Privacy Policy

Data Protection Policy
Responsible party
SHARMED (Shared Memories and Dialogues)
Call for proposals (EACEA/33/2014) - Forward-Looking Cooperation Projects 2015
Project nr. 562175-EPP-1-2015-1-IT-EPPKA3-PI-FORWARD This project has been funded with support from the European Commission. This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Last updated 24.05.2018
1. Data protection principles
Sharmed is committed to processing data in accordance with its responsibilities under the GDPR.
Article 5 of the GDPR requires that personal data shall be:
a. processed lawfully, fairly and in a transparent manner in relation to individuals;
b. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
2. General provisions
a. This policy applies to all personal data processed by Sharmed.
b. The Responsible Person shall take responsibility for Sharmed’s ongoing compliance with this policy.
c. This policy shall be reviewed at least annually.
d. Sharmed shall register with the Information Commissioner’s Office as an organisation that processes personal data.
3. Lawful, fair and transparent processing
a. To ensure its processing of data is lawful, fair and transparent, Sharmed shall maintain a Register of Systems.
b. The Register of Systems shall be reviewed at least annually. c. Individuals have the right to access their personal data and any such requests made to Sharmed shall be dealt with in a timely manner.
4. Lawful purposes
a. All data processed by Sharmed must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests.
b. Sharmed shall note the appropriate lawful basis in the Register of Systems.
c. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
d. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in Sharmed’s systems.
5. Data minimisation
a. Sharmed shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
b. The contact form asks for name and email.
6. Accuracy
a. Sharmed shall take reasonable steps to ensure personal data is accurate.
b. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.
7. Archiving / removal
a. To ensure that personal data is kept for no longer than necessary, Sharmed shall put in place an archiving policy for each area in which personal data is processed and review this process annually.
b. The archiving policy shall consider what data should/must be retained, for how long, and why.
8. Security
a. Sharmed shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
b. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
c. When personal data is deleted this should be done safely such that the data is irrecoverable.
d. Appropriate back-up and disaster recovery solutions shall be in place.
9. Breach
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, Sharmed shall promptly assess the risk to people’s rights and freedoms.

Important note concerning data processing in connection with Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the responsible body for the data processing that occurs via this website has their basis outside of the European Economic area and Switzerland, then the associated Google Analytics data processing is carried out by Google LLC. Google Ireland Limited and Google LLC. will hereinafter be referred to as “Google”.

Google Analytics uses “cookies”, which are text files saved on the site visitor’s computer, to help the website analyze their use of the site. The information generated by the cookie (including the truncated IP address) about the use of the website will normally be transmitted to and stored by Google.

Google Analytics is used exclusively with the extension "_anonymizeIp ()" on this website. This extension ensures an anonymization of the IP address by truncation and excludes a direct personal reference. Via this extension Google truncates the site visitor’s IP address within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional situations will the site visitor’s full IP address be transmitted to Google servers in the United States and truncated there. The IP address, that is provided by the site visitor’s browser in using Google Analytics will not be merged by Google with other data from Google.

On behalf of the site operator, Google will use the information collected to evaluate the use of the website, to compile reports on website activity and to provide other website and internet related services to the site operator (Art. 6 (1)( f) GDPR). The legitimate interest in data processing lies in the optimization of this website, the analysis of the use of the website and the adaptation of the content. The interests of the users are adequately protected by the pseudonymization of their data.

Google LLC. offers a guarantee to maintain an adequate level of data protection on the basis of European standard contractual clauses. The data sent and linked to the Google Analytics cookies, e.g. user IDs or advertising IDs will be automatically deleted after 50 months. The deletion of data whose retention period has been reached is carried out automatically once a month.

The website visitor may refuse the use of cookies by selecting the appropriate settings in their browser. The website visitor can also prevent Google from collecting information (including their IP address) via cookies and processing this information by downloading this browser plugin and installing it: http://tools.google.com/dlpage/gaoptout

The website visitor can prevent data collection via Google Analytics on this website by clicking here. An "Opt-out Cookie" shall then be applied which shall prevent any future collection of the site visitors data when visiting this website.You have successfully opted out of being tracked by Google Analytics from this website.

Further information concerning data processing and use by Google, the settings and deactivation possibilities can be found in the Google Privacy Policy (https://policies.google.com/privacy) as well as in the Google Ads Settings (https://adssettings.google.com/authenticated).

reCAPTCHA

We use the reCAPTCHA service provided by Google LLC (Google) to protect your submissions via internet submission forms on this site. This plugin checks if you are a person in order to prevent certain website functions from being (ab)used by spam bots (particularly comments). This plugin query includes the sending of the IP address and possibly other data required by Google for the Google reCAPTCHA service. For this purpose your input will be communicated to and used by Google. However, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area and is, as such, anonymized. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address provided by reCaptcha from your browser shall not be merged with any other data from Google.
This data collection is subject to the data protection regulations of Google (Google Inc.). For more information about Google's privacy policy, please visit: https://policies.google.com/privacy?hl=en
By using the reCAPTCHA service, you consent to the processing of data about you by Google in the manner and for the purposes set out above.