PRIVACY NOTICE PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679
The information is given in compliance with article 13 of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or GDPR) to individuals interested in supporting the implementation of B-THENET (G.A. 101059812), funded by Horizon Europe Programme and coordinated by IZSLT (mail to firstname.lastname@example.org).
As of June 16, 2023, the Joint Controller Agreement is in effect among B-THENET Partners link, except for UCM. On a joint controllership basis and subject to the provisions of Article 26 of GDPR, the Parties shall jointly process personal data, for which they shall jointly determine the purposes and means. More information about the B-THENET Joint Controller Agreement is made available to interested Parties upon request.
Type of data processed
As part of our activities, the Controller collects and processes personal data provided by you, the data subject, in particular: First Name, Last Name, Username, Email address, Password, Role, Age (optional), Gender (optional), Zip code, Country, Institute, Stakeholder category, Spatial level of interaction, Stakeholder type, Years of experience, Main language spoken, Second language spoken and Images of Users (optional) and Beekeeping Practices (optional) to the extent that is needed and helpful to attain the purposes set out below.
Purpose of processing
We may collect and use personal data for the following purposes:
– Applications, registrations, and administrative management of Users;
– Storing the subject’s personal data in B-THENET Platform Database
– To be re-contacted for further project surveys
– Require consent to processing data as Advisory Board Member or Collaborating Partner;
– Registering for B-THENET events
– Receiving news, information, invitations to events and workshops, publications, announcements, and newsletters relating to the activities conducted by B-THENET;
– Dissemination on the B-THENET Platform, website, and social media channels of images, audio and videos;
– Recording image, audio, name, and surname of a persona (if any);
For any information about B-THENET’s Copyright statement, please visit copyright notice on the Platform.
Personal data collected in B-THENET Platform Database are not subject to automated decision-making or profiling. Some online services and tasks can be automated, such as registrations of responses to surveys and registrations to our events, but they are not based on analysing the personal profile of the data subject.
As for the processing of personal data that is carried out by the social media platforms used by B-THENET, please consider the information provided by those platforms through their privacy policies. The personal data made available by users through the social media pages B-THENET manages, as part of its research purposes, are processed exclusively in order to implement the project and handle user interactions (comments, public posts, etc) in full compliance with the applicable legislation.
Legal basis for processing personal data
For the purposes set out above, the legal basis of processing is the consent you, the data subject, give to the processing of your personal data, [article 6.1.a of the GDPR]. Should you deny your consent, we will be unable to process your data.
Moreover, the Joint Controllers will process the data for the legitimate interest of the B-THENET Platform, namely the use of technical cookies [article 6.1.f of the GDPR].
Data Subject Rights
In relation to your personal data, you can exercise your rights as data subject under the GDPR (art.15 -21), including the right to withdraw your consent at any time. In case data subjects revoke their consent, the published information (if any) will be removed from the Platform.
The rights set out above can be exercised in writing by sending an email to email@example.com.
You as data subject have also the right to lodge a complaint with the competent Supervisory Authorities according to Art. 77 of GDPR.
Data storage and retention
All personal data collected will be stored in Aruba (Cloud) and/or the Controllers’ digital and physical facility for the training activities. The information collected about you will be kept strictly confidential, except username, pictures and videos. Only B-THENET Joint Controllers will have access to this information and the sole purpose of storing your data is for project activities. Please note that the contents, once published and disseminated, may be subject to acquisition and republication by third parties, even without B-THENET’s consent.
The Controllers and Aruba secure all personal data through technical and organisational measures to ensure that it is protected from unauthorized access, alteration, or loss.
If the Data subject doesn’t exercise the withdrawn right, data shall be stored for
no longer than 5 years after the final payment as Grant Agreement Data Sheet.
However, once said period of conservation prior to blocking has expired, Joint Controllers shall agree whether to store the data object of the processing, prior anonymization of the same, for its use for research purposes and applying the appropriate technical and organizational measures in accordance with the provisions of the GDPR and other data protection regulations.
Any longer storage periods remain unaffected, in the event that they are required due to legal, accounting and/or fiscal obligations based on the laws and regulations in force.
Disclosure of data outside of B-THENET
Your personal data may be disclosed outside of the project for specific reasons. In particular, your personal data may be made available to entities providing IT system management on behalf of controllers, competent authorities and/or public bodies, the European Commission, and supervisory authorities to comply with statutory requirements. Requests by data subjects to exercise their data protection rights shall be handled in a coordinated manner through the e-mail address firstname.lastname@example.org which shall be identified as a contact point for data subjects in the data protection information provided to them by each Party.
How data is processed
For the above-mentioned purposes, your data will be processed by controllers’ employees and other authorized individuals. Said employees, and other authorized individuals may consult, use, process, compare the data as well as carry out any other appropriate action, including using automated means, always in compliance with statutory requirements that ensure, inter alia, protection of the confidentiality and security of the personal data, as well as data accuracy, update and appropriateness to the purposes for which the data is collected and used, as stated above.
The data stored will be used for the activities related to the B-THENET project. Moreover, the data could be shared and used for other EU projects that may benefit from them after pseudonymization (except for images) or anonymization (including the images) and in accordance with the purpose of the consent given (Art. 25 and 89 of GDPR). This includes their processing for research purposes and dissemination activities. Your data will, under no circumstances, be sold to any third parties.
Transfer of data outside of the EU
Controllers shall not carry out international transfers of the personal data processed during and after the lifecycle of the project and during the implementation of the project’s aims, according to the CHAPTER V “Transfers of personal data to third countries or international organisations” of GDPR.
Changes and updates
In case of a data breach, the event will be handled as per Art. 33-34 of the EU 2016/679 GDPR. The Controllers will undertake all steps necessary to minimize any possible negative consequences.
CONSENT REQUEST PURSUANT TO ARTICLE 6 OF THE GDPR
By clicking on the “Register” button in the subscription form you give your consent to our processing of your personal data in accordance with the purposes described above.
The binding text of the PRIVACY NOTICE PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679 shall be in the English language. It shall be the principal text for all evaluations, discussions and interpretations.
The privacy policies are automatically translated with the aid of Google Translate (https://translate.google.com/). As described in Google LLC’s Data Privacy Framework certification, the Company complies with the EU-U.S. and Swiss-U.S. Data Privacy Frameworks (DPF) and the UK Extension to the EU-U.S. Find out more details here (https://policies.google.com/privacy/frameworks?hl=en-US).”