Personal Data Protection
Partners / partnership: In the following text, “partner” / “partnership” designate partner institutions / organisations participating in 4helix+ and likely to collect data within the framework of the project, namely SVIM-Sviluppo Marche, University of Camerino, Thessaloníki Chamber of Commerce and Industry, CEI-Central European Initiative, Croatian Chamber of Economy, Official Chamber of Commerce, Industry and Shipping of Seville, XXI Dinamic Network, Albanian Development Fund, Barcelona Official Chamber of Commerce, Industry, Services and Navigation, Chamber of Commerce and Industry Marseille Provence.
Supervisory Authority: independent public authority established by a member State under article 51 of the GDPR. The Supervisory Authority is the CNIL in France. The list of Supervisory Authorities is available here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
The 4helix+ project partners carefully treat all data collected as confidential and strictly use it under the framework of 4helix+ project activities in compliance with the EU legal regulations and the Interreg MED Programme rules.
All data collected and managed under the activities of the 4helix+ project, namely accounts, newsletter subscribers, event registrations, surveys of any kind, contact lists, is in strict compliance with the new Regulation (EU) 2016/679, General Data Protection Regulation.
The partnership appointed CEI-Central European Initiative to act as 4helix+ Data Protection Officer.
Who is concerned by this notice?
This notice is addressed to the following public:
- All partners participating in the 4helix+ project;
- respondents to surveys;
- registered participants in events;
- account owners in the exchange areas of the project website;
- newsletter subscribers of any outsourced database application.
- partners' press contacts relevant for the project
For what purposes does the 4helix+ project store your data?
Project partners collect data to perform their legal obligations as an EU co-funded project.
The scope of the data collected is the minimum necessary for each purpose, avoiding as much as possible personal information. However, no personal information is collected without the knowledge and consent of the target audience.
No data will be shared with third parties outside the project and the Interreg MED Programme, other than the external providers or used for unintended purposes without the express consent and prior notification to the interested individuals. When personal data is collected, the purpose will be clearly expressed.
The data collected within the framework of the 4helix+ project will be retained by the project partners and the Interreg MED Programme until 31/12/2028 to comply with the regulatory obligations. Once the retention period has passed, the 4helix+ project partners, potential sub-contractors / external providers and the Interreg MED Programme will take adequate measures to delete all personal data collected within the project.
The 4helix+ project may use external providers to process your personal data. You will be informed and your express consent required whenever this is the case.
The 4helix+ project partners make sure to demand their external providers to provide them with adequate safeguards regarding personal data protection.
External providers of 4helix+ project will have a limited access to personal data strictly necessary for the completion of the services rendered. They will also be contractually bound to use the personal data in compliance with the current regulation regarding personal data.
What about cookies and tracking technologies?
The Programme web platform collects and stores information using cookies and similar tracking technologies to track web behaviors. We use this information to provide analytics of only statistical nature.
What are your legal rights as data subject?
According to the GDPR Regulation (EU) 2016/679, “Every person may, on simple request addressed to the DPO of 4helix+, have free access to all the information concerning them in clear language (any codes must be explained) and obtain a copy against payment of a fee, fixed by the State, of 3 € for the public sector and 4,6 € for the private sector.
Every person may directly require from an organisation holding information about them the data to be corrected (if they are wrong), completed or clarified (if they are incomplete or equivocal), or erased (if this information could not legally be collected).
Anyone may oppose that information about them is used for advertising purposes or for commercial purposes;
They may also oppose to information concerning them being disclosed to a third party for such purposes. The persons concerned should have the possibility of exercising their right to oppose the disclosure of their data to a third party at the moment the data is collected. The use of automatic calling machines or faxes for advertising purposes is prohibited unless the person has given their prior consent.”*
If you believe that the processing of your personal data constitutes a violation of the legislation in force, you have the possibility to lodge a complaint with the supervisory authority concerned. (check here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm)
List of the data subject rights as stated in the Chapter 3 of the GPDR:
- Transparency and modalities
- Information and access to personal data
- Rectification and erasure
- Right to object and automated individual decision-making
** For detailed information on each specific right, please check Chapter 3 of the GDPR Regulation (CE) no 2016/679.
What type of data is collected and how?
The project partners store data of different types and in several ways:
- E-mail, postal and telephone contacts;
- Newsletters subscription;
- Event registrations;
- Contact forms;
- Data collected through the 4helix+ web site and other outsourced applications (MailChimp).
Who can you contact for questions regarding data protection?
For questions or concerns regarding the collection of your personal data within the 4helix+ project, please contact the Data Protection Officer: cei (at) cei.int.