All content of this website [https://connect-fetopen.com/] (hereinafter the “Website”) is owned or controlled by the Consortium of the CONNECT Project (hereinafter referred to as the “CONNECT Consortium” or the “Consortium”).
The aim of this Website is to keep the public informed about the activities of the CONNECT Consortium and its efforts in the harmonization and standardization of health data.
1. What data do we collect?
The Personal Data that you give to us, e.g when some areas of the Website may ask you to submit personal information, such as your name, your e-mail address, your phone number and your organisation (the “Personal Information”), in order for you to benefit from some specified features, such as newsletter subscriptions. Also, when you create an account, login in the website, contact us, send us an email, call us. A separate consent will by requested where appropriate.
2. Why do we process your personal data?
We may use data from or about you for the following purposes:
• to respond to your inquiries and fulfill your requests, such as sending you newsletters or e-mail alerts;
• to send you important information regarding our relationship with you or regarding the Website, changes to our terms, conditions, and policies and/or other administrative information;
• for IT purposes, such as enhancing our website and identifying website usage trends.
We will only process the collected data for the purposes as described above and will not further process the data in a manner that is incompatible with those purposes.
The data will only be processed in so far necessary to achieve the above mentioned purposes. Your data will also be kept up to date where necessary (for which your input may be required and asked).
The personal data will be processed fairly, lawfully and in a transparent manner, meaning that at least one of the following legal bases applies:
• We have received your explicit consent for the processing of your personal data;
• We are obliged to process your personal data according to applicable law or court order;
• The personal data are processed in view of the legitimate interests of the CONNECT Consortium partners.
3. Who can access your Personal Data and why?
We may disclose information collected through the website in so far necessary to achieve the above mentioned purposes:
• to the CONNECT Consortium partners, for the purposes as listed above;
• to our service providers (processors) who provide services such as website hosting and moderating, mobile application hosting, data analysis, IT services, e-mail and direct mail delivery services, auditing services, and other services, in order to enable them to provide services; as we believe to be necessary, if permitted or required by applicable law.
In transferring data to processors, we will conclude a contract with such processor setting out the subject matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller. We will only use processors providing sufficient guarantees to implement appropriate technical and organizational measures so that the processing of the data meets the legal requirements.
4. Do we transfer your Personal Data?
Your personal data will not be transferred to other third parties unless required or allowed by applicable law.
If the processing of your personal data would take place in a third country (i.e. a country outside the European Economic Area) which does not offer an adequate level of protection, this processing shall be carried out in accordance with the requirements and appropriate safeguards under the applicable data protection legislation, such as, entering into EU standard contractual clauses.
With your explicit consent (in so far required), we may also use and disclose information collected through the website in other ways and for any other purpose. In addition, we may use and disclose information that is not considered to be personally identifiable and thus not personal data for any purpose.
5. What are your rights with regard to your personal data?
You have the right to request, review, correct, update, or delete the personal data that you have provided via the Website as described below:
• Right to inspection: If you are capable of proving your identity, you obtain the right to acquire information about the processing of your data. Consequently, you have the right to the processing objectives, the data categories, the categories of recipients to which the data are sent, the criteria that determine the period of data storage and the rights that you can exercise with regard to your data.
• Right to correct personal data: Inaccurate or incomplete data may be corrected. It is first and foremost the User’s responsibility to make the necessary modifications to his or her “User Profile”. You may also contact us with a request to modify the data.
• Right to delete personal data: You also have the right to obtain the deletion of your personal data under the following circumstances:
• Your personal data are no longer necessary for the intended purpose;
• You revoke your consent to process your data and there is no other legal basis for processing your data;
• You have legitimately exercised your right of objection;
• Your data has been unlawfully processed;
• Your data must be deleted arising from a legal obligation.
• Deleting data is primarily related to visibility; the deleted data may remain temporarily stored.
• Right to restrict processing: In some cases, you have the right to request restrictions on the processing of your personal data. This certainly applies in the case of a dispute relating to the accuracy of data, if the data are necessary in the context of a legal procedure or during the time necessary for CONNECT to determine that you are validly able to exercise your right of deletion.
• Right to object: You have the right to object at any time to the processing of your personal data for “direct marketing” purposes, profiling purposes or purposes arising from the legitimate interests of the data controller. CONNECT will stop processing your personal data unless it can demonstrate that there are compelling legal reasons to process that prevail over your right to object.
• Right to data portability: You have the right to obtain the personal data provided to CONNECT in a structured, common and machine-readable form. In addition, you have the right to transfer such personal data to another data controller unless this is technically impossible.
• Right to withdraw consent and opt-out or unsubscribe to mailing communication: You are entitled to withdraw your consent at any time, purposes and you will receive an unsubscribe link in every communication e-mail you will receive from us.
Where consent is asked from you and you are a child below the age of 16 years, your holder of parental responsibility needs to give or authorize such consent.
6. How can I exercise my rights?
• Should you wish to exercise your rights, you must submit a written request and proof of identity by email to our CONNECT contact form. We will answer as soon as possible and no later than thirty (30) days after having received your request.
• Option of lodging a complaint: If you are not satisfied with the processing of your personal data by CONNECT, you are entitled to lodge a complaint with the Data Protection regulator You may lodge a complaint with a supervisory authority competent for your country or region. Please click find contact information for such authorities here: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.
7. How do we secure your data?
We use a variety of measures to keep your Personal Data confidential and secure, including restricting access to your Personal Data on a need to know basis and following appropriate security standards to protect your data.
We take every reasonable step to ensure that your Personal Data is only processed for the minimum period necessary in connection with:
• the purposes set out in this Privacy Notice;
• any additional purposes notified to you at or before the time of collection of the relevant Personal Data or commencement of the relevant processing; or
• as required or permitted by applicable law; and thereafter, for the duration of any applicable limitation period. In short, once your Personal Data is no longer required, we will destroy or delete it in a secure manner.
In case of a personal data breach, we will notify the personal data breach to:
(i) the competent supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons and
(ii) you, the data subject without undue delay if the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons.
Please note that some sites may collect and use data differently. These sites will have a local privacy notice explaining these practices. If the user leaves the CONNECT Consortium website and visits a website operated by a third party, The CONNECT Consortium cannot be held responsible for the protection and privacy of any information that users provide when visiting such third-party websites. Accordingly, users should exercise caution and review the privacy statement applicable to the website in question.
10. Contact us