We attach great importance to the security and confidentiality of your personal data. This privacy policy informs you about the processing of your personal data in the context of the EthiTech Dialogue Hub (ETD-Hub).

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

Account

A unique account created for You to access to the ETD-Hub.

Project

Also referred to as either “the Project”, “We”, “Us” or “Our” in this Agreement, ‘Project’ refers to the ALFIE Project, Grant Agreement n°101177912.

Cookies

Small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.

Country

Cyprus

Device

Any device that can access the ETD-Hub (e.g. computer, a cellphone or a digital tablet).

Personal Data

Any information that relates to an identified or identifiable individual.

Service

The Website, accessible from here [1]

Service Provider

Any natural or legal person who processes the data on behalf of the Project. It refers to third-party companies or individuals employed by the Project to facilitate the Service, to provide the Service on behalf of the Project, to perform services related to the Service or to assist the Project in analyzing how the Service is used.

Usage Data

Data collected automatically, either generated by the use of the ETD-Hub or from the ETD-Hub infrastructure itself (for example, the duration of a page visit).

Website

ALFIE Project webpages, accessible from here .

You

The individual accessing or using the ETD-Hub, or the Project, or other legal entity on behalf of which such individual is accessing or using the ETD-Hub, as applicable.

1. WHEN DOES THIS PRIVACY POLICY APPLY?

1.1 We collect and use your personal data when you create an account and use the ETD-Hub. We collect the data captured by sensors incorporated in a wearable device (a wristband) and subsequently sent to the ETD-Hub as well as the information you provide when you use the ETD-Hub.

1.2 We may change this privacy policy on our own initiative at any time. If material changes to this privacy policy may affect the processing of your personal data, we will communicate these changes to you in a way that we normally communicate with you (e.g. via e-mail and notification on the ETD-Hub).

1.3 We invite you to read the latest version of this privacy policy on the ETD-Hub.

2. WHO ARE WE?

2.1 “We”, in this privacy policy, refers to the ALFIE Consortium; this Consortium makes the ETD-Hub available in the context of the creation of a collaborative space, shaping policy recommendations that influence the European Legal framework on AI, ensuring its adaptability to evolving societal and technological landscapes, which is part of the ALFIE project funded by the European Commission under the Horizon 2020 Research Programme, Grant Agreement n°101177912. For more details, we refer to our website: https://alfie-project.eu/.

2.2 We are responsible for the collection and use of your personal data in the manner explained in this privacy policy.

3. WHICH PERSONAL DATA DO WE PROCESS AND WHY?

We will only process your personal data for a specific purpose and to the extent permitted by law. We further explain below in which cases we collect and use your personal data. If we do not receive your personal data directly from you, we will also inform you of this below. With the term personal data, we mean any information relating to you that allows us to identify you, such as your name, contact details, information about your use of the ETD-Hub, as well as any other information related to your health status, registered by you. In this context we may process the following personal data:

• Basic identification data : Name, surname, email address, age, occupation, opinions. This information is necessary to identify the ETD-Hub user, create and manage their account and contact them when needed. The legal basis for processing this personal data is the performance of the agreement between us and the ETD-Hub users.
• Usage Data is collected automatically when using the ETD-Hub. Usage Data may include information such as your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When you access the ETD-Hub by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data. We may also collect information that your browser sends whenever you visit the ETD-Hub. The legal basis for processing this personal data is your valid and informed consent.
• We may also process your data to improve the functionality and effectiveness of the ETD-Hub and the services it provides. The legal basis for this purpose is our legitimate business interests, for example, fraud prevention, maintaining the security of our network and services, and the improvement of our services. Whenever we rely on this lawful basis to process your data, we assess our business interests to make sure they do not override your rights. Your consents, as underlined above, are registered in the ETD-Hub, and you can configure, modify, etc. your preferences at any time through the website.

4. WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

4.1 In principle, we do not share your personal data with anyone other than the persons who work for us, as well as with the suppliers who help us process your personal data. Anyone who has access to your personal data will always be bound by strict legal or contractual obligations to keep your personal data safe and confidential. For example, we may share your personal data in the following situations: With Service Providers: We may share your personal data with Service Providers to monitor and analyze the use of our ETD-Hub, to contact you. With other users: when you share personal data or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. With Your consent: We may disclose your personal data for any other purpose with Your consent.

4.2 We may transfer your personal data outside the European Economic Area (EEA). In this case, we will take sufficient safeguards to protect your personal data during the transfer (e.g. adequacy decision or by entering into an agreement based on standard data protection clauses approved by the European Commission).

5. DISCLOSURE OF YOUR PERSONAL DATA

5.1 Business Transactions If the Project is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

5.1.1 Law enforcement Under certain circumstances, the Project may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

5.1.2 Other Legal requirements The Project may disclose Your Personal Data in the good faith belief that such action is necessary to: Comply with a legal obligation Protect and defend the rights or property of the Project Prevent or investigate possible wrongdoing in connection with the Service Protect the personal safety of Users of the ETD-Hub or the public Protect against legal liability

6. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

6.1 In this article we provide you with the information you need to evaluate how long we will keep your personal data identifiable. Your personal data will only be processed for as long as necessary to achieve the purposes described above or, when we have asked you for your consent, until you withdraw your consent.

6.2 As a general rule, we will de-identify your personal data when it is no longer needed for the purposes described above or when the retention period, as explained in this Article, has expired. However, we cannot delete your personal data if there is a legal or regulatory obligation or a court or administrative order preventing us from doing so.

6.3 We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of

7. HOW DO WE KEEP YOUR PERSONAL DATA SECURE

7.1 The security and confidentiality of the personal data we process is very important to us. That is why we have taken measures to ensure that all personal data processed is kept secure. We implement and maintain appropriate technical and organizational measures to ensure a security level appropriate to protect personal data provided to us from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal information transmitted, stored or otherwise processed.

7.2 We regularly evaluate and review our technologies, facilities, procedures, and potential risks to maintain the security and privacy of our users’ data. In any case we will destroy or de-identify personal information once we no longer require it for our business purposes as explained herein, or as required by law.

7.3 We are not responsible for any 3rd party’s actions or their security controls with respect to personal information they may collect or process via their websites, services or otherwise.

8. YOUR RIGHTS REGARDING YOUR PERSONAL DATA

Under GDPR, you have the following rights regarding your personal data:

Right to Access : You may request a copy of the data we hold about you.

Right to Rectification : You can request correction of inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten") : You can ask us to delete your personal data in certain circumstances, such as when the data is no longer needed.

Right to Restriction of Processing : You can request that we limit the processing of your data under specific conditions.

Right to Data Portability : You can request that we transfer your data to another service provider.

Right to Object : You can object to the processing of your data based on legitimate interests.

Right to Withdraw Consent : You can withdraw your consent at any time by contacting us. Any processing that has taken place based on your consent prior to revoking it cannot be impacted.

The data subjects can submit a request or exercise their rights by contacting Diadikasia Business Consulting Symvouloi Epicheiriseon AE, via the email legalint@diadikasia.gr.

9. CHANGES TO THIS PRIVACY POLICY

9.1 We can change this privacy policy on our own initiative at any time. If material changes to this privacy policy may affect the processing of your personal data, we will communicate these changes to you in a way that we normally communicate with you (e.g. via e-mail).

9.2 We invite you to read always the latest version of this privacy policy on the ETD-HUB.

10. PRIVACY & CHILDREN

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 13 without verification of parental consent, we take steps to remove that data from our servers. If we need to rely on consent as a legal basis for processing your information and your country requires consent from a parent, we may require your parent’s consent before we collect and use that personal data.

11. LINKS TO OTHER WEBSITES

Our Service may contain links to other websites that are not operated by us. If You click on a third-party link, You will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services

12. DO YOU HAVE ANY QUESTIONS?

Should you have any further questions about the processing of your personal data, please do not hesitate to contact Diadikasia Business Consulting Symvouloi Epicheiriseon AE, via the email legalint@diadikasia.gr.