A. Privacy Policy for eithealth.eu
I. Controller
The Controller for the processing of personal data on the website eithealth.eu is:
EIT Health e.V.
Mies-van-der-Rohe-Str. 1C
80807 Munich
Germany
II. Data Protection Officer
You can contact our data protection officer as follows:
EIT Health e.V.
Mies-van-der-Rohe-Str. 1C
80807 Munich
E-Mail: DataPrivacy@eithealth.eu
III. Details on the processing of personal data
1. Technical and functional management of the website
- Purpose of processing:
We process personal data for the technical and functional management of our website and to make the website easy to use. By using your data, we can check how our website is used and we can improve its content and layout. This data also allows us to adequately secure our website.
- Data categories:
For these purposes, we can process data such as your IP address, the pages you visit, the browser you are using, the sites you visited earlier, and the time and duration of your visit. EIT Health is also processing certain non-directly identifying data when you visit our website, such as the type of browser you are using, the operating system you are using, your IP address, technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Legal basis:
We process these data based on the legitimate interest of EIT Health in providing a well-functioning and secure website based on Art. 6 section 1 f) GDPR.
2. Cookies
We use cookies to enhance the functionality of the website, for example by allowing the website to “remember” your actions or preferences over time. Some cookies will be deleted as soon as you leave the website (“session cookies”), other cookies will remain stored on your computer or mobile device and will help us identify you as a visitor of our website (“permanent cookies”). For more information about the cookies we use, including the purposes and storage duration as well as how to manage or delete cookies, please refer to our Cookie Policy.
IV. Recipients
EIT Health may make use of third parties to perform certain (processing) activities such as hosting the website. EIT Health concludes a processing agreement with the parties that have access to personal data for the performance of their services.
For some of the processing activities performed, it is possible that your data is processed outside the European Economic Area. These transfers are subject to appropriate safeguards as outlined in Article 46 GDPR.
We do not provide any personal data to other parties except when required under our contractual obligations with EIT, by law or by court order.
V. Storage Periods
For storage periods of Cookies, please refer to our Cookie Policy. In general, EIT Health does not store your personal data for longer than necessary for the purposes for which it is stored.
VI. Data Subject Rights
You have the following rights under GDPR, which you can exercise free of charge:
- Access (Art. 15 GDPR)
The right to obtain information about your personal data processed by us and to be provided with a copy of your personal information.
- Rectification (Art. 16 GDPR)
The right to require us to correct any mistakes in your personal information and to complete any incomplete information.
- Erasure (Art. 17 GDPR)
The right to require us to delete your personal information in certain situations. - Restriction of processing (Art. 18 GDPR)
- The right to require us to restrict processing of your personal information in certain circumstances, e.g. if you contest the accuracy of the data.
- Data portability (Art. 20 GDPR)
The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party in certain situations.
To object (Art. 21 GDPR)
- The right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6 sec. 1, including profiling based on those provisions. We will then no longer process the personal data for those purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.
- The right to appeal
You have the right to lodge a complaint with a data protection supervisory authority, particularly one in the member state of your habitual residence, place of work or the place of the alleged infringement, if you consider the processing of your personal data is unlawful.
To make use of your rights, please contact us at info@eithealth.eu or using the contact details above. When doing so, please make sure to provide any information needed to confirm your identify.
B. General EIT Health Privacy Policy
This is the General EIT Health Privacy Policy. EIT Health e.V. is established under German law, with registered office at Mies-van-der-Rohe-Str. 1C, 80807 München, Germany, hereinafter referred to as “EIT Health or “we”.
EIT Health embodies the KIC (Knowledge and Innovation Community) established by the European Institute for Innovation and Technology in the field of health. EIT Health promotes healthy living, active aging and improvements in healthcare. EIT Health functions as a co-funder and sponsor of innovative and educational projects. One of the ways by which this is achieved, is the call for, acceptance and support of projects presented by designated third parties who may contribute to the fulfillment of the mission of EIT Health.
This Privacy Policy sets out EIT Health’s general policies on data privacy and protection, and is intended to inform you about the processing of personal data that takes place in connection with EIT Health programs and during EIT Health events or activities.
This Privacy Policy may be modified, for example, in connection with new features on the website or to comply with new legal, contractual or administrative obligations. We therefore recommend that you regularly consult this Privacy Policy. Important changes will be announced on our website. This version of the Privacy Policy was last modified on December 5th, 2022.
I. Controller
Unless stated otherwise below, the Controller for the processing of personal data is:
EIT Health e.V.
Mies-van-der-Rohe-Str. 1C
80807 Munich
Germany
As far as EIT Health e.V. and the EIT Health Regional Hubs are Joint Controllers for the processing of personal data, this is specified below.
II. Data Protection Officer
You can contact our data protection officer as follows:
EIT Health e.V.
Mies-van-der-Rohe-Str. 1C
80807 Munich
E-Mail: DataPrivacy@eithealth.eu
III. Details on the processing of Personal Data by EIT Health
EIT Health is processing personal information submitted by you in the context of online applications and/or attendance of one or more of EIT Health events or activities, and/or the performance of the contracts you have with EIT Health.
1. Performance of our contracts and allowing you to participate in our activities
– Purpose of processing:
to exercise our rights and carry out our obligations arising from any contracts entered into between you and EIT Health, including obligations in connection with the accession form to the framework partnership agreement (FPA) and the yearly specific agreement (SGA) with the European Institute of Innovation and Technology (EIT), the internal agreement grant for the specific year and the statutes and by-laws of EIT Health; to take the necessary steps to allow you to become a partner of EIT Health, as the case may be; to allow you to submit proposals, applications, for EIT Health projects, for example through the EIT Health Plaza; to allow you to prepare and execute your participation in the above referred to projects, such as for example innovation projects, projects for business creation and accelerator projects;
– Legal basis:
The processing is necessary for the performance of a contract with you or in order to take steps at your prior to entering into a contract, Art. 6 section 1 b) GDPR.
2. Information about our activities, events and services
– Purpose of processing:
To provide you with information about EIT Health events, and activities that might be of interest to you; when you wish to be kept informed of our activities by signing up, for example, to EIT Health newsletters
– Legal basis:
Your consent, Art. 6 section 1 a) GDPR.
3. Allowing you to participate in our activities
– Purpose of processing:
to allow you to participate in EIT Health activities and events; to allow you to post reviews, remarks, comments and other content; to allow you to get in contact with EIT Health and to answer the questions you have raised
– Legal basis
We process this information for our legitimate interest to enable participation in our events and activities, Art. 6 section 1 f) GDPR.
4. Allowing you to engage with the EIT Health community
– Purpose of processing:
to allow you to engage with the EIT Health community in our Connections platform by creating basic user profiles visible to other members of the EIT Health community and allowing you to enrich your own profile; to allow you to contribute to discussions and communities; to personalize content based on your profile
– Legal Basis:
We process this information for our legitimate interest to create and maintain an engaging and innovative community for our partners and to provide meaningful content, Art. 6 section 1 f) GDPR.
5. Recruitment
– Purpose of processing
When you apply for a job through the website, we process your personal data in order to contact you and to follow up your application.
– Legal basis:
The processing is necessary for the decision to enter into an employment relationship, § 26 section 1 German Federal Data Protection Law.
6. Compliance with obligations
– Purpose of processing:
To comply with professional, legal and regulatory obligations that apply to our organisation.
– Legal basis:
The processing is necessary to comply with obligations, Art. 6 section 1 c) GDPR.
IV. Joint Controllership with Regional Hubs
In some instances, EIT Health e.V. has determined the purposes and means of the processing of your personal data together with its Regional Hubs. This means that EIT Health e.V. and its Regional Hubs are responsible for this processing of personal data as Joint Controllers according to Art. 26 GDPR. We have entered into an agreement with our Regional Hubs to determine our respective responsibilities for compliance with the obligations under GDPR. According to this agreement, we are responsible to inform you about the processing as Joint Controllers and to make available the essence of the agreement entered into with our Regional Hubs:
1. Contact details
The contact details for the Joint Controllers are:
EIT Health e.V. Mies-van-der-Rohe-Str. 1C 80807 Munich Germany |
EIT Health Austria GmbH Lehárgasse 7 1060 Vienna Austria |
Vereniging EIT Health Belgie en Nederland Stationsplein 45 3013AK Rotterdam Netherlands |
EIT Health France 4 Place Jussieu 75005 Paris France |
EIT Health Germany-Switzerland CLC GmbH Mies-van-der-Rohe-Str. 1 C 80807 München Germany |
EIT Health Scandinavian CLC Torsgatan 11 111 23 Stockholm Sweden |
Asociación EIT Health Spain Baldiri Reixac 4-8 Torre I 08028 Barcelona Spain |
EIT Health Ireland-UK FCS Corporate Services Limited Galway Technology Centre, Mervue Business Park H91 XN5E Galway Ireland |
EIT Health InnoStars e.V. Mies-van-der-Rohe-Str. 1C 80807 Munich Germany
|
2. Purposes of the processing
The Joint Controllers operate a Customer Relationship Management (CRM) system. The processing under joint responsibility serves the following purposes:
– To effectively manage our network and portfolio of activities by making key data available to staff.
– To facilitate effective relationships with current and prospective partner contacts by making key data available to staff.
– To support match-making activities through the ability to search for valuable experience and skills across our network.
– To analyse the performance of different business areas and programmes.
– To facilitate the effective allocation of resources and focus within the organisation by providing an overview of our activities.
– To use the CRM data to invite contacts to interesting events as speakers or attendees based on their expertise or records of previous attendance at relevant events.
– To improve the quality of data through data collection, normalization, matching, consolidation from the various source databases.
3. Legal basis
The Joint Controllers process the personal data for their legitimate interests, in particular to ensure a uniform and efficient administration of EIT Health programs and activities throughout the organization and to provide the best possible service for their partners, Art. 6 section 1 f) GDPR.
4. Responsibilities for compliance with GDPR obligations, point of contact
The responsibilities for compliance with the obligations under GDPR are assigned according to an agreement between the Joint Controllers. In particular, EIT Health e.V. is responsible for providing information according to Art. 13 and 14 GDPR and making available the essence of the agreement. EIT Health e.V. ais also designated as a contact point for data subjects and is responsible for processing requests for data subject rights.
V. Recipients
EIT Health may make use of third parties to perform certain (processing) activities such as hosting the website, organising mailing campaigns, etc. EIT Health concludes a processing agreement with the parties that have access to personal data for the performance of their services.
For some of the processing activities performed, it is possible that your data is processed outside the European Economic Area. These transfers are subject to appropriate safeguards as outlined in Article 46 GDPR.
We do not provide any personal data to other parties except when required under our contractual obligations with EIT, by law or by court order.
VI. Storage Periods
EIT Health does not store your personal data for longer than necessary for the purposes for which it is stored.
VII. Data Subject Rights
You have the following rights under GDPR, which you can exercise free of charge:
– Access (Art. 15 GDPR)
The right to obtain information about your personal data processed by us and to be provided with a copy of your personal information.
– Rectification (Art. 16 GDPR)
The right to require us to correct any mistakes in your personal information and to complete any incomplete information.
– Erasure (Art. 17 GDPR)
The right to require us to delete your personal information in certain situations.
– Restriction of processing (Art. 18 GDPR)
The right to require us to restrict processing of your personal information in certain circumstances, e.g. if you contest the accuracy of the data.
– Data portability (Art. 20 GDPR)
The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party in certain situations.
To object (Art. 21 GDPR)
– The right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6 sec. 1, including profiling based on those provisions. We will then no longer process the personal data for those purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.
– The right to appeal
You have the right to lodge a complaint with a data protection supervisory authority, particularly one in the member state of your habitual residence, place of work or the place of the alleged infringement, if you consider the processing of your personal data is unlawful.
To make use of your rights, please contact us at info@eithealth.eu or using the contact details above. When doing so, please make sure to provide any information needed to confirm your identify.
VIII. Events, Pictures and Movies
With respect to pictures or movies being taken or shot during EIT Health events or activities in which you are participating, in which you would be easily recognisable, you shall always remain free not to participate in a photograph or in a movie, or to signal to the event organisers, in a written note when registering to the event, that you do not wish to appear.
Should you participate or appear in a photograph or movie in which you are easily recognisable, or provide yourself a photograph or movie to EIT Health, you thereby explicitly and unequivocally agree to the royalty free use of your photographs and movie image by EIT Health for EIT Health related dissemination purposes and, for that purpose, waive the right to invoke any and all intellectual property rights, including but not limited to portrait rights, against EIT Health, as regards to any photograph or movie image that was submitted by you to EIT Health, and/or made of you by EIT Health.