EOSC Portal - A gateway to information and resources in EOSC
The EOSC Portal platform, URL: www.eosc-portal.eu , (hereinafter referred to as "Site" or "Application") abides by the following principles when handling personal information:
We collect a small amount of personal information about our users in order to provide them with our content, products and services;
We limit the sharing or disclosure of this personal information to our needs or to comply with applicable legal requirements;
We give users meaningful choices over the use of their personal information;
We strive to protect the personal information that we hold.
This Privacy Notice describes the policies applied with respect to the personal information collected through the Site, or when the Site communicates with its users ("you" or "user"), and the choices that are made available to them. "Personal Information" means any information that relates to an identified or identifiable individual.
The project is co-funded by the European Commission, therefore the EU data processing law applies. The policy on "protection of individuals with regard to the processing of personal data by the Community institutions" is based on EU regulation as described https://ec.europa.eu/info/legal-notice_en#personal-data-protection
Your use of the Site signifies that you agree will all terms of this Privacy Notice. If you communicate with us and provide us with personal information, we will assume that you agree that we can use this information to communicate with you. If you disagree with any part of this Privacy Notice, please do not use the Site or communicate with us.
This Privacy Notice applies solely to personal information that the Application collects through the Site or through any electronic communications that you send to the Application, as indicated on the Site (Personal Data). It does not apply to the websites of third parties, such as business partners or sponsors, to which the Site may link. The Application does not endorse, nor is responsible for the content of these third-party websites, or their policies or practices.
If you provide any personal information to or through third party websites, your transaction will be subject to the terms and conditions and the privacy policies of these third-party websites.
The Application manages different types of data, all in compliance with the current European legislation on Data Protection. Any Data concerning the User is collected to enable the Owner to provide its services, as well as for the following purposes: Tag Management, Displaying content from external platforms, Analytics, Contacting the User, Managing contacts and sending messages, Interaction with data collection platforms and other third parties.
Among the types of Personal Data that this Application collects, by itself or through third parties, are: Cookies, Usage Data, first name, last name, email address, various types of Data and Country.
Data voluntarily supplied by the User -- The web platform is designed to allow users to browse through it without providing any contact information. However, certain areas may require, or allow for, the submission of personal information, such as when a user fills out a newsletter form or contacts us. As an example, clients of the Application need to register to become part of the web site community and use the Application solutions.
The data collected and further processed are necessary to access the Application, as well as for communication and follow-up activities. Appropriate, detailed information is provided to the User and, where required, consent for the processing of Personal Data is obtained before a given service is activated. Said consent may be revoked at any time, whereby the ability to use the service in question ceases.
EOSC Portal Catalogue Provider information - Information for the providers offering EOSC resources will be also collected and stored in the catalogue. This information will include:
The above information will be collected by registered EOSC providers through the EOSC onboarding process (web interface or via a REST API) and updated either manually or automatically (via an API) by the EOSC providers.
EOSC Portal Catalogue Resource Information - The main entity managed by the catalogue portal is a resource. A resource is described by a well-defined schema, which contains
EOSC Portal Catalogue usage activity and user-collected information - Users of the platform are mainly Unauthenticated or Authenticated End-Users who access and browse the EOSC catalogue and provide feedback related to a EOSC resource or Resource Provider Managers/Resource Managers– members of a provider organization, who are authorized to upload and update resource related content at the EOSC Portal. Usage events and statistics are collected by the portal and then analysed to produce consolidated statistics that are visualized in the portal.
The following information about user visits is collected in the EOSC portal database:
The user data is used in the process of service ordering and provided to the EOSC support team to complete service orders and support users. This information data is not publicly displayed in any place of the Portal.
Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party's consent to provide the Data to the Owner.
This kind of service allows you to interact with social networks, or other external platforms, directly from the pages of this application. The information acquired by the Application through this interaction is in any case subject to the User's privacy settings related to each social network. If an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, the latter collect traffic data relating to the pages in which it is installed. Like button and Facebook social widgets (Facebook, Inc.)
The "Like" button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.
Personal Data collected: Cookies and Usage Data.
Tweet button and Twitter social widgets (Twitter, Inc.)
The Tweet button and Twitter social widgets are services of interaction with the Twitter social network, provided by Twitter, Inc.
Data acquisition and third-party platforms: Mailchimp Widget
Personal Data gathered: email, name, surname
Managed by Trust-IT Srl
Location The Data is processed at the Data Controller's operating offices and in any other places where the parties involved in the processing are located. For further information, please contact us at firstname.lastname@example.org
Duration of Processing -- Data processing is limited to the time necessary to perform the service requested by the User. Unless otherwise requested by the European Commission, any data kept to the purposes of a project is retained for the duration of the project, plus the period requested by the European Commission (typically 3 years) after the project end. However, the User can ask at any time to interrupt the processing of the Data or have Data cancelled.
Log information-- Our server software automatically gathers general information from all users. For example: IP address, computer type, screen resolution, OS version, domain name, location, date and time of the visit, page(s) visited, time spent on a page, website from which the user came, action taken by the user when leaving our Site. Some of this information is provided directly by the user's browser, the remainder is obtained through cookies and tracking technologies.
Registration information -- Webinars and other events may be provided with the assistance of unaffiliated third-party vendors, which may require that the vendors have access to personal information such as name, company, and email address. These vendors will provide us with this information, so that we can keep track of who registers to, or attends these events. In this case, the information that you provide as part of this registration will be subject to both our Privacy Notice and the applicable privacy statement posted on the vendor's website.
Children -- The Site is not intended for children. Nor does the Application knowingly collect personal information from children.
The Application uses personal information for the following:
Fulfilment of requests -- We may use your personal information to deal with your inquiries, register you to our events, and send you the publications or documents that you request.
Internal business purposes -- We may use the collected information for internal business purposes, such as for audits or to track attendance at events.
Statistical analysis -- We use aggregated data about Site usage (which do not identify a specific user), such as the number of users who have visited certain pages of the Site, or how long users are spending on a particular page, in order to develop statistics as to the use of the Site, so that we can understand how users interact with the Site, to improve its content, products, or services.
Displaying content from external platforms
The Data Controller processes the Data of Users in a proper manner and takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the Data.
Data Controller: Alasdair Reid
European Future Innovation System Centre
Avenue Maurice Maeterlinck, 12
The Data processing is carried out using computers and/or IT enabled tools, following organisational procedures and practices strictly related to the purposes indicated. The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies, e.g. EOSC Future, EOSC Association) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Data Controller at any time.
The Application Members -- We may share personal information with members of a Consortium for the purpose of creating a knowledge base and potential customer leads for the exploitation of results and assets.
EOSC Portal Marketplace Database (Managed by Cyfronet): the user unique identifier, first name, last name, email, reason for accessing EOSC services, country of origin, customer typology, organization/company, country of collaboration, webpage, ordered services, messages (communication with support team), user rating information
In particular the list of users who indicated their interest in receiving the EOSC newsletter is shared with the newsletter responsibles at the EOSC Enhance project and managed via the Data acquisition and third-party platform Mailchimp.
Law enforcement; compliance -- We may use or disclose personal information to any third party (a) if we believe that we are required to do so by law; (b) to comply with legal processes or respond to requests from governmental or public authorities; (c) to prevent, investigate, detect, or prosecute criminal offenses or attacks on the technical integrity of the Site or network; (d) to enforce our Terms and Conditions; or (e) to protect the rights, privacy, property, business, or safety of the Application, its business partners, employees, members, Site users, or the public. Unless prohibited by applicable law, we will inform you if a third party requests access to personal information about you.
You have the right to have access to the personal information that we hold about you, and to have this information corrected and amended, as defined in the GDPR art. 12, 15, 16. To do so, please contact us as indicated in section 16. However, please be aware that in some cases, the administrative and technical burden associated with the retrieval of archived data may be substantial. We would need to be compensated for this effort in a manner that is consistent with our actual cost.
You have the right to request that we delete any Personal Information that we hold about you. The Application is compliant with the Right to Erasure as defined in the GDPR, art. 17. If you would like us to erase the Personal Information that we hold about you, please contact us at email@example.com
You have the right to object at any time to the processing of your personal data, on grounds relating to your particular situation, as defined in the GDPR, art. 21. Please note that all the data you provide on this website will be used only for delivery of the services provided by the Application, as described in section 5. If you would like to apply your right to object, please contact us by email at firstname.lastname@example.org .
We will retain personal information about a user for as long as necessary to fulfil the purposes outlined in this Privacy Notice, unless a longer retention period is required by law and/or regulations. The User can always request that the Data Controller suspend or remove the data.
The Application seeks to adopt commercially reasonable security measures consistent with industry practice to protect personal information under its control against loss, misuse, and alteration. However, we cannot guarantee the security of our servers, the means by which personal information is transmitted between your computer and our servers, or any personal information that we receive through or in connection with the Site.
We attempt to strike a reasonable balance between security and convenience. Emails are usually sent as unencrypted text. If misrouted or intercepted, an unencrypted email could be read easily. If there is a matter that requires high security or confidentiality, please keep us informed about the sensitivity of the information, and do not send the related information by email.
The Application does not represent or warrant that the Site is appropriate or available for use in any particular jurisdiction. Those who choose to access the Site do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules, and regulations that apply to them.
We may limit access to the Site to any person, geographic area, or jurisdiction that we choose, at our sole discretion.
If you have any questions, comments, or complaints about this Privacy Notice, or the use, management or disclosure of personal information collected on or through our Site, please contact us at email@example.com .
We update this Privacy Notice from time to time. If the changes are significant, we will post prominent notification on this Site for a reasonable time to inform you of these changes. Unless, and until, you object in writing, by contacting us at firstname.lastname@example.org, all changes will apply to the existing information about you that the Application already holds, and the personal information collected from the effective date of the revised Privacy Notice. Your use of the Site following the effective date of any revision will constitute your acceptance of the terms of the updated Privacy Notice.
If you have any questions, comments, or complaints, regarding this Privacy Notice, or our privacy, security or data protection practices, please contact us by email at email@example.com
Effective Date: 30 April 2020 - Ver 1.4