1. Who we are
Within the framework of SUSTRACK project, accessible from https://www.sustrack.eu , one of our main priorities is the privacy of our visitors. This Privacy and Cookies Policy document contains types of information that is collected and recorded by SUSTRACK project and how we use it. If you have additional questions or require more information about our Privacy and Cookies Policy, do not hesitate to contact us.
The partners of the SUSTRACK consortium, listed below, process certain types of personal data for the purposes of the project. Each partner is responsible for the personal data they collect and process during their activities under the framework of the project:
- UNIVERSITA DEGLI STUDI DI ROMA UNITELMA SAPIENZA
- STICHTING WAGENINGEN RESEARCH
- KNOWLEDGE SRL
- PEDAL CONSULTING SRO
- DBFZ DEUTSCHES BIOMASSEFORSCHUNGSZENTRUM GEMEINNUTZIGE GMBH
- UNIVERSITEIT GENT
- FUNDACION TECNALIA RESEARCH & INNOVATION
- FVA SAS DI LOUIS FERRINI & C
- UNIVERSITA DEGLI STUDI DI FERRARA
- BUNDESANSTALT FUER MATERIALFORSCHUNG UND – PRUEFUNG
- FUNDACION CIRCE CENTRO DE INVESTIGACION DE RECURSOS Y CONSUMOS ENERGETICOS
For further information, we can be contacted at: firstname.lastname@example.org
2. How we collect personal data?
We collect personal data both directly and indirectly:
Directly. We obtain personal data directly from individuals in a variety of ways, including but not limited to the following cases:
- an individual subscribes to our newsletter/s;
- an individual registers to attend meetings and events we host and during attendance at such events;
- we establish cooperative relationships with an individual;
- we provide professional services pursuant to our contract with the European Commission;
- an individual participates in an interview or survey organized by us.
Indirectly. We obtain personal data indirectly about individuals from a variety of sources, including:
- our research partners;
- our networks and contacts;
- public and open data sources such as public registers, news articles and internet searches;
- social and professional networking sites (e.g., LinkedIn).
3. What type of data we collect?
We only collect the data that are necessary for the smooth implementation of our project. These data fall into the following categories:
- contact details (name/ surname, e-mail address, street address, mobile phone number, land line phone number);
- professional information (job title, organization, field of expertise);
- demographics (e.g., age, gender, nationality);
- information about what a person knows or believes.
- videos and photos (from people that attend our events).
4. Basis of lawful processes
We process personal data on the following legal bases:
Legal obligations – for processing activities required for compliance both with applicable national and European legislation as well as with the specific legal and regulatory framework of the Horizon Europe Framework Programme for Research and Innovation of the European Union.
Consent – for processing activities such as organization of surveys and interviews, completing of questionnaires and dissemination of project’s results.
Contractual obligations – for processing activities such as reporting to the European Commission and complying with project’s publicity obligations.
5. What we do with your personal data?
We process your personal data with the purpose of:
- Conducting research (e.g., interviews, surveys);
- Dissemination our project’s results to different types of stakeholder;
- Sending invitations and providing access to guests attending our events and webinars;
- Administering, maintaining, and ensuring the security of our information systems, applications, and websites;
- Processing online requests or queries, including responding to communications from individuals;
- Complying with contractual, legal, and regulatory obligations.
6. How we secure your personal data when we process it?
We continuously apply a personal data risk assessment process to identify, analyse, and evaluate the security risks that may threat your personal data. Based on the results of this risk assessment, we define and apply a set of both technical and organizational measures to mitigate the above security risks, including but not limited to:
- Data Protection Policies to guide our personnel when processing your data;
- Written contracts with organizations that process personal data on our behalf;
- Non-Disclosure Agreements with our personnel;
- Back up process, antimalware protection, access control mechanisms, etc.
- Some of our partners have appointed a Data Protection Officer.
7. Do we share personal data with third parties?
We may occasionally share personal data with trusted third parties to help us deliver efficient and quality services. When we do so, we ensure that recipients are contractually bound to safeguard the data we entrust to them before we share the data. We may engage with several or all the following categories of recipients:
- Parties that support us as we provide our services (e.g., cloud-based software services such as Dropbox, Microsoft SharePoint, Google);
- Our professional advisers, including lawyers, auditors, and insurers;
- Dissemination services providers (e.g., MailChimp);
- Law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with applicable law or regulation;
- The European Commission according to our relevant contractual obligations.
8. Do we transfer your personal data outside the European Economic Area?
We do not own file servers located outside the European Economic Area (EEA). However, some partners may use cloud and / or marketing services from reputable providers such as SharePoint, DropBox, MailChimp, Google, etc., situated both inside and outside the EEA. We always check that such providers comply with the relevant GDPR requirements before start using their services.
9. General Data Protection Regulation (GDPR)
- The right to access, update or to delete the information we have on you
- The right of rectification
- The right to object
- The right of restriction
- The right to data portability
- The right to withdraw consent
10. Log files
SUSTRACK project follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
11. Privacy Policies
12. Children information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity. SUSTRACK project does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Cookies are small text files which are saved on your computer, mobile phone or tablet. They allow the website to remember your actions and preferences (such as login, language, font size and other display preferences) so you don’t have to keep re-entering them whenever you come back to the site. You can control and/ or delete cookies as you wish. If you do this, however, you may need to manually adjust your preferences every time you visit a site. For more information on how to manage cookies, please visit: http://www.aboutcookies.org/