PRIVACY POLICY

SMART4ALL PLATFORM PRIVACY POLICY

The goal of SMART4ALL Platform (including Website, Marketplace, Helpdesk and Communication lists) is to create a network and connect professionals to grow. To achieve it, we collect and process both personal data and data connected to your business. SMART4ALL consortium, represented by University of the Peloponnese, acts with respect for the right of any person to protect its privacy.

We are transparent about the data we collect, how we use them and with whom we share them. We respect your right to choose what do you want to share.

This Privacy Policy applies when you use our Services and constitutes an integral part of the Terms of Service provided by University of the Peloponnese.

The provisions of the Terms of Service shall be applied accordingly.

If the User does not agree with this Privacy Policy, it is asked to refrain from using the Platform.

The Privacy Policy shall pertain only to the use of the Platform and Services. However, on the Platform there may be references and links to other websites, which are not controlled by by University of the Peloponnese, so the separate privacy policies apply to them. Therefore, by University of the Peloponnese shall not be held liable for the consequences of using such references by the User.

Members of the SMART4ALL Platform might share their professional identities, engage with communities within Website, Marketplace, Helpdesk and Communication lists, exchange knowledge and their experience, post and view relevant content, find business and funding opportunities. Content and data of the Services are not viewable to the non-registered Users but it might be viewable to other Members.

This Policy may be modified at any time. The amendments shall become effective upon the lapse of 7 (seven) days from the date of their publishing on the Platform website. If we make material changes in this Policy, we will provide you notice through email, to give you the opportunity to review the changes. If the Member fails to terminate the Agreement within the said period, then it shall be assumed that it has accepted the amendments.

DATA CONTROLLER 

The Controller of your personal data is the University of the Peloponnese (Erythroy Stavroy 28 & Karyotaki, 22131, Tripolis, Greece, www.uop.gr). In all matters regarding personal data, you can contact us using the following email address: privacy@esda-lab.gr

In case of Open Calls the Data controller is the Open Call Organizer.

In case of Website, Marketplace, Helpdesk and Communication lists the Data controller might be the is University of the Peloponnese.

PROCESSING OBJECTIVES, LEGAL BASIS 

In connection with the use of the Platform by the User, University of the Peloponnese collects data in the scope necessary to provide particular services offered, as well as information about the User’s activity on the Platform. The detailed principles and purposes of processing personal data collected during the use of the Platform by the User are described below.

We only collect and process personal data where we have lawful basis. Lawful bases are consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you – to deliver the Services you have requested) and “legitimate interests”. 

Where we rely on your consent to process personal data, you have the right to withdraw or deny your consent at any time and where we rely on legitimate interests, you have the right to object. 

SMART4ALL Platform is not a storage service. We have no obligation to store, maintain or provide you a copy of any content or information that you or others provide, except to the extent required by applicable law (in particular GDPR rules).

If the User posts on the Platform any personal data of other people (including their name, address, telephone number or e-mail address), they may do so only on condition that they do not violate the applicable law and personal rights of such persons.

Data we collect

Registration

To create an Account, it is necessary to provide basic data necessary to create and service the account: your name and surname, user name, email address and a password.

Providing name, surname, email address and password is voluntary but University of the Peloponnese can’t provide services without them. Those data are required to set up and service an account, and failure to do so results in the inability to set up an account.

Profile 

You can create your Profile on the Platform. Profile is a functionality of the Account that allows you to include information about your business activity, professional experience, interest etc. You are free to choose which information you want to include on your profile (such as your education, work experience, skills, photo, origin, business activity etc.). You do not have to provide additional information on your profile; however, profile information helps you to get more from our Platform. We never ask for sensitive information but you are free to include such data on your Profile. Please always consider it carefully. Such additional data can be deleted at any time without removing your Account.

SMART4ALL Platform provides functionality of the Account that allows the User, using the selected Services, to properly manage these Services, including their own modification of their scope and selection of preferences regarding the protection of their privacy.

Authentication 

In our platform we also use authentication mechanism that allows the User to set up an account and gain access to it through an external authentication service (eg Facebook Connect, LinkedIn). In such a case the Platform will download from the User’s account on the social network only data necessary for registration and account servicing. By individually changing the plug-in settings, the User can easily extend the scope of downloaded data with those that may be useful when using the account’s functionality on the Portal.

Activity on the Platform

University of the Peloponnese collects personal data that you provide when you join the Platform, post or upload it to our Services (for example within Marketplace). Your data might be also delivered by third parties. You can always object to this in accordance to the procedure below.

We allow Members to connect with each other. To do so, you will “connect” with the professionals who you choose, and who also wish to “connect” with you. Subject to your settings different interactions are possible. University of the Peloponnese might use data provided in your Profile to help others find your profile, suggest connections and activities, inform you about news, events and ideas regarding professional topics you might be interested in.

SMART4ALL Platform also allows to explore business and funding opportunities and to set up business relations.

The User’s activity on the Platform, can be recorded in system logs (a special computer program used to store a chronological record containing information about events and activities regarding the IT system used to provide services by the University of the Peloponnese). Information collected in logs is processed primarily for purposes related to the provision of services. The data Controller also processes them for technical and administrative purposes, to ensure the security of the IT system and management of this system, as well as for analytical and statistical purposes.

Our Services also enable communications  between Users through our Services.

Contact

We provide an option to contact us using an email privacy@esda-lab.gr. Contact with the University of the Peloponnese requires providing personal data necessary to contact the User and reply to the request. The User may also provide other data to facilitate contact or service of the inquiry. Providing contact data is voluntary but is required to receive and service the request. Providing other data is voluntary.

We might contact you through email, notices posted on our Services and other ways through our Services (including push notifications).

Marketing and newsletter

University of the Peloponnese processes Users’ personal data in order to carry out marketing activities, which may consist of:

  1. direct email notifications about interesting offers or content, which in some cases contain commercial information (newsletter service);

  2. conducting other types of activities related to the direct marketing of goods and services (sending commercial information by electronic means and telemarketing activities);

In order to implement marketing activities, the University of the Peloponnese uses profiling in some cases. Profiling means that due to the automatic processing of data, the University of the Peloponnese evaluates selected factors concerning natural persons in order to analyze their behavior or create a forecast for the future.

We analyze the User location and interests, related to communities and topics.

University of the Peloponnese provides the newsletter service to Users who, for this purpose, provided their e-mail address and agreed to receive the newsletter. In the newsletter, the University of the Peloponnese or entity that orders such newsletter informs, among others about upcoming open calls, interesting events in the community.

Automated Processing

We use data and information about you to make relevant suggestions to you and others.

We will use the information and data that you provide and that we have about Members to make recommendations for connections, content and features that may be useful to you. For example, we use data and information about you to recommend jobs to you and you to recruiters. Keeping your profile accurate and up-to-date helps us to make these recommendations more accurate and relevant.

Direct marketing

We do not share personal data with third parties for their direct marketing purposes.

Purposes of data processing, legal basis and processing period

 



The purpose of processing

Legal basis for processing

Period

To allow efficient matchmaking, profile related communication and support

The legal basis for processing is the indispensability to implement the legally justified interest of the data controller, consisting in fulfilling the obligations laid down in the Grant Agreement (Article 6 paragraph 1 point f) GDPR in this respect.

6 years from the end of the year in which the Project ended.

To realize the Project goals described in the Grant Agreement (communication, reporting, collaborating with other project partners)

The legal basis for processing is indispensability to implement the legally justified interest of the data controller, consisting in effectively participating in the project and fulfilling the obligations laid down in the Grant Agreement (Article 6 paragraph 1 point f) GDPR in this respect.

6 years from the end of the year in which the Project ended

In order to consider potential complaints

The legal basis for processing is indispensability to implement the legally justified interest of the data controller fulfilling the obligations laid down in the Grant Agreement (Article 6 paragraph 1 point f) GDPR in this respect.

6 years from the end of the year in which the Project ended

In order to possibly establish and enforce claims or defend against them

The legal basis of the processing is the legitimate interest of the data controller consisting in the protection of its rights (Article 6 paragraph 1 point f) GDPR in this respect.

6 years from the end of the year in which the Project ended



CONDUCT OF THE WEBSITE, MARKETPLACE, HELPDESK and COMMUNICATION LISTS

We also collect data provided in the SMART4ALL Website, Marketplace, Helpdesk and Communication lists. The controller of all the data included in your Profile is University of the Peloponnese and only processes data provided in SMART4ALL Website, Marketplace, Helpdesk and Communication lists.

For SMART4ALL Website, Marketplace, Helpdesk and Communication lists, University of the Peloponnese might process data in the following scope:

  1. to provide services related to running and servicing a User’s account on the Platform;

  2. in order to support matchmaking via SMART4ALL Marketplace;

  3. in order to verify the entities populating SMART4ALL Marketplace;

  4. in order to enter into an agreement for artifacts provided through SMART4ALL Marketplace;

  5. for analytical and statistical purposes.

Each time the specific rules for the processing of personal data should be described in an open call.

DATA RECEIVERS:

University of the Peloponnese will only transfer Users’ data to the trusted recipients, such as IT services provider, hosting (who provide services to the University of the Peloponnese), marketing agencies (in the field of marketing services) of the European Commission, project partners.

We might be obliged to pass your data to the officials if that is required by law.

YOUR RIGHTS

Due to the fact that we process your personal data, you have the right to:

    1. request access to your personal data (you can ask us for a copy of your personal data in machine-readable form),

    2. demand the rectification (correction) of your personal data (you can edit some of your personal data through your Profile, as well as ask us to change, update or fix your data),

    3. request to remove or limit the processing of your personal data (you can request to stop using all or some of your personal data or to limit our use of it, as well as to erase or delete all or some of your personal data),

    4. object to the processing of your data,

    5. transfer personal data (which processing is based on a contract or on the basis of a contract – Regulations),

    6. withdraw consent at any time without affecting the legality of the processing, which was made on the basis of consent prior to its withdrawal by sending request to the following address: privacy@esda-lab.gr,

    7. file a complaint to the Authority (the President of the Office for Personal Data Protection in Greece).

Providing data is voluntary, although it is necessary to conclude and perform the contract in accordance with the Terms of Service and this policy. Without providing its data, University of the Peloponnese will not be able to provide services specified in the Regulations.

To the extent that User’s data are processed on the basis of consent, it can be withdrawn at any time by contacting the University of the Peloponnese at privacy@esda-lab.gr.

PERIOD OF PROCESSING OF THE PERSONAL DATA

The period of data processing by the University of the Peloponnese depends on the type of service provided and the purpose of the processing.

As a rule, the data connected to and on your Account are processed as long as your Account is active or until your consent is withdrawn or effective opposition to the data processing is filed. If you decide to close your Account your personal data will stop being visible to others on our Platform within 7 days. We generally delete closed account information within 30 days of account closure, except as noted below.

We might retain your personal data even after you have closed your account if it is reasonably necessary to comply with University of the Peloponnese legal obligations, meet regulatory requirements, resolve disputes, prevent fraud and abuse.

Information you have shared with others might remain visible after you erase your Account or deleted that information from your Profile.

ADDITIONAL INFORMATION

The Platform may automatically store http enquiries, therefore the files containing web server logs may store data pertaining to the User, including the IP address of the computer sending the enquiry, the name of User’s station, if possible, date and system time of registration in the service and receipt of the enquiry, number of bytes sent by the server, information concerning User’s browser or information concerning errors which occurred by realization of the http transaction. Files containing web server logs shall be mainly analyzed for the purposes of preparing statistics concerning traffic on the website and occurring errors. Information shall be anonymous and summary of such details shall not identify particular Users. Web server logs may be collected for the purposes of proper administration of the Platform. Only the persons authorized to administer the IT system shall have access to the data.

INFORMATION SECURITY

University of the Peloponnese applies technological and organizational means to secure your personal data. We implement security safeguards corresponding to the threats and category of data to be secured. In particular, University of the Peloponnese shall secure data against publishing to unauthorized persons, taking over by an unauthorized person, processing in violation of the law and change, loss, damage or destruction; among others the SSL (Secure Socket Layer) certificates shall be applied. The Users’ personal data shall be collected and stored on a secured server. Moreover, the data shall be secured by internal procedures of University of the Peloponnese related to processing personal data and information security policy. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

In order to log in to the Account, it shall be necessary to provide relevant username and password. In order to ensure an appropriate level of security, the password for the Account shall exist on the Platform only in a coded form. Furthermore, registration on and logging in to the Platform shall proceed to secure https connection. Communication between the User’s device and the servers shall be encoded using the SSL protocol.

At the same time, University of the Peloponnese states that using the Internet and services provided by electronic means may pose a threat of malware breaking into User’s IT system and device, as well as any other unauthorized access to the User’s data, including personal details, by third parties. In order to minimize such threats, the User shall use appropriate technical security means, e.g. using updated antivirus programs or programs securing identification of the User on the Internet. In order to obtain detailed and professional information related to the security in the Internet, University of the Peloponnese recommends taking advice from entities specializing in relevant IT services.

The University of the Peloponnese undertakes all necessary actions, so that its subcontractors and other cooperating entities would guarantee that appropriate security measures will be applied whenever they process personal data at the request of the University of the Peloponnese.

COOKIES

For the purposes of correct operation of the Platform, University of the Peloponnese uses Cookies support technology. Cookies are packages of information stored on the User’s device through the Platform, usually containing information corresponding to the intended use of particular file, by means of which the User uses the Platform.

Usually, Cookies contain the address of the Internet service, date of publishing, lifetime of the Cookie, unique number and additional information corresponding to the intended use of particular file.

University of the Peloponnese shall use two types of Cookies: session cookies, which are permanently deleted upon closing the session of the User’s browser and permanent cookies, which remain on the User’s device after closing the session until they are deleted.

It is not possible to identify the User on the basis of Cookie files, whether session or permanent. The Cookie mechanism prevents collecting any personal data.

Cookies used on the Platform are safe for the User’s device, in particular they prevent viruses or other software break into to the device.

Files generated directly by the Platform may not be read by other Internet services. Third-Party Cookies (i.e. Cookies provided by associates of the University of the Peloponnese) may be read by an external server.

The User may disable storing Cookies on his/her device in accordance with the instructions of the browser producer, but this may disable certain parts of or the entire operation of the Platform.

University of the Peloponnese shall use own Cookies for the following purposes: authenticating the User at the Platform and preserving the User’s session; configuration of the Platform and adjustment of the content of pages to the User’s preferences, such as: recognizing the User’s device, remembering settings set up by the User; Cookies ensuring security of data and use of the Platform; analyses and researches of views; advertisement services.

University of the Peloponnese shall use Third-Party Cookies for the following purposes:

  1. preparing statistics (anonymous) for optimizing functionality of the Platform, by means of analytic tools, among others: Google Analytics (Cookies administrator: Google Inc. with its registered office in the USA);

  2. analyse users and visitors behaviour for improve, support and operate the service: Intercom (Cookies administrator: Intercom Inc. with its registered office in the USA); Mixpanel (Cookies administrator: Mixpanel Inc. with its registered office in the USA)

  3. improve advertising, target publicity according to contents that are relevant for a user, improve performance reports of the campaigns and avoid showing advertisements that the user has already seen: Google Marketing Platform (Cookies administrator: Google Inc. with its registered office in the USA);

  4. using interactive functions by means of social networks, including: twitter.com (Cookies administrator: Twitter Inc. with its registered office in the USA); plus.google.com (Cookies administrator: Google Inc with its registered office in the USA); Facebook.com (Cookies administrator: Facebook Inc with its registered office in the USA or Facebook Ireland with its registered office in Ireland); LinkedIn.com (Cookies administrator: LinkedIn Ireland with its registered office in Ireland);

  5. logging in the service through the social network LinkedIn.com (Cookies administrator: LinkedIn Ireland with its registered office in Ireland); twitter.com (Cookies administrator: Twitter Inc. with its registered office in the USA); Facebook.com (Cookies administrator: Facebook Inc with its registered office in the USA or Facebook Ireland with its registered office in Ireland);

  6. using the function of twitter.com widget (Cookies administrator: Twitter Inc. with its registered office in the USA) on the Platform.

The User may individually change Cookies settings at any time, stating the conditions of their storage, through the Internet browser settings or configuration of the service. The User may also individually delete Cookies stored on his/her device at any time in accordance with the instructions of the browser producer.

Detailed information concerning Cookies support are available in the browser settings.

If you have any further questions and complaints pertaining to the manner in which University of the Peloponnese processes personal data, please contact us at the address: privacy@esda-lab.gr.