square, Pietà PTA 1010

Phone Number: +356 2595 3302 / +356 2595 3303

Fax: 06 5994 3278

Email: [email protected]

Country: Slovenia

Address: Trubarjeva 2, 1000 Ljubljana

Phone Number: + 386 1 2441 400

Fax: +386 1 2441 447

Email: [email protected]

How to complain

You can also complain to the data protection authority of the country you live or work. Please visit the following website for more information: