This page explains how personal data submitted through the C-IED COE training application forms is processed, stored and protected.
Purpose of Data Processing
Personal data is collected and processed exclusively for official training administration purposes, including registration, coordination, accommodation support and reporting when required.
Legal Basis
Processing is based on:
- Article 6(1)(c) and 6(1)(e) of the EU GDPR
- Spanish Organic Law 3/2018 (LOPDGDD)
- NATO Data Protection Policy (AC/35-D/2004-Rev3 or successor)
- Applicable NATO personnel and training regulations (NCPR, Bi-SC 075‑007, AAP‑06/32)
Types of Data Collected
Data fields may include identification information, contact details, nationality, rank or civilian employment status, supervisor details, accommodation needs and other training‑related information documented in the course application form.
Data Sharing
Certain information may be shared with higher NATO Headquarters when required for reporting, coordination or certification tasks.
No data is shared with third parties unrelated to NATO structures.
Security Measures
All data is processed in accordance with:
- GDPR Article 32 (Security of processing)
- NATO security and information‑handling standards
- WordPress/WPForms security hardening and CIS policies
Special characters are restricted in some fields to ensure data validation, interoperability and system protection.
Data Retention
Personal data is retained only for the time necessary to administer the training activity and meet auditing requirements, after which it is securely deleted.
Your Rights
Data subjects may request access, correction or deletion of their personal data, subject to applicable security and administrative constraints.