1.    Introduction – Privacy Policy Template for RE-ROUTE Website

The privacy policy of the RE-ROUTE PROJECT (“we,” “us,” or “our”) outlines the collection, storage, use, and/or sharing (“processing”) of your information when you use our services (“Services”), such as when you:

  • Visit any of our websites, including our social media sites, that are linked to this privacy policy
  • Engage with us in other related ways, such as participating in events organized by the Consortium, subscribing to our newsletters, or other types of communities endorsed by the Consortium during the project.

2.    What information do we collect?

Personal information you disclose to us. The personal information we gather is provided by you voluntarily, either when you register for our services, express interest in obtaining information about our products and services, participate in activities on the Services, or contact us in other ways.

Personal Information provided by you. The type of personal information we gather varies depending on how you engage with us and the Services, the options you select, and the specific products and features you use. Some examples of personal data we may collect include your name, email address, job title, username, password, contact preferences, and mailing address.

Sensitive Information. We don’t handle any sensitive personal data, including information that could reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data for uniquely identifying individuals, health data, or data on an individual’s sex life or sexual orientation.

When visiting the RE-ROUTE website

During the ordinary operation of this website’s designated IT systems and applications, certain data is automatically detected through the use of internet communication protocols. This data is not directly associated with identifiable users. Examples of this data may include cookies, IP addresses of the computers used to access the site, Uniform Resource Identifier (URI) addresses of requested resources, the time of the request, the method used to send the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response, and other parameters related to the user’s operating system and IT environment.

When filing a question/request via our contact form

Additional personal information we collect includes information provided by the user/visitor when communicating with us through the email addresses listed on our website or by filling out our online contact form. If a user chooses to send personal information through email on a voluntary and explicit basis to the addresses provided on this website, the sender’s email address is then collected to respond to the request, along with any other personal data contained in the message.

When you register to receive Newsletters

Our website provides a service for creating and distributing project newsletters and managing subscriptions. The personal data we collect for this purpose include email address, first name, last name, entity, and position in entity.

Social Media Login Data. We may offer the option of registering with us using your social media account details, such as Facebook, Twitter, or other social media accounts. If you decide to register in this manner, we will obtain the information mentioned in the section about social logins below. You are required to provide accurate, truthful, and complete personal information, and you must inform us of any changes to such information.

3.    How do we process your information?

We process your personal information for a variety of reasons, depending on how you interact with our services, including:

  • To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
  • To communicate RE-ROUTE achievements, informing about project events and sending invitations for participation or diffusing project outcomes

4.    What legal bases do we rely on to process your information?

The General Data Protection Regulation (GDPR) requires us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

  • Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.

·      Legitimate interests. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

  • Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.

We will only send you direct newsletters, emails, or text if we have your consent. You have the right to withdraw that consent at any time by contacting us.

5.    When and with whom do we share your personal information?

Your personal data may be shared with recipients for the following reasons:

  • When required by law, contract, or regulatory decision, the Consortium may be obligated or entitled to notify public and independent administrative authorities, judicial authorities, and public officials.
  • To achieve specific purposes related to the administration and relevant services of the Consortium.

The Consortium is bound by national laws and will not disclose, assign, exchange, grant, or dispose of personal data to third parties without the user/visitor’s consent, except in the cases mentioned above.

6.    Do we use cookies and other tracking technologies?

We may utilize cookies and comparable tracking technologies such as web beacons and pixels to obtain or save information. You can refer to our cookies policy for detailed information on how we use these technologies and how you can opt-out of certain cookies.

7.    How your personal data is collected

All personal data collected and processed by us are done so in accordance with applicable laws and regulations, including the General Data Protection Regulation (Regulation (EU) 2016/679) of the European Parliament and of the Council of 27 April 2016. We are committed to complying with data protection laws and principles, which means that your personal data will be:

·      Used in a lawful, fair, and transparent manner

·      Collected only for valid purposes that we have clearly explained to you, and will not be used in a way that is incompatible with those purposes

·      Relevant and limited to the purposes we have informed you about

·      Accurate and kept up to date

·      Kept only for as long as necessary to fulfil the purposes we have informed you about

·      Kept secure to prevent unauthorized access, loss, destruction or damage to your personal data.

8.    How do we handle your social logins?

Our Services allow you to register and sign in by using your social media account details from third-party providers such as Facebook or Twitter. If you choose to register using your social media account, we will receive certain information about you from the social media provider, which may include your name, email address, friends list, profile picture, and any other information that you choose to make public on the social media platform.

We will only use the information we receive for the purposes described in this privacy notice or as otherwise specified on our Services. Please note that we cannot control or be held responsible for any other uses of your personal information by your social media provider. We suggest that you review their privacy notice to understand how they collect, use, and share your personal information and how you can manage your privacy settings on their platforms and applications.

9.    How long do we keep your information?

We will retain your personal information only for as long as it is necessary to achieve the purposes stated in this privacy notice, unless a longer retention period is required or permitted by law (e.g., for tax, accounting, or other legal reasons), but no longer than five years after the project’s conclusion. None of the purposes described in this notice require us to keep your personal information beyond the time when you have an account with us.

If we no longer have a legitimate business reason to process your personal information, we will either delete or anonymize it. If this is not feasible, such as in the case of backup archives, we will securely store your personal information and prevent any further processing until it can be deleted.

10.  How do we keep your information safe?

Your personal data is processed using electronic means in compliance with the provisions of Article 32 of GDPR 2016/679 and national law, and in line with the principles of data confidentiality, integrity, and availability. We transfer your personal data in an encrypted manner using the widely used and secure TLS (Transport Layer Security) encryption standard. You can recognize a secure TLS connection by the additional “s” after “http” (i.e., https://..) in the address bar of your browser or the lock icon. In addition, we use appropriate technical and organizational measures, which are regularly updated, to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.

Despite our efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Therefore, we cannot promise or guarantee that unauthorized third parties such as hackers or cybercriminals will not be able to defeat our security measures and improperly collect, access, steal, or modify your information. While we will take all necessary precautions to protect your personal information, any transmission of personal information to and from our Services is at your own risk. It is recommended that you access our Services only within a secure environment.

11.  Do we collect information from minors?

Our Services are not intended for use by individuals under 18 years of age, and we do not knowingly collect personal information from children under this age. By using our Services, you represent and warrant that you are at least 18 years of age or, if you are not, that you have obtained the consent of your parent or legal guardian to use the Services. If we become aware that we have inadvertently collected personal information from a child under 18 years of age, we will take steps to promptly delete the information and terminate the child’s account.

12.  What are your rights?

You are entitled to the following rights:

  • To request information on whether we possess any personal information about you and, if so, what that information is and why we have it.
  • To access your personal information. This allows you to obtain a copy of the personal information we hold about you and to verify that we are processing it lawfully.
  • To request the rectification of any incomplete or inaccurate personal information we hold about you.
  • To request the erasure of your personal information. This allows you to ask us to delete or remove your personal information where there is no good reason for us to continue processing it.
  • To request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information.
  • To request the transfer of your personal information in an electronic and structured form to you or to another party (the right to “data portability”). This allows you to take your data from us in an electronically usable format and transfer it to another party in an electronically usable format.
  • To withdraw your consent at any time. Please note that this does not affect the processing of your data that is based on the consent you gave before withdrawing. Once we receive notice that you have withdrawn your consent, we will no longer process your personal information for the purpose(s) you initially agreed to.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You may exercise any of these rights at any time by contacting us at the contact information provided on the website.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can:

  • Log in to your account settings and update your user account.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

Cookies and similar technologies

Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services.

If you have questions or comments about your data protection rights, you may email us at GDPR@UCD.IE

13.  Do we make updates to this notice?

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

14.  How can you contact us about this notice?

If you have questions or comments about this notice, you may contact our DPO by emailing us at GDPR@UCD.IE or by post to:

RE-ROUTE PROJECT

ADDRESS: UNIVERSITY COLLEGE DUBLIN, BELIELD, DUBLIN 4

ZIP CODE: D04 V1W8

TOWN: DUBLIN

COUNTRY: IRELAND