Privacy Policy
Privacy Policy
Your cookie settings:
1. Introduction
The Hedimed consortium is committed to ensuring that your privacy is protected in line with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This Privacy Policy sets out how we use and protect any information that you give us when you interact with us or use our website. This Policy also informs you of your rights and how to exercise these.
You can be assured that should we ask you to provide certain information by which you can be identified, when interacting with us or using our website, it will only be used in accordance with this Privacy Policy.
2. About the Hedimed Consortium
The Hedimed Consortium includes 22 partners from 12 European countries.
3. Explaining the legal basis we rely on
We will only collect and process your personal information where we have a legal basis to do so, which includes:
- Consent – In specific situations, we can collect and process your data with your consent, e.g. you ask us directly (via written or verbal communications) to keep you informed. We will clarify the data required to undertake the action.
- Legal compliance – If the law requires us to, we may need to collect and process your data.
- Legitimate interest – In specific situations, we require your data to pursue the Hedimed Consortium’s legitimate interests in a way which might reasonably be expected as part of delivering this project and which does not materially impact your rights, freedom or interests. e.g. to fulfil the project requirements and to communicate and disseminate project information and outcomes including key findings from papers published.
4. When do we collect your personal data?
We may collect your data, verbally or electronically, when:
- You visit our website;
- You contact us by any means with queries, information etc;
- You book to attend an event;
- You fill in any forms e.g. at our events;
- You give a third-party permission to share with us the information they hold about you;
- Your data is within publicly available sources and you have consented to sharing your data (e.g. on your website, within marketing material) or where information is made public as a matter of law.
5. What sort of personal data do we collect?
We may collect a variety of personal information which includes, but is not limited to, the following:
- Name(s);
- Job Title;
- Company Name;
- Email Address;
- Phone Number;
- Address;
- Area of Expertise;
- Enquiry Details;
We take reasonable steps to ensure the accuracy of personal data we obtain and ensure that the source of any personal data is clear. We will consider when it is necessary to update the information and you can help us by informing us when these changes occur.
6. How and why do we use your personal data?
The data you provide will be available and may be used by the Hedimed Consortium, our funder the European Commission, and the European Human Exposome Network to:
- Respond to your queries;
- Fulfil the project requirements;
- Keep you informed by email about the project, including events;
- Improve our website;
- Maintain internal records, including those required by law.
7. How do we store and protect your information?
Data may be stored in both electronic and hard copy. We are committed to ensuring that your data is secure and to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
8. How long do we keep your information?
Whenever we collect or process your personal data, we will only keep it for as long as is necessary for the purpose for which it was collected. At the end of that retention period your data will be deleted completely.
9. Who will we share your information with?
Your data may be shared between partners in the Hedimed Consortium, the European Commission (funder), partners in the European Human Exposome Network and automated mail platforms. We may also sometimes share personal data with third parties in order to perform what is required of us as part of any contract. When sharing your information with third parties mentioned above we will only do so once we are satisfied that they process your data in line the requirements of the GDPR.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy Policy applicable to the website in question. Links to other websites do not constitute any endorsement by the Hedimed Consortium of the information or products presented on that website.
10. Where may we process your personal data?
When we are required to transfer data outside of the European Economic Area (EEA), we will make sure that the receiver agrees to provide the same or similar protection as we do and that they only use your personal data in accordance with our restrictions.
11. Your rights
GDPR grants you the right to access particular personal data that we hold about you. This is referred to as a subject access request. We shall respond promptly and certainly within one month from the point of receiving the request and all necessary information from you. Our formal response shall include details of the personal data we hold about you, including the following:
- Sources from which we acquired the information;
- The purposes for processing the information;
- Persons or entities with whom we are sharing the information.
Right to withdraw your consent: You have the right to withdraw your consent at any time, if the processing is based on consent.
Right to rectification: You have the right, without undue delay, to have any personal information about you which is not accurate, corrected. You also have the right to any incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure: You have a right to obtain from us the erasure of personal data concerning you without delay. This refers only to data that we are not legally required or entitled to keep for a specified length of time in order to comply with any legal, statutory and regulatory obligations.
Right to the restriction of processing: Subject to exemptions, you have the right to restrict the processing of your personal data when:
- You are contesting the accuracy of the data, and restrict the processing until the accuracy of the data has been verified;
- The processing is unlawful and you oppose the erasure of the personal data but instead request the restriction in its use;
- We no longer need the personal data for processing, but it is required by you for the establishment, exercise or defence of claims;
- You object to processing of your personal data pending the verification of whether there are legitimate grounds for us to override these objections.
We shall communicate any rectification or erasure of personal data as described above to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. We shall provide you with information about those recipients if you request it.
Right to data portability: You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine readable format, and have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent or contract, and that other conditions of article 20 of the GDPR are met.
Right to object: You have the right to object on grounds relating to your particular situation, at any time to the processing of personal data concerning you, including any personal profiling; unless this relates to necessary processing for the performance of a task carried out in public interest or an exercise of official authority vested in us. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of you, or in the establishment, exercise and defence of legal claims.
Right to not be subject to decisions based solely on automated processing: We do not carry out any automated processing, which may lead to an automated decision based on your personal data.
Invoking your rights: If you would like to invoke any of the above data subject rights or please contact us at:
Hedimed consortium (hedimed.administration@tuni.fi)
A withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Queries/Complaints: If you have queries which are not answered by this Privacy Policy, have any concerns about how we use the personal data we hold, or complaints please write to us at the above address.
12. How we use cookies on our website
A cookie is a small file which asks permission to be placed on your device. These will remain stored on your device until deleted, or until they reach a specified expiry date. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the website.
We also use third party permanent cookies to enable basic web traffic analysis using Google Analytics. We use Google Analytics to analyse the use of this website. This analysis shows us which areas of the site are popular and those that are not often visited which helps us provide the best user experience possible. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google’s privacy policy is available at: www.google.com/privacypolicy.html
You can opt-out from these statistics cookies here.
In no circumstances do we collect any data that is not directly related to the use of our website (for example, we do not record other sites that you have visited). The log files or any information they contain about your use of the site will not be made available to any third parties other than as anonymous usage statistics.
We do not use cookies to collect personally identifiable information about you. If this should change in the future, we will inform visitors and provide guidance on how to control and delete these cookies.