This Website is the website of the H2020 funded ePANACEA project (hereinafter “ePANACEA”).
Protecting your personal data is a legal obligation as well as an important priority for ePANACEA for any personal data that you may in any way submit or provide during your navigation on the Website.
Please do not hesitate to contact us at firstname.lastname@example.org for any questions concerning the processing of your Data.
Our Policy in simple words:
What is considered Personal Data?
The term “Personal Data” (hereinafter “Data”), as used in this Policy, refers to information relating to your person, such as your name, your email address, your phone number, etc.
Different pieces of information, which combined can lead to your identification, are also considered personal data.
What does Personal Data processing refer to?
Personal data processing refers to any action performed on your personal data, e.g., collecting, registering, organizing, storing, customizing, modifying, retrieving, searching, sorting, using, disclosing, transferring, transmitting, disseminating, correlating, combining, limiting, deleting or destroying your personal data.
What Data do we collect on epanacea.eu?
During your visit and navigation on the Website we may collect the following Data:
- Data you provide to us through the ePANACEA Newsletter registration form.
- Data you submit to us through your online application form for becoming a REB member.
For what purposes and on what legal basis do we process your Data?
We only process your Data in the context of the services offered by ePANACEA and the Website, in accordance with applicable national and EU law and specifically for the following purposes:
- For sending you our Newsletter, using the contact info you provide to us on the ePANACEA Newsletter registration form.
- For processing your online application form for becoming a REB member, granting you access to the dedicated forum through login and contacting you to participate at relevant meetings
- For monitoring and analyzing traffic to the Website.
The legal basis for the processing of your Data is your consent.
How can you withdraw your consent?
You have the right to withdraw your consent at any time and for any of the Data processing purposes for which you have consented, and we will cease the processing.
The withdrawal of your consent will not affect the lawfulness of any Data processing that was based on your consent before its withdrawal (GDPR article 7.3).
In order to withdraw your consent, please send us an email to email@example.com, with the subject “Withdrawal of consent”.
In the email, please state your full name and the Data processing purposes for which you want to withdraw your consent (e.g., “I want to withdraw my consent for the processing of my personal data in the context of the website contact form. Signed: First name, Last name”).
In order to lawfully fulfil your consent withdrawal request, we may have to verify your identity.
Who has access to your Data?
Your Data is only accessible to the strictly necessary ePANACEA contractual partners in the context of the performance of their duties. ePANACEA contractual partners are bound by appropriate confidentiality and non-disclosure agreements.
Your Data may also be disclosed to companies within the EU, contracted by us to provide part or all of the features and services offered by the Website (hereinafter “Data Processors”).
Such companies are designated as Data Processors and will only process your Data on our behalf, in accordance with our instructions and in compliance with applicable national and EU law (GDPR EU 2016/679).
In addition, we may share or disclose your data when you explicitly request it, or when required by applicable law.
Data Processor companies only process your Data on our behalf, in accordance with our instructions and in compliance with all applicable national and EU law (GDPR EU 2016/679).
What security measures do we implement in order to protect your Data?
The protection of your Data is a legal obligation as well as an important priority for ePANACEA.
We implement all necessary and appropriate organizational and technical security measures in order to protect your Data from any form of accidental or unauthorized processing.
Our security measures are reviewed at regular intervals and updated when deemed necessary.
How long do we retain your Data?
We retain your Data for the time required to fulfil the purposes for which you have consented, or until you withdraw your consent for the processing. This may be up to one year after the closure of the ePANACEA contract.
What rights do you have on your Data?
First of all, you have the right to be informed whether we process any Data of yours.
If we process your Data, you have the right to be informed of the purposes and the legal base of the processing, the type of Data involved, the recipients of your Data, the time for which we retain your Data, and whether your Data is used for automated decision making (GDPR article 15).
If your Data contains inaccurate or incomplete information, you have the right to ask us to rectify them, e.g., correct your name or phone number (GDPR article 16).
Subject to certain conditions, you have the right to receive your Data in a commonly used and legible format or ask us to transfer them directly to another Data Controller (GDPR article 20).
Subject to certain conditions, you have right to ask us to erase your Data (“right to be forgotten”), e.g., if they are no longer necessary for the purposes for which they were collected (GDPR article 17).
Subject to certain conditions, you have the right to object to the processing of your Data, e.g., when your Data are processed for direct marketing purposes (GDPR article 21).
Subject to certain conditions and pending the evaluation of your objections on the processing of your Data, you have the right to request the restriction of their processing, e.g., when you are questioning their accuracy, you are requesting their erasure, or you are objecting to their processing (GDPR article 18).
ePANACEA is obliged to notify all recipients of your Data of any rectification or erasure of your Data or of any restriction of their processing (GDPR article 19).
Subject to certain conditions, you have the right not to be subject to decisions made solely on the basis of automated processing of your Data, including profiling (GDPR article 22).
The exercise of your rights may be subject to conditions and restrictions, in accordance with applicable national and EU law and to protect the data protection rights of third parties.
Finally, in case you believe your rights are being infringed, you have the right to lodge a complaint with the competent supervisory authority, e.g., the Hellenic Data Protection Authority (www.dpa.gr).
How can you exercise the rights you have on your Data?
In order to exercise your rights, please send us an email to firstname.lastname@example.org, with the subject “Exercise of data subject rights”.
In the email, please state your full name and the purpose of your request: access, correction or erasure of Data, withdrawal of consent, restriction or objection to the processing of Data.
In order to lawfully respond to any request for the exercise of your above rights, we may have to verify your identity.
How quickly do we respond to the submission of a request to exercise your rights?
We will review and respond free of charge to the submission of a request to exercise your rights the soonest possible and in any case within one month of receiving it.
How can you receive a status update on a request that you have submitted?
If you wish to receive a status update on a request that you have submitted, please send us an email to email@example.com, with the subject “Status update on data subject request”.
In the email, please state your full name and the request on which you want to receive a status update: access, correction or erasure of Data, withdrawal of consent, restriction or objection to the processing of Data.
Do we use automated decision-making, including profiling?
We do not make use of automated decision-making, including profiling
How secure are the links that we provide to other websites?
The Website may contain useful links to websites of other organizations that we consider trustworthy. However, following such links is at your own risk, as we cannot take responsibility for the privacy policies, practices and contents of third-party websites and services.
Do we process personal data of children?
We do not process personal data of children below the age of 16 years old without the consent of the holders of parental responsibility.
If we become aware that we are inadvertently in possession of such data without the proper consent, we will take corrective action as soon as possible.
Which law is applicable to the processing of your Data?
We process your Data in accordance with the GDPR (EU 679/2016) and all applicable national and Union EU law.
How can you be notified of changes to this Policy?
Whenever the Policy is amended in a significant way, we will notify you by posting a notice on a prominent area of the Website or by any other appropriate means.
Your continued use of the Website and its services are subject to the terms of the current Policy. We encourage you to always consult the current Policy in order to be properly informed on its terms.