Effective as of 01 November 2020.
WHO WE ARE
“Data controllers” are the people or organisations that determine the purposes for which, and the manner in which, any Personal Data is processed, and make independent decisions in relation to the Personal Data and/or who/which otherwise control that Personal Data.
For the purposes of the GDPR, the data controller of this website with regard to the Personal Data described in this Privacy Policy is F6S Network Ireland Limited (registered number 643630) , whose registered office is at 77 Lower Camden Street, Dublin 2 D02 XE80, Ireland.
This Website falls under the responsibility of COVID-X Consortium and is concerned with the dissemination and exchange of information about the research and activities conducted in the course of the Initiative and the outcome of this work. The COVID-X Project is committed to protecting your privacy and is developing technology that gives you a powerful and safe online experience. This Privacy Policy applies to the Web Site of the COVID-X Project
1. POLICY SCOPE
The purpose of this Privacy Policy is to provide you, as our data subject, with a statement regarding the Data Protection and Privacy practices and obligations of the COVID-X Project and an explanation of your rights as a data subject.
This Data Protection and Privacy Policy and Notice applies to our business practices, our website (Websites), which are accessible from https://www.covid-x.eu/ and it applies regardless of whether you use a computer, mobile phone, tablet, TV or other device.
As the Organisation is established in the Republic of Ireland, this document is written in the vein of Irish Data Protection Law, and The COVID-X Project falls under the jurisdiction of the Irish Data Protection Commission. This Privacy Policy sets out what Personal Data we collect and process about you in connection with the services and functions of the Organisation. We are not responsible for the content or the privacy notices for any websites to which we may provide external links.
2. WHY AND HOW DO WE ENSURE COMPLIANCE?
Data protection and privacy laws provide rights to individuals with regard to the use of their Personal Data by organisations, including The COVID-X Project website. Irish and EU laws on data protection govern all activities we engage in with regard to our collection, storage, handling, disclosure and other uses of Personal Data.
We must comply with data protection and privacy laws because the law requires us to but we also would like you to have confidence in dealing with us, and compliance with data protection law helps us to maintain a positive reputation in relation to how we handle Personal Data.
We are required to demonstrate accountability for our data protection obligations. This means that we must be able to show how we comply with the applicable data protection and privacy laws, and that we have in fact complied with the laws.
We do this, among other ways, by our written policies and procedures, by building data protection and privacy compliance into our systems and business rules, by internally monitoring our data protection and privacy compliance and keeping it under review, and by acting if our representatives, including employees or contractors, fail to follow the rules.
We also have certain obligations in relation to keeping records about our data processing.
3. WHO MUST COMPLY?
All our representatives, which include employees and contractors, are required to comply with our Data Protection Policies and Procedures which inform this Privacy Policy when they process Personal Data on our behalf.
What are the data protection principles and rules?
We aim to comply with the following principles found in Data Protection Law:
- Lawfulness, fairness and transparency – Personal data must be processed lawfully, fairly and in a transparent manner.
- Purpose Limitation – Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data minimisation – Personal Data must be adequate, relevant and limited to what is necessary in relation to purposes for which they are processed.
- Accuracy – Personal data must be accurate and, where necessary, kept up to date. Inaccurate Personal Data should be corrected or deleted.
- Retention – Personal data should be kept in an identifiable format for no longer than is necessary.
- Integrity and confidentiality – Personal data should be kept secure.
- Accountability – Under the GDPR, we must not only comply with the above six general principles but we must be able to demonstrate that we comply by documenting and keeping records of all decisions.
4. PROJECT DATA CONTROLLERS
The COVID-X Project is made of 10 members, each of these initiatives is responsible for their own data protection compliance. If you have any queries about your personal data being used in this initiative, please contact the relevant controller from the list below making sure to cite clearly that your query is related to the COVID-X Project: