The goal of XANDAR Website is to provide information about the three-year Research and Innovation Action project funded under Horizon 2020 framework under call ICT-50-2020: Software Technologies. To achieve it, we collect and process only the necessary data for the user to visit our Website and voluntary contact us. XANDAR consortium, represented by University of the Peloponnese, acts with respect to the right of any person to protect its privacy. We are transparent about the data we collect, how we use them and with whom we share them. We respect your right to choose what you want to share. The protection of your privacy is a commitment for us and we always follow the applicable data protection rules.
2. Scope of this policy
3. Data Controller
The controller of your personal data is the University of the Peloponnese (Erythroy Stavroy 28 & Karyotaki, 22131, Tripolis, Greece, www.uop.gr). In all matters regarding personal data, you can contact us using the following email address: firstname.lastname@example.org.
4. Scope of processing of personal data
In connection with the use of the XANDAR Website by the User, we process personal data in the scope necessary to provide information about the XADNAR Project and to reply to you in case you contact us. The detailed purposes of processing personal data during the use of this Platform by the User are described below.
XANDAR Website is not a storage service. We have no obligation to store, maintain or provide you a copy of any content or information, except to the extent required by applicable law (in particular GDPR rules).
5. Legal basis for data processing
We process only those personal data that are necessary to achieve the following described purposes. We process personal data where we have a lawful basis about the data processing. Unless otherwise stipulated at the time of collection of personal data, the legal basis for the processing of such data is one of the following: consent (where you have given consent) and “legitimate interest” (provided that our interest does not exceed the rights and freedoms of the data subject).
Where we rely on your provided consent to process your personal data, you have the right to withdraw it at any time and where we rely on legitimate interest, you have the right to object.
6. Purposes of data processing
We provide an option to contact us using this email email@example.com. In this scope we require you provide us personal data necessary to contact you and reply to your request (depending on the nature of request, you may be requested to provide more information but always only the necessary personal data).
We might contact you through email, notices posted on our Services and other ways through our Services (including push notifications).
6.2. Conduct of our Services
In XANDAR Website and for our Services, we might process data for analytical and statistical purposes.
XANDAR Website may automatically store http enquiries, therefore the files containing web server logs may store data pertaining to the user, including the IP address of the computer sending the enquiry, the name of user’s station, if possible, date and system time of registration in the service and receipt of the enquiry, number of bytes sent by the server, information concerning User’s browser or information concerning errors which occurred by realization of the http transaction. Files containing web server logs shall be mainly analyzed for the purposes of preparing statistics concerning traffic on the website and occurring errors. Information shall be anonymous and summary of such details shall not identify particular users. Web server logs may be collected for the purposes of proper administration of the XANDAR Website. Only the persons authorized to administer the IT system shall have access to the data.
In some cases we might have a legitimate interest to process personal data in order to fulfill the obligations laid down in the grant agreements we are participating and in this scope it might be necessary to report and collaborate with other partners or manage potential complaints etc.
7. Personal data of minors
Our Services are not intended for persons under 16 years of age.
8. Storage period
The period of data processing by us depends on the type of service provided and the purpose of the processing. The data will be deleted as soon as they are no longer necessary in relation to the purposes for which they were processed, unless otherwise provided by applicable law.
9. Information security
We apply technological and organizational means to secure your personal data. We implement security safeguards corresponding to the threats and category of personal data to be secured. In particular, we shall secure personal data against publishing to unauthorized persons, taking over by an unauthorized person, processing in violation of the law and change, loss, damage or destruction; among others the SSL (Secure Socket Layer) certificates shall be applied. The Users’ personal data shall be collected and stored on a secured server. Moreover, the personal data shall be secured by our internal procedures related to processing personal data and information security policy. However, we cannot warrant the security of any information that you send us. There is no guarantee that personal data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
At the same time, we state that using the Internet and services provided by electronic means may pose a threat of malware breaking into User’s IT system and device, as well as any other unauthorized access to the User’s data, including personal details, by third parties. In order to minimize such threats, the User shall use appropriate technical security means, e.g. using updated antivirus programs or programs securing identification of the User on the Internet. In order to obtain detailed and professional information related to the security in the Internet we recommend taking advice from entities specializing in relevant IT services.
We undertake all necessary actions, so that our subcontractors and other cooperating entities would guarantee that appropriate security measures will be applied whenever they process personal data at our request.
Usually, Cookies contain the address of the Internet service, date of publishing, lifetime of the Cookie, unique number and additional information corresponding to the intended use of particular file.
We shall use two types of Cookies: session cookies, which are permanently deleted upon closing the session of the User’s browser and permanent cookies, which remain on the User’s device after closing the session until they are deleted.
It is not possible to identify the User on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collecting any personal data.
Cookies used on XANDAR Website are safe for the User’s device; in particular they prevent viruses or other software break into to the device.
Files generated directly by XANDAR Website may not be read by other Internet services. Third-Party Cookies (i.e. Cookies provided by our associates) may be read by an external server.
The User may disable storing Cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of XANDAR Website.
We shall use own Cookies for the following purposes: authenticating the User at XANDAR Website and preserving the User’s session; configuration of XANDAR Website and adjustment of the content of pages to the User’s preferences, such as: recognizing the User’s device, remembering settings set up by the User; Cookies ensuring security of data and use of XANDAR Website; analyses and researches of views; advertisement services.
We shall use Third-Party Cookies for the following purposes:
- preparing statistics (anonymous) for optimizing functionality of XANDAR Website, by means of analytic tools e.g., Google Analytics (Cookies administrator: Google Inc. with its registered office in the USA);
- analyse users and visitors’ behaviour for improve, support and operate the service using for example Intercom (Cookies administrator: Intercom Inc. with its registered office in the USA); Mixpanel (Cookies administrator: Mixpanel Inc. with its registered office in the USA)
- improve advertising, target publicity according to contents that are relevant for a User, improve performance reports of the campaigns and avoid showing advertisements that the user has already seen using for example Google Marketing Platform (Cookies administrator: Google Inc. with its registered office in the USA);
- using interactive functions by means of social networks, including: twitter.com (Cookies administrator: Twitter Inc. with its registered office in the USA); plus.google.com (Cookies administrator: Google Inc with its registered office in the USA); Facebook.com (Cookies administrator: Facebook Inc with its registered office in the USA or Facebook Ireland with its registered office in Ireland); LinkedIn.com (Cookies administrator: LinkedIn Ireland with its registered office in Ireland);
The User may individually change Cookies settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. The User may also individually delete Cookies stored on his/her device at any time in accordance with the instructions of the browser producer.
Detailed information concerning Cookies support are available in the browser settings.
11. Links to other websites
12. Your privacy rights
As a data subject, you have many rights in respect to of personal data we hold on you. Under applicable laws and subject to any legal restrictions, you may have the following rights:
- request access to your personal data (you have a right to access the personal data we are keeping about you),
- request restriction of processing of your personal data, where specified by law,
- object to the processing of your data (based on our legitimate interest)
- request data portability (this right applies to personal data processed only by automated means and on the basis of consent or fulfilling a contract),
- request erasure of your personal data,
- withdraw consent at any time without affecting the legality of the processing carried out on the basis of your consent until you revoke it,
- you have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect on you or similarly significantly affects you.
13. Exercise your privacy rights
In order to exercise your privacy rights, you can send your request at firstname.lastname@example.org.
If you believe that your privacy rights are infringed, you have the right to complaint to the relevant supervisory authority. The competent Authority for these matters in Greece is the Hellenic Data Protection Authority (Kifisias Avenue 1-3, 115 23 – Αthens, email@example.com)