WEBGUIDE
Page tree

Versions Compared

Old Version 9

changes.mady.by.user Etienne BELOTTI

Saved on

compared with

New Version Current

changes.mady.by.user Alice BOURROUET

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

European Commission websites:

  • if required, must make use of Europa Webtools
  • cannot feature third party tools and services

If a business need cannot be addressed by any of the corporate tools and services then a justified request to approve a tool or service may be submitted. See below.

...

  • web components, installed on the Commission infrastructure, but not developed in-house e.g charts, maps, social media feeds, etc.
  • commercial services that interact with or load/submit data to servers that are not part of the Commission infrastructure and thus beyond the control of the Commission, e.g. Google Analytics, embedded YouTube videos, embedded web fonts (e.g. Google Fonts), embedded maps, surveys, content delivery networks (CDN), etc.

Risks of using third-party tools and services

...

Europa Webtools are based on the following principles:

  • offer corporate out-of-the-box features 
  • in line with corporate standards in terms of styling, accessibility, usability and cookie rules
  • straightforward to implement and with dedicated corporate support
  • in case of any 3rd-party dependencies, these are centrally maintained 
  • standard functionality and labels available in 24 languages

...

Requests for improvements to a tool or service that is part of the Europa Webtools offer can be sent by email to Comm Europa Management. After assessment, your Europa account manager or the corresponding product owner will contact you.

...

  • assesses the risk considering the requirements of Regulation (EC) 45/2001, Decision C(2006)3602 and Directive 2009/136/ECrelated to the protection of personal data processing and security of information systems. This risk assessment will cover at least the above risks related with the use of using third-party tools and services and will include a consultation with the DPO and HR.DS
  • if the aforementioned actions have lead to a positive outcome, your class manager or the corresponding product owner will contact you

Requesting the use of not-embedded third-party tools and services

Third-party tools and services that are standalone and not intended to be embedded on a page, must be approved by DG Communication and must meet the following conditions:

  • In case the third-party service can provide a separate instance of the tool/service, the requesting service must comply to the Web Guide by:
    • implementing the corporate visual identity
    • assuring protection of the personal data processing
    • follow the accessibility guidelines
    • adding a case-specific information systems security disclaimer that the related risks remain responsibility of the requesting service
  • In case the third-party service can not provide a separate instance of the tool/service, the requesting service must link to the third-party website and assure that only limited amount of information is published on the third-party website. In addition, the requesting service must prepare, in cooperation with their Data Protection Coordinator, a case-specific privacy statement instead of simply referring to the main Privacy statement of the Commission websites.

Data protection

Any personal data that is processed as part of any task relating to the development of the European Commission's web presence must be done so in compliance with Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018.

See data protection for more info.

Contact and support

If you require further assistance, please contact:

...