Privacy Policy
Effective as of 01st March 2022/Updated on 29th of January 2024
WHO WE ARE “Data controllers” are the people or organisations that determine the purposes for which, and the manner in which, any Personal Data is processed, and make independent decisions in relation to the Personal Data and/or who/which otherwise control that Personal Data.
For the purposes of the GDPR, PANEPISTIMIO PATRON (LMS) established in UNIVERSITY CAMPUS RIO, PATRAS, RIO PATRAS 265 04, Greece, and F6S Network Ireland Limited (registered number 643630), whose registered office is at 77 Camden Street Lower, Dublin 2, D02 XE80, Ireland are joint controllers of this website. This Website falls under the responsibility of the OpenZDM Consortium and is concerned with the dissemination and exchange of information about the research conducted in the course of the project and the outcome of this work. The OpenZDM project is committed to protecting your privacy and is developing technology that gives you the most powerful and safe online experience. This Privacy Policy applies to the Web Site of the H2020 OpenZDM project (Grant Agreement 101058673) and governs data collection and usage. By using the Web Site of the OpenZDM project, you consent to the data practices described in this statement.
1. POLICY SCOPE
The purpose of this Privacy Policy is to provide you, as our data subject, with a statement regarding the Data Protection and Privacy practices and obligations of The OpenZDM Project and an explanation of your rights as a data subject.
This Data Protection and Privacy Policy and Notice applies to our business practices, our website (Websites), which are accessible from https://www.openzdm.eu/ and it applies regardless of whether you use a computer, mobile phone, tablet, TV or other device. As the Organisation is established in the Republic of Ireland, this document is written in the vein of Irish Data Protection Law, and The OpenZDM Project falls under the jurisdiction of the Irish Data Protection Commission. This Privacy Policy sets out what Personal Data we collect and process about you in connection with the services and functions of the Organisation. We are not responsible for the content or the privacy notices for any websites to which we may provide external links.
2. WHY AND HOW DO WE ENSURE COMPLIANCE?
Data protection and privacy laws provide rights to individuals with regard to the use of their Personal Data by organisations, including The OpenZDM Project. Irish and EU laws on data protection govern all activities we engage in with regard to our collection, storage, handling, disclosure and other uses of Personal Data.
We must comply with data protection and privacy laws because the law requires us to but we also would like you to have confidence in dealing with us, and compliance with data protection law helps us to maintain a positive reputation in relation to how we handle Personal Data.
We are required to demonstrate accountability for our data protection obligations. This means that we must be able to show how we comply with the applicable data protection and privacy laws, and that we have in fact complied with the laws.
We do this, among other ways, by our written policies and procedures, by building data protection and privacy compliance into our systems and business rules, by internally monitoring our data protection and privacy compliance and keeping it under review, and by acting if our representatives, including employees or contractors, fail to follow the rules. We also have certain obligations in relation to keeping records about our data processing.
3. WHO MUST COMPLY?
All our representatives, which include employees and contractors, are required to comply with our Data Protection Policies and Procedures which inform this Privacy Policy when they process Personal Data on our behalf. What are the data protection principles and rules?
We aim to comply with the following principles found in Data Protection Law:
Lawfulness, fairness and transparency – Personal data must be processed lawfully, fairly and in a transparent manner.
Purpose Limitation – Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data minimisation – Personal Data must be adequate, relevant and limited to what is necessary in relation to purposes for which they are processed.
Accuracy – Personal data must be accurate and, where necessary, kept up to date. Inaccurate Personal Data should be corrected or deleted.
Retention – Personal data should be kept in an identifiable format for no longer than is necessary.
Integrity and confidentiality – Personal data should be kept secure.
Accountability – Under the GDPR, we must not only comply with the above six general principles but we must be able to demonstrate that we comply by documenting and keeping records of all decisions.
4. PROJECT DATA CONTROLLERS
The OPENZDM project is made of 18 consortium partners, each of these entities is responsible for their own data protection compliance. If you have any queries about your personal data being used in this project please contact the relevant controller from the list below making sure to cite clearly that your query is related to the OPENZDM project:
5. PERSONAL DATA THAT THIS WEBSITE COLLECTS PROVIDED BY YOU AND HOW WE USE IT
Any personal information which you volunteer to The OpenZDM Project through the use of this website will be treated with the highest standards of security and confidentiality, strictly in accordance with the EU GDPR and the Data Protection Acts 1988 to 2018. Unless stated otherwise in detail in the relevant sections of the Website, Personal Data generated from the use of our Website is processed as follows:
(i) Contact via contact form
Should you choose to communicate with us via the contact form, we invite you to provide your name, your email address, and message which are managed by https://www.hubspot.com/ according to their terms and conditions. The website does not store your personal data. The legal basis for processing Personal Data for the purposes set out in this item is art. 6(1)(b) of GDPR..
(ii)Newsletter subscription
Should you choose to subscribe to our newsletter, we invite you to provide your name, and your email address which are managed by https://mailchimp.com/ according to their terms and conditions. The website does not store your personal data. The legal basis for processing Personal Data for the purposes set out in this item is art. 6(1)(a) of GDPR. You can withdraw your consent from any communication from the OpenZDM project by using the ‘Unsubscribe’ link in any communication
(iii) Social Media
Some of our webpages use social media plug-ins from other organisations. We embed widgets from these social media networks to provide retweet / sharing functions, like boxes, stream embeds and follow buttons. These other organisations may receive and use personal data about your visit to our sites or apps. If you browse our Website or view content on our apps, the information that these third-party social media organisations collect may be connected to your account on their site. For more information on how these organisations use personal data, please read their privacy policies. The legal basis for processing Personal Data for the purposes set out in this item is art. 6(1)(a) of GDPR.
(iv) Special Category Data
We will not collect special category data from you (for example information around your political/philosophical beliefs, racial/ethnic origins, sex life/sexual orientation) through your use of this website.
(v) Site visitation tracking
We use Matomo, an open source web analytics platform in order to measure, collect, analyse and report visitors data for purposes of understanding and optimising the website. We enable all anonymisation features in Matomo so no personal data is collected.
6. COOKIES AND THIRD PARTY – COOKIES
Cookies are small text files that can be used by websites to make a user’s experience more efficient. Our Website does not collect any cookies apart from the necessary ones. You reserve the right to set up your browser to warn you before accepting cookies, or you can simply set it to refuse them, although you may not have access to all the features of this website if you do so. See your browser ‘help’ button for how you can do this. You do not need to have Cookies on to use or navigate through many parts of this Website. Remember that if you use different computers in different locations, you will need to ensure that each browser is adjusted to suit your Cookie preferences.
7. HOW WE STORE YOUR PERSONAL DATA
If you submit your contact details via the contact form or newsletter subscription form, your data is stored and managed in the platforms mentioned in section 2. They will be securely stored by OpenZDM with access only by authorised personnel.
Cookies are currently the only occasion where personal data will be stored by this Website.
We utilise state-of-the-art technology to store your data. The following safeguards are used, for example, to protect your personal data from misuse or any form of unauthorised processing:
Access to personal data is restricted to a limited number of authorised persons for the stated purposes.
The IT systems used for processing data are technically isolated from other systems to prevent unauthorised access and hacking.
Access to these IT systems is constantly monitored to detect and prevent misuse in the early stages.
8. HOW LONG WE WILL KEEP YOUR PERSONAL DATA FOR
We will keep your personal information only for as long as it is relevant and useful for the intended purpose for which it was originally collected, or as required by law.
9. DATA BREACHES
We will report any unlawful data breach of your data within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
10. YOUR RIGHTS AS DATA SUBJECT WITH RESPECT TO YOUR PERSONAL DATA
Under the General Data Protection Regulation [Articles 15-21], you have a number of important rights . In summary, those include rights to:
Right of access: You have the right to be aware and verify the legitimate nature of the processing. So, you have the right to access your personal data and receive additional information about how we process it.
Right to rectification: You have the right to study, correct, update or modify your personal data by contacting OpenZDM at the openzdm@f6s.com
Right to erasure (Right to be forgotten): You have the right to request deletion of your personal data when we process it on your consent or in order to protect our legitimate interests. In all other cases (such as, where there is a contract, obligation to process personal data legally required, or public interest), this right is subject to specific restrictions or shall not exist, as the case may be.
Right to restriction of processing: You have the right to request a restriction of the processing of your personal data in the following cases:
(a) when the accuracy of the personal data is contested and until the accuracy is verified
(b) when you oppose the deletion of your personal data and request the restriction of their use instead,
(c) when personal data are not needed for processing purposes, they are however required for the establishment, exercise, or defence of legal claims, and
(d) when you object to the processing and the decision on your objection to processing is pending.
Right to object to processing: You have the right to object at any time to the processing of your personal data where, as described above, the processing is based on the legitimate interests we pursue as data controllers, as well as, for the purposes of direct marketing and consumer profiling, if applicable.
Right to data portability: You have the right to receive your personal data free of charge in a format that allows you to access, use, and edit them with commonly used editing methods. You also have the right to ask us, in case it is technically feasible, to transmit the data directly to another controller. Your right to do so exists for the data you have provided to us and is processed by automated means based on your consent or for the execution of a relevant contract.
Right to withdraw your consent: In cases where processing is based on your consent, you have the right to withdraw it without affecting the lawfulness of processing based on consent prior to its withdrawal.
If you would like to exercise any of those rights, please:
- contact us using our Contact details below
- let us have enough information to identify you,
- let us have proof of your identity and address, and
- let us know the information to which your request relates.
11. TIME LIMITS FOR COMPLIANCE WITH YOUR RIGHTS AS DATA SUBJECT
We make every effort to comply with all requests within one month of the receipt of the request. However, this period may be extended for reasons relating to the specific right or complexity of your request.
12. DATA CONTROLLER AND CONTACT DETAILS
The data controller of this website are PANEPISTIMIO PATRON (LMS) established in UNIVERSITY CAMPUS RIO, PATRAS, RIO PATRAS 265 04, Greece and F6S Network Ireland Limited (registered number IE3629141FH) whose registered office is at 77 Camden Street Lower Dublin, Dublin 2, D02 XE80, Ireland. All questions, comments and requests regarding this Privacy Policy may be also addressed to the following Contact details to privacyie@f6s.com or post address to our Organisations.
13. HOW TO COMPLAIN
As the Data Subject, you have the right to complain at any time to a supervisory authority in relation to any issues related to our processing of your Personal Data.
We would like to hear from you first if you have a complaint about how we use your data so that we may rectify the issue.
PANEPISTIMIO PATRON (LMS) established in UNIVERSITY CAMPUS RIO, PATRAS, RIO PATRAS 265 04, Greece is located in Greece and conducts its data processing in the EEA, and is regulated for data protection purposes by the Hellenic Data Protection Authority.
You can contact the Hellenic Data Protection Authority as follows:
● Website: https://www.dpa.gr/
● Phone: +30-210 6475600
● Email: contact@dpa.gr
● Address: Hellenic Data Protection Authority – Kifissias 1-3, PC 115 23, Athens, Greece
F6S Network Ireland Limited is located in Ireland and conducts its data processing in the EEA, and is regulated for data protection purposes by the Irish Data Protection Commissioner.
You can contact the Data Protection Commissioner as follows:
● Website: www.dataprotection.ie
● Phone: +353 57 8684800 or +353 (0)761 104 800
● Email: info@dataprotection.ie
● Address: Data Protection Office – Canal House, Station Road, Portarlington, Co. Laois, R32 AP23. Or 21 Fitzwilliam Square Dublin 2. D02 RD28 Ireland
14. CHANGES TO OUR PRIVACY POLICY
Our practices as described in this Privacy Policy may be changed, but any changes will be posted and any such changes shall apply to your continued usage.
You are encouraged to review this Privacy Policy periodically to make sure that you understand how any personal information you provide will be used.
We may also email you in certain circumstances to let you know if and when we update this Privacy Policy to ensure you are informed.
Any changes to this Privacy Policy will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.