PRIVACY POLICY

If you want to use this webpage of the PALANTIR PROJECT, you declare that you accept and agree with this privacy and data protection policy and the terms contained below in detail. By making use of this webpage, you declare that you explicitly and unequivocally agree and accept this policy. If you do not agree with this privacy and data protection policy, you must NOT access, navigate or use our webpage.

This policy applies only to personal data which are directly collected by this webpage and not to personal data collected by a third entity (e.g. webpage) or third party provider (e.g. internet providers, etc.). We declare that we are not liable for any processing of personal data performed by third parties. Our webpage may include hyperlinks which redirect you to other webpages (Facebook, Instagram, Twitter etc.). We declare that we are not liable for any processing of data performed via the above webpages. This Privacy Policy provides you with the necessary information mandated by legislation and General Data Protection Regulation 679/2016, as to the processing of your personal data.

Joint Data controllers for any personal data collected directly from the website are all PALANTIR’s partners. The above entities shall be referred to in short, as “the Consortium”.

We process and collect your personal data when:

1. you visit our webpage.
2. you subscribe to our newsletter.

When you enter, visit or navigate on our webpage the following data are collected and included in our log files:

1. IP address of your computer.
2. Operating System.
3. Website from which you were directed to our webpage.

The above data are necessary to be collected from our webpage, so that your access to the webpage is technically possible. They are retained for the time period of the project for safety reasons, so that it is possible to search into data breach incidents and malicious attacks.

In the following, we declare the third-party services that we leverage on for our website and the related privacy policies:

1. GitHub (link to the policy)
2. MailChimp (link to the policy)
3. Google Analytics (link to the policy)

Processing is necessary for the purposes of the legitimate interests pursued by the joint controllers (article 6 par. 1(f)) GDPR) so that access to the webpage administered by the joint controllers is possible. It is noteworthy that the webpage is using cookies, as they are analyzed in detail, in a relevant section below.

1. Email address (required field).
2. First name.
3. Last name.
4. Day and time you provided your consent and requested to subscribe to our newsletter.
5. Day and time you withdrew your consent and requested to unsubscribe from our newsletter.

1. Email address (required field).
2. Day and time you provided your consent and requested to subscribe to our newsletter.
3. Day and time you withdrew your consent and requested to unsubscribe from our newsletter.

The personal data which are collected from you are not indefinitely stored and retained by us, unless there is a legal ground.

We keep your data for an indefinite period of time, in case there are legal proceedings, investigation from public authorities (e.g. public prosecutor, police etc.) in progress.

Data which are collected via cookies or other tracking technologies online directly by third party providers (e.g. Google, Facebook etc.) are stored for the time period which is indicated by the third party provider in the provider’s privacy policy.

In Section 2 above, we indicate the period for which your personal data will be stored, or if that is not possible, the criteria used to determine that period for each of the categories of processing.

Recipients of your data are:

1. Personnel of the partners, which is legally and contractually bound to keep all information confidential and to apply the policies regarding safety of processing of personal data. Our personnel undergoes regular educational seminars on personal data safety measures.
2. Contractors, provided that this is necessary for the purposes of processing and who have been contractually bound to keep every data confidential and comply with safety and secure data processing principles and policies of our company
3. Data Processors, that would be natural or legal persons, which process your data on our behalf according to the purposes of processing. We have entered into written agreement with data processors to keep your data fully confidential, not to communicate your data to anyone and to receive all technical and organizational measures as indicated by GDPR.
4. Public authorities, public prosecutors, police agencies or another body, to which the personal data are disclosed following relevant notifications or orders to provide such data.

In the following, we declare the third-party services that we leverage on for our website and the related privacy policies:

1. GitHub (link to the policy)
2. MailChimp (link to the policy)
3. Google Analytics (link to the policy)

The data subject – user of our webpage, which is subject to the GDPR, has the following rights. The data subject can exercise the following rights subject to any restrictions imposed on the rights by laws in force:

1. Right of access (article 15 GDPR): The data subject shall have the right to obtain from the controllers confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information: (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; (e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; (f) the right to lodge a complaint with a supervisory authority; (g) where the personal data are not collected from the data subject, any available information as to their source; (h) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
2. Right to rectification (article 16 GDPR): : The data subject shall have the right to obtain from the controllers without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
3. Right to erasure (‘right to be forgotten’) (article 17 GDPR) : The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies: (a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; (b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing; (c) the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2); (d) the personal data have been unlawfully processed; (e) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject; (f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1). Right to erasure cannot be exercised where the exceptions provided for by article 17 par. 3 GPDR or by the applicable nationals law, mandate so otherwise.
4. Right to restriction of processing (article 18 GDPR): 1. The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies: (a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; (b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; (c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; (d) the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.
5. Notification obligation regarding rectification or erasure of personal data or restriction of processing (article 19 GDPR)
6. Right to data portability (article 20 GDPR)
7. Right to withdraw consent (article 7 par. 3 GDPR)
8. Right to lodge a complaint with a supervisory authority (article 77 GDPR): Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.

The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. We (The controller) shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

In case you want to exercise your rights or to submit any complaint related to the use of your personal data and this policy, you may email us at info@palantir-project.eu.

For the purpose of verifying your identity, we reserve our right to ask you some further information, otherwise we will not be able to process your request/complaint. In such a case, you will receive a written reply why we were not able to answer to you.

We apply measures for the protection of the data which are electronically collected by our webpage. We apply TLS technology. The databases connected with the webpage are stored on a server which is located within the European Union.

The Project Partners Consortium processes the personal data of the users of our webpage in a way which guarantees compliance with the law, as in force, for the protection of personal data. Without prejudice to more specific provisions/terms contained therein, we do not transfer or sell the data to third parties, legal or natural persons.

Our personnel, partners are legally bound to keep everything confidential and to comply with this policy and the data protection laws.

A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to “remember” your actions or preferences over time. Characteristic example of the data collected is the preferences a user has on a webpage by the specific selections he makes (e.g. activation of specific buttons, search results, advertisements etc.).

1. Necessary cookies
   • to enable access and navigation on our webpage
   • The above cookies are absolutely necessary for the reliable and secure use of our webpage and to enable you to navigate therein if you want.
   • Since they are absolutely necessary, you cannot reject these cookies.
2. Performance Cookies via Google Analytics
   • Which refer to the use of data (which are not personal) through our webpage so that we can infer results regarding the use of our webpage for the purpose of improving functionalities
   • You are asked to provide your consent for the use of such performance cookies.

Our page enables use of third-party cookies stored by a different domain to the visited page’s domain. You are asked to give your consent and whether you agree to the use of cookies (except the strictly essential ones) before the site starts to use them. You can withdraw your consent at any time, without retroactive effects.

In order to monitor and make best use of, assess the traffic of our webpage, in order to improve offered services, we use Google Analytics.

Google Analytics is a service offered by Google LLC (1600 Amphitheatre Parkway, Mountain View, California, U.S.).

Google Analytics is a tool provided by Google to help webpage and application owners to understand how the visitors/ users use their webpages/ applications. It may use cookies to collect information and statistical data related to the use of one webpage, without necessarily personal identifiers for every visitor. The main cookie used by Google Analytics is “__ga” and “__gid”. The information extracted from the cookie and collected, are transferred to a server of Google located in the USA and it is stored there.

Via Google Analytics, it is possible to monitor and collect data which relate to the use of a webpage, such as IP address, date and time of access to the webpage or other pages within the webpage, the way you were directed to our webpage.

You may get information about the way Google collects and processes your data via Google Analytics, in the following url: https://policies.google.com/technologies/partner-sites (english version).

We have the right to modify this privacy policy and data protection policy. In case there has been any change or modification, the user will be informed when entering our webpage by use of a pop-up window.

This Privacy and data protection policy is governed by the laws of Belgium.