Privacy Notice - ERRIN

Information on the processing of personal data pursuant to art. 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation, GDPR)

 

1. Introduction

In accordance with art. 13 of the European Regulation n. 679/2016, the European Regions Research and Innovation Network (ERRIN), as the "Data Controller", is required to provide you with information regarding the use of your personal data.

 

2. Identity and contact details of the data controller

The Data Controller of the personal data referred to in this Notice is the European Regions Research and Innovation Network (ERRIN), with legal headquarters in Belgium, Rue du Luxembourg 3, 1000 Brussels.

 

3. The Data Protection Officer

The Data Protection Officer can be contacted at the email address DT4REGIONS@errin.eu or at the headquarters of ERRIN in Belgium, Rue du Luxembourg 3, 1000 Brussels.

 

4. Data processors

ERRIN may make use of third parties for the performance of activities and related processing of personal data of which we maintain the ownership. In accordance with the provisions of the legislation, these subjects ensure levels of experience, ability and reliability such as to guarantee compliance with the current provisions on processing, including the data security profile. We formalize instructions, tasks, and duties for these third parties with their designation as "Data Processors". We submit these subjects to periodic checks in order to ascertain the maintenance of the guaranteed levels recorded on the occasion of the initial assignment.

 

5. Subjects authorized to process personal data

Your personal data are processed by internal personnel previously authorized and designated by data controller, who are given suitable instructions regarding measures, precautions, modus operandi, all aimed at the concrete protection of your personal data.

 

6. Purpose and legal basis of the processing

The processing of your personal data is carried out by ERRIN for the following purposes:

  1. Subscription, management and distribution of the Project newsletter;
  2. Registration, participation and reporting from Project events;
  3. Taking photos, videos and chat recordings from Project events and disseminating them online.

ERRIN processes your personal data for the aforementioned purposes following the consent you have given pursuant to art. 6 par. 1 letter a) of the GDPR or on the basis of the consent to the sharing of data to the Project Partners that you provided when you provided your personal data to the Project.

 

7. Recipients of personal data

Your personal data are not disclosed or disseminated, without your express consent. Your personal data is processed by the subjects authorized to process it and by the data processors previously appointed by ERRIN. Your personal data are also processed by the project Partners for the purposes indicated in the project Privacy Policy. At the end of the project, the data will be processed by the subjects among the Partners who will manage the platform and the activities related to it.

 

8. Transfer of personal data to non-EU countries

We use Mailchimp, a third-party data processor, for the purpose of subscription, management and distribution of the Project newsletter, and therefore we will provide it with your data. Please read the Mailchimp privacy policy (https://mailchimp.com/legal/privacy/) and take note that Mailchimp uses web beacons to gather information about the success of their email campaigns (e.g. when an email was opened, IP address).

Note that Mailchimp uses servers located in the United States of America, which have not received a binding adequacy decision by the European Commission or by a competent national EEA data protection authority. Data transfers involving them are subject to binding and appropriate transfer mechanisms that provide an adequate level of protection in compliance with GDPR. In addition, these companies operate under the EU-US and Swiss-US Protection Shields to ensure your rights regarding data protection when the data is transferred to the US.

 

9. Storage period

Your data are kept for a period not exceeding that necessary for the pursuit of the mentioned above. For this purpose, also through periodic checks, the strict relevance, non-excess and indispensability of the data with respect to the relationship, performance or ongoing assignment, to be established or terminated, is constantly checked, also with reference to the data that you provide on your own. initiative. The data that, even following the verifications, are excessive or irrelevant or not essential are not used, except for the possible conservation, according to law, of the deed or document that contains them.

 

10. Your rights

As a data subject, you have the right:

  • access to personal data;
  • to obtain the rectification or erasure of personal data of the same or the limitation of the treatment concerning the data subject;
  • to object to the processing;
  • to lodge a complaint with the Data Protection Supervisor Authority.

 

11. Data provision

The provision of your data is optional, but necessary for the purposes specified above. Failure to provide it will make it impossible to implement the purposes indicated in par. 6.