VITAL 5G

Privacy Policy​

Introduction

This privacy notice will inform you as to how the VITAL5G Consortium (hereinafter referred to as the “Consortium”, “we”, “us” and “our”) collects and processes information about you and in particular your personal data. We hereby assure you that this Privacy and Personal Data Protection Policy (“Policy”) fully respects and complies with EU Regulation 679/2016 (“Regulation”) and any other relevant legislation.

The processing of personal data, such as name, address or e-mail address of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the VITAL5G Consortium. Through this privacy notice, we would like to inform anyone concerned and the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

 

All parties in the VITAL5G Consortium have implemented numerous technical and organizational measures to ensure comprehensive protection of personal data processed through this project including this website.

Useful Definitions

Personal Data

Personal data is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, indicatively by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Controller

Controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Third party

Third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Consent

Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Who is responsible for the processing?

All partners in the VITAL5G Consortium are joint controllers for the processing of your personal data as the purposes and means are jointly determined. 

How do we process personal data?

At VITAL5G Consortium, we are committed to and adhering to the following principles of processing personal data in accordance with Article 5 of the Regulation. The personal data is:  

·         processed lawfully, fairly and in a transparent manner in relation to the data subject (principle of ‘lawfulness, fairness and transparency’);

·         collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (principle of ‘purpose limitation’);

·         adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (principle of ‘data minimisation’);

·         accurate and, where necessary, kept up to date; we take every reasonable step to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, erased or rectified without delay (principle of ‘accuracy’);

·         kept in a form which permits identification of data subjects for no longer than it is necessary or as required by relevant Laws (principle of ‘storage limitation’);

 

·         processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures (principle of ‘integrity and confidentiality’).

Why do we process peronal data?

We collect your personal data for the purpose of scientific research and the activities linked with the scope of the VITAL5G Consortium. This includes the following purposes:

·         We collect personal data for the purpose of scientific research related to 5G in the Transport and Logistic domain;

·         We collect personal data for the communication purposes such as the newsletter or organization of events;

·         We collect personal data for relation management like when you contact us (e.g. through the project’s webpage and/or e-mail, or through our partners, or through our social media pages, etc.) in order to be informed regarding the project or ask for relevant information;

 

·         We collect personal data for dissemination purposes such as video or photographic images in case of events or workshops, provided that the relevant data subject gave its consent to the publication of it. “

Do we process personal data of minors?

We do not collect or process minors’ personal data without verifiable parental consent in cases when we are able to control it. For example, it is not possible to control information that is communicated to us online. In any event, if we find that we have collected any personal information from a minor without verifiable parental consent (in accordance with Article 8 of the Regulation), we will immediately delete the information from our records. If you believe we may have collected information from a minor, please contact us.

Whose personal data do we process?

We process personal data from different data subject categories depending on the situation and processing activity. These data subjects include:

·         Research subjects when someone participates in a research activity;

·         Researchers and partners of the VITAL5G Consortium to organise the project;

·         Visitors from our websites and social media platforms;

·         Participants in events and webinars;

What legal ground do we use?

We will only process your personal data when absolutely necessary to achieve our purpose and when we have a valid legal ground for the processing.  

·         We can process your personal data on your consent when you communicate with us in any way directly or indirectly as interested in our project, when you fill in our documents, when informing you about our findings in the context of our dissemination activities, when you make a complaint or statement or when assessing us, when participating in our events, when you visit our social media accounts, or when you give us your business card

·         We can process your personal data for compliance with our legal obligations: to comply with our legal obligations to all sorts of authorities such as labour law, regulatory authorities, tax, accounting, auditing, judicial authorities and agencies or in connection with our contractual obligations or during payment of our liabilities

 

·         We can process your personal data to safeguard our legitimate interests: to improve our services, or when investigating and managing any potential incident, or for the assessment of persons and situations.

How long do we keep personal data?

We store personal data for as long as it is required for the processing purpose for which it was gathered. Upon completion of the project the data shall anonymized or deleted.

Information that is no longer necessary is safely destroyed or anonymised. We limit access to your personal data to those partners who need to use it for the specific purpose

How we ensure the security of personal data

We have implemented the necessary organizational and technical measures to protect the personal data we collect, and in particular any specific categories of personal data. We follow international standards and practices to ensure the security of our networks. We assure you that your personal data is processed securely and legally, by adhering to policies and developing and implementing procedures in accordance with the purposes and legal bases of processing. For example, the following security measures are used to protect personal data against unauthorised use or any other form of unauthorised processing:

·         Access to personal data is restricted to a limited number of authorised partners as per project structure and under the Data Management Plan and Ethics requirements.

·         Our repository system of Microsoft Teams, used for the processing of personal data, all technical measures are taken to prevent loss, unauthorised access or other illegal processing.

 In addition, access to these ICT (Information communication technology) systems is monitored on a permanent basis in order to detect and prevent illegal use at an early stage. Although the transfer of data through the Internet or a web site cannot be guaranteed to be protected from cyberattacks, we work to maintain physical, electronic and procedural security measures to protect your data.

 

Some of the security measures we take are not announced for obvious reasons.

Who has access to the personal data

Your personal data collected by us will only be disclosed to parties when it is absolutely necessary and the personal data will be limited to the absolute minimum. Your personal data can be disclosed to

·         The parties of the consortium in order to execute the tasks related to the project

·         The processors enlisted by us to execute the processing activities

·         Authorities where required by law or judicial decision

 

·         Auditors to validate the outcome of the scientific research and financial validation

Territorial Scope

The personal data we collect is processed within the European Economic Area (EEA).

What rights do you have and how can you exercise them?

You have the right to be informed on the processing of your personal data, the right of access to your personal data, the rights of rectification and erasure (in cases it is permitted), the right to restriction of processing, the right to data portability, the right to object to the processing of your personal data. If processing is based on your consent you may withdraw this consent at any time.

 

You can execute these rights by contacting the local DPO mentioned on the informed consents or information sheets and you can also contact the DPO of the project, Klaas Ghesquiere, via <privacy@imec.be>

 

In the event that you make such request regarding any of the rights mentioned above, we will assess your request and respond within one month of its receipt, We can request additional information to validate the request.

 

If you are not satisfied with the processing of your personal data by us, or our response after exercising your rights, you have the right to

·         Lodge a complaint with the project DPO, Klaas Ghesquiere, via privacy@imec.be

 

·         Lodge a complaint with the local data protection authority via this link

Links to other Websites

Our website may contain links to other websites that are not operated or controlled by us. If you click on a third-party link, you will be directed to that third-party site. We recommend that you review the privacy policy for each site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Cookies

By following this link, you will be informed on our cookies policy.

Contact us

If at any time you want to contact us or make a request regarding your rights or any other matter relating to the protection of personal data you may contact the project’s email.

Policy Update

This policy is effective from 04/12/2020 and will be reviewed when there is a significant change. This review will be available on our website.

Last update: 23/08/2021