Privacy policy

DESCRIPTION OF THE GenAI PROJECT

The international GenAI project is funded with the ERASMUS+ Programme agreement number 2023-2-PL01-KA220-YOU-000182966. The project will be executed between April 2024 and March 2026.

The project delivers web applications (such as a learning management system, a website, and others) mainly for young people between the ages 18-30. The project also communicates with such target groups in various ways to achieve its research goals.

SCOPE OF THIS PRIVACY POLICY

This Privacy Policy sets out the criteria and the conditions under which the GenAI project collects, processes, stores, and transfers your personal data, how the confidentiality of such information is ensured as well as any law and/or regulation implemented or enacted in accordance with the GDPR (General Data Protection Regulation).

WHAT PERSONAL DATA DO WE PROCESS AND FOR WHAT PURPOSE?

The GenAI project will be processing personal data for several specific purposes, such as, but not limited to:

  1. for communicating with you via emails, newsletters, questionnaires, etc.
    a. name;
    b. email address;
    c. preferred language;
    d. role (such as a teacher, student etc.).
  2. for creating and maintaining your user profile in our web applications (e.g. learning platform) and for application maintenance and for security reasons
    a. the data as above, but also:
        i. nickname, username;
        ii. profile picture;
        iii. cookies;
        iv. IP addresses;
        v. record (log) of actions taken within an application;
        vi. learning outcomes and other data you decide to share via our web applications.
  3. for website maintenance and security reasons
    a. cookies;
    b. navigation within the website;
    c. IP addresses;
    d. logs of actions.

Providing the information above is necessary and if you choose not to provide certain information, you may not be able to use certain services or participate in certain activities.

DATA CONTROLLER

The purpose and means of processing your data are determined by seven joint data controllers from different European countries. Each data controller defined their contact point. The joint data controllers and their contact points are the following:

  1. PSNC – INSTYTUT CHEMII BIOORGANICZNEJ POLSKIEJ AKADEMII NAUK, Poznan Supercomputing and Networking Center, ul. Z. Noskowskiego 12-14, 61-704 Poznan, Poland. Contact to the data protection officer: tel. +48 61 8582044, email: dpo@ibch.poznan.pl
  2. YET – YET ASTIKI MI KERDOSKOPIKI ETAIREIA, 15, Spartis St., 563 34 Kordelio – Evosmos, Thessaloniki, Greece. Contact to the data protection officer: nasos@yet.ngo
  3. 100M – 100MENTORS IKE, Pl. Kornarou 31, 71202 Irakleio, Greece. Contact to the data protection officer: Yiorgos Nikoletakis – email: yiorgos@100mentors.com
  4. HC – Helixconnect Balkans DOO, Work Space One, Bulevar Milutina Milankovica 11g, 11000, Belgrade, Serbia. Contact to the data protection officer: Lola Vaskovic, tel: +381649206919; Email: lola.vaskovic@helix-connect.com. 
  5. IRIS – IRIS Sustainable Development, Kungsbro Strand 29, 112 26 Stockholm, Sweden. Contact to the data protection officer: annapapaioannou@irissd.org

LEGAL BASIS

Your personal data will be processed on the basis of your consent. Additionally, we process your personal data on the basis of legitimate interest consisting of providing to the users technical solution enabling them to use our web applications (based on voluntary decision of each user) as well as administrative and security maintenance of the applications what is not overridden by the interests or fundamental rights and freedoms of the user (data subject).

WHEN AND HOW DO WE SHARE PERSONAL DATA?

Your personal data, when necessary, will be shared with third parties that are following the same practices and have implemented the security and data protection requirements to ensure the adequate protection of your personal data. Your personal data, when necessary, may be also transferred to a third country but only to third parties that implement suitable safeguards such as approved certification mechanisms or standard data protection clauses.

Due to the nature of the applications being used some data (name and email) may be visible to other users of the applications (e.g. your name and your posts in a forum).

PERSONAL DATA RETENTION

Your personal data will be processed at least until the end of the project (currently planned for March 2026), or as long as the web application services are provided (currently planned at least three years since the project ends). After this period your personal data will be anonymised and used only for statistical purposes.

SECURITY

To ensure the security of your personal data, we have in place the following measures:

  1. minimisation and pseudonymization of personal data we collect;
  2. multi-layers of firewalls to avoid the unauthorised external access;
  3. managing, limiting and controlling access to personal data;
  4. backup and redundancy;
  5. regular testing of the effectiveness of the measures implemented;
  6. safety and encrypted communication channels.

YOUR RIGHTS

You have the right to: 

  1. request access to your data; 
  2. ask us to rectify information; 
  3. withdraw your consent which is not affecting the lawfulness of the processing based on the consent before its withdrawal;
  4. request the deletion of your account and data.

Those rights can be exercised by contacting any of the contact points listed in section “Data Controller”. Additionally, you have the right to lodge a complaint with a supervisory authority from any of the countries listed in section “Data Controller”.

PRIVACY POLICY UPDATES

This Privacy Policy may be reviewed and updated from time to time – in such case the Privacy Policy will be labelled as “Revised (date)”. The initial version of this notice was created in June 2024.

© 2024 Pcss. All rights reserved.

Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Education and Culture Executive Agency (EACEA). Neither the European Union nor EACEA can be held responsible for them.