Skip to main content

Privacy Policy

Effective as of 01.11.2020.

WHO WE ARE

“Data controllers” are the people or organisations that determine the purposes for which, and the manner in which, any Personal Data is processed, and make independent decisions in relation to the Personal Data and/or who/which otherwise control that Personal Data.

 

For the purposes of the GDPR, the data controller of this website with regard to the Personal Data described in this Privacy Policy is F6S Network Ireland Limited (registered number 643630) , whose registered office is at 77 Lower Camden Street, Dublin 2 D02 XE80, Ireland.

This Website falls under the responsibility of COVID-X Project and is concerned with the dissemination and exchange of information about the research and activities conducted in the course of the Initiative and the outcome of this work. The COVID-X Project is committed to protecting your privacy and is developing technology that gives you a powerful and safe online experience. This Privacy Policy applies to the Web Site of the COVID-X Project 

 

1. POLICY SCOPE

The purpose of this Privacy Policy is to provide you, as our data subject, with a statement regarding the Data Protection and Privacy practices and obligations of the COVID-X Project and an explanation of your rights as a data subject. 

This Data Protection and Privacy Policy and Notice applies to our business practices, our website (Websites), which are accessible from https://www.covid-x.eu/ and it applies regardless of whether you use a computer, mobile phone, tablet, TV or other device.

As the Organisation is established in the Republic of Ireland, this document is written in the vein of Irish Data Protection Law, and The COVID-X Project falls under the jurisdiction of the Irish Data Protection Commission. This Privacy Policy sets out what Personal Data we collect and process about you in connection with the services and functions of the Organisation. We are not responsible for the content or the privacy notices for any websites to which we may provide external links.

 

2. WHY AND HOW DO WE ENSURE COMPLIANCE?

Data protection and privacy laws provide rights to individuals with regard to the use of their Personal Data by organisations, including The COVID-X Project website. Irish and EU laws on data protection govern all activities we engage in with regard to our collection, storage, handling, disclosure and other uses of Personal Data.

We must comply with data protection and privacy laws because the law requires us to but we also would like you to have confidence in dealing with us, and compliance with data protection law helps us to maintain a positive reputation in relation to how we handle Personal Data.

We are required to demonstrate accountability for our data protection obligations. This means that we must be able to show how we comply with the applicable data protection and privacy laws, and that we have in fact complied with the laws. 

We do this, among other ways, by our written policies and procedures, by building data protection and privacy compliance into our systems and business rules, by internally monitoring our data protection and privacy compliance and keeping it under review, and by acting if our representatives, including employees or contractors, fail to follow the rules. 

We also have certain obligations in relation to keeping records about our data processing.

 

3. WHO MUST COMPLY?

All our representatives, which include employees and contractors, are required to comply with our Data Protection Policies and Procedures which inform this Privacy Policy when they process Personal Data on our behalf.

What are the data protection principles and rules?

We aim to comply with the following principles found in Data Protection Law:

  • Lawfulness, fairness and transparency – Personal data must be processed lawfully, fairly and in a transparent manner.
  • Purpose Limitation – Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • Data minimisation – Personal Data must be adequate, relevant and limited to what is necessary in relation to purposes for which they are processed.
  • Accuracy – Personal data must be accurate and, where necessary, kept up to date. Inaccurate Personal Data should be corrected or deleted.
  • Retention – Personal data should be kept in an identifiable format for no longer than is necessary.
  • Integrity and confidentiality – Personal data should be kept secure.
  • Accountability – Under the GDPR, we must not only comply with the above six general principles but we must be able to demonstrate that we comply by documenting and keeping records of all decisions.

 

4. INITIATIVE DATA CONTROLLERS

The COVID-X Project is made of 10 members, each of these initiatives is responsible for their own data protection compliance. If you have any queries about your personal data being used in this initiative, please contact the relevant controller from the list below making sure to cite clearly that your query is related to the COVID-X Project:

5. PERSONAL DATA THAT THIS WEBSITE COLLECTS PROVIDED BY YOU AND HOW WE USE IT

Any personal information which you volunteer to COVID-X Project through the use of this website will be treated with the highest standards of security and confidentiality, strictly in accordance with the EU GDPR and the Data Protection Acts 1988 to 2018. Unless stated otherwise in detail in the relevant sections of the Website, Personal Data generated from the use of our Website is processed as follows:

(i) Contact via contact form

Should you choose to communicate with us via the contact form, we invite you to provide your name, your email address, and message. The website does not store your personal data. The legal basis for processing Personal Data for the purposes set out in this item is art. 6(1)(b) of GDPR.

(ii)Newsletter subscription

Should you choose to subscribe to our newsletter, we invite you to provide your name, and your email address which are managed by https://mailchimp.com/ according to their terms and conditions. The website does not store your personal data. The legal basis for processing Personal Data for the purposes set out in this item is art. 6(1)(a) of GDPR. You can withdraw your consent from any communication from the COVID-X Project by using the ‘Unsubscribe’ link in any communication

(iii) Social Media

Some of our webpages use social media plug-ins from other organisations. We embed widgets from these social media networks to provide retweet / sharing functions, like boxes, stream embeds and follow buttons. These other organisations may receive and use personal data about your visit to our sites or apps. If you browse our Website or view content on our apps, the information that these third-party social media organisations collect may be connected to your account on their site. For more information on how these organisations use personal data, please read their privacy policies. The legal basis for processing Personal Data for the purposes set out in this item is art. 6(1)(a) of GDPR.

(iv) Special Category Data

We will not collect special category data from you (for example information around your political/philosophical beliefs, racial/ethnic origins, sex life/sexual orientation) through your use of this website.

(v) Site visitation tracking

We use Matomo, an open source web analytics platform in order to measure, collect, analyse and report visitors data for purposes of understanding and optimising the website. We enable all anonymisation features in Matomo so no personal data is collected.

 

6. COOKIES AND THIRD PARTY – COOKIES

Cookies are small text files that can be used by websites to make a user’s experience more efficient.

You reserve the right to set up your browser to warn you before accepting cookies, or you can simply set it to refuse them, although you may not have access to all the features of this website if you do so. See your browser ‘help’ button for how you can do this. You do not need to have Cookies on to use or navigate through many parts of this Website. Remember that if you use different computers in different locations, you will need to ensure that each browser is adjusted to suit your Cookie preferences.

 

7. HOW WE STORE YOUR PERSONAL DATA

If you submit your contact details via the newsletter subscription form, your data is stored and managed in the platforms mentioned in section 5. We will not share your contact details with anyone and they will be securely transmitted through the COVID-X website with access only by authorised personnel.

Cookies are currently the only occasion where personal data will be stored by this Website.

We utilise state-of-the-art technology to store your data. The following safeguards are used, for example, to protect your personal data from misuse or any form of unauthorised processing:

  • Access to personal data is restricted to a limited number of authorised persons for the stated purposes.
  • The IT systems used for processing data are technically isolated from other systems to prevent unauthorised access and hacking.
  • Access to these IT systems is constantly monitored to detect and prevent misuse in the early stages.

 

8. HOW LONG WE WILL KEEP YOUR PERSONAL DATA FOR

The Initiative shall not keep personal data in a form that permits identification of data subjects for longer a period than is necessary, in relation to the purpose(s) for which the data was originally collected. However, as it is a group consisting of European Commission funded projects, it must retain generated data until five years after the balance of the Initiative is paid or longer if there are ongoing procedures (such as audits, investigations or litigation). In this case, the data must be kept until they end.

 

9. DATA BREACHES

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator when we are legally required to do so.

 

10. YOUR RIGHTS AS DATA SUBJECT WITH RESPECT TO YOUR PERSONAL DATA

Under the General Data Protection Regulation [Articles 15-21], you have a number of important rights . In summary, those include rights to:

Right of access:

You have the right to be aware and verify the legitimate nature of the processing. So, you have the right to access your personal data and receive additional information about how we process it.

Right to rectification:

You have the right to study, correct, update or modify your personal data by contacting the COVID-X website manager at privacyie@f6s.com.

Right to erasure (Right to be forgotten):

You have the right to request deletion of your personal data when we process it on your consent or in order to protect our legitimate interests. In all other cases (such as, where there is a contract, obligation to process personal data legally required, or public interest), this right is subject to specific restrictions or shall not exist, as the case may be.

Right to restriction of processing:

You have the right to request a restriction of the processing of your personal data in the following cases:

(a) when the accuracy of the personal data is contested and until the accuracy is verified 

(b) when you oppose the deletion of your personal data and request the restriction of their use instead,

(c) when personal data are not needed for processing purposes, they are however required for the establishment, exercise, or defence of legal claims, and 

(d) when you object to the processing and the decision on your objection to processing is pending.

Right to object to processing:

You have the right to object at any time to the processing of your personal data where, as described above, the processing is based on the legitimate interests we pursue as data controllers, as well as, for the purposes of direct marketing and consumer profiling, if applicable.

Right to data portability:

You have the right to receive your personal data free of charge in a format that allows you to access, use, and edit them with commonly used editing methods. You also have the right to ask us, in case it is technically feasible, to transmit the data directly to another controller. Your right to do so exists for the data you have provided to us and is processed by automated means based on your consent or for the execution of a relevant contract.

Right to withdraw your consent:

In cases where processing is based on your consent, you have the right to withdraw it without affecting the lawfulness of processing based on consent prior to its withdrawal.

If you would like to exercise any of those rights, please:

  • contact us using our Contact details below
  • let us have enough information to identify you,
  • let us have proof of your identity and address, and
  • let us know the information to which your request relates.

 

11. TIME LIMITS FOR COMPLIANCE WITH YOUR RIGHTS AS DATA SUBJECT

We make every effort to comply with all requests within one month of the receipt of the request. However, this period may be extended for reasons relating to the specific right or complexity of your request.

 

12. DATA CONTROLLER CONTACT DETAILS AND DATA PROTECTION OFFICER 

The data controller of this website is F6S Network Ireland Limited (registered number 643630) , whose registered office is at 77 Lower Camden Street, Dublin 2 D02 XE80, Ireland. All questions, comments and requests regarding this Privacy Policy may be also addressed to the following Contact details to privacyie@f6s.com or post address to our Company.

A Data Protection Officer has been appointed by F6S and such DPO will assist with the oversight of this Privacy Policy.

 

13. HOW TO COMPLAIN

As the Data Subject, you have the right to complain at any time to a supervisory authority in relation to any issues related to our processing of your Personal Data. We would like to hear from you first if you have a complaint about how we use your data so that we may rectify the issue. As The COVID-X Project and F6S Network Ireland Limited are located in Ireland and we conduct our data processing in the EEA, we are regulated for data protection purposes by the Irish Data Protection Commissioner.

You can contact the Data Protection Commission as follows:

Website: www.dataprotection.ie

Phone: +353 (0) 1 7650100  or +353 (0) 1800437 737

Email: info@dataprotection.ie

Address: Data Protection Office – 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

 

14. CHANGES TO OUR PRIVACY POLICY

Our practices as described in this Privacy Policy may be changed, but any changes will be posted and any such changes shall apply to your continued usage.

You are encouraged to review this Privacy Policy periodically to make sure that you understand how any personal information you provide will be used. 

We may also email you in certain circumstances to let you know if and when we update this Privacy Policy to ensure you are informed.

Any changes to this Privacy Policy will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.