Personal data are processed in order to provide (the information on) this website about the T2EVOLVE project. The concept of “personal data” includes all information about an identified or identifiable natural person.
The European Hematology Association (hereinafter: “EHA” or “we”) is responsible for the processing of personal data (only) on this specific website www.t2evolve.eu. EHA qualifies for these processings as the data controller and complies with applicable legislation, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Dutch GDPR Implementation Act.
You will find EHA’s contact details below:
Please note that any other processing of personal data by EHA, relating to our own activities, is covered by EHA’s general privacy statement, which can be found here.
If you have any questions about (the privacy statement(s) applicable to) the processing of your personal data for which one or more consortium partners is/are responsible or the processing of your personal data by one or more consortium partners with regard to the T2EVOLVE project, please contact the individual consortium partner or the T2EVOLVE contact person: email@example.com.
Which personal data do we process on this website?
On this website, we may process the following personal data:
- Your name;
- Your function and information about the company you work for;
- Your contact details, such as your e-mail address;
- Your photo; and/or
- Other personal data entailed in content which you provide to us or which is created in cooperation with you for the website.
On the basis of which legal processing grounds and for which purposes do we process your personal data?
We process your personal data on the basis of one or more of the following legal processing grounds:
a) If this is necessary for the performance of an agreement to which you are a party or to perform precontractual acts at your request;
b) If this is necessary to comply with statutory obligations;
c) If this is necessary to justify our legitimate interests or the interests of a third party; and/or
d) Your consent.
If we process your personal data on the basis of your consent, we will ask you for it separately. You may withdraw your consent at any time. We draw your attention to the fact that the withdrawal of your consent does not affect the lawfulness of the processing of your personal data prior to the withdrawal of your consent.
We use the above personal data for the purposes stated below, in respect of which we have indicated for each purpose on the basis of which of the abovementioned legal processing grounds (a through d) we do so. If the processing is based on the principle of ‘legitimate interest’, we briefly explain this interest. If you have any specific questions in this respect, please do not hesitate to contact us.
Purposes with corresponding processing grounds:
- to provide information about the T2EVOLVE project and its participants (a, b and c: to be able to provide information about the T2EVOLVE project, d);
- to be able to deal with any complaints and disputes about the website (a, b and c: to defend rights, to maintain and improve existing relationships by means of proper handling of complaints, to improve the quality of the website and the information provided);
- to maintain contact and communicate with you; (a, c: the interest in keeping you informed about the T2EVOLVE project, d);
- in order to offer you an optimized and secure website experience; (b, c: the interest in optimizing and securing our website, e.g. via the use of functional and/or privacy-friendly analytical cookies, d: to the extent required by law in respect of personal data processed via the use of non-functional cookies);
- to comply with our legal and statutory obligations (b, c: the interest of being able to meet these obligations).
To whom do we provide your personal data?
We do not provide your personal data to third parties (‘recipients’ within the meaning of the applicable privacy legislation), unless this is necessary for the proper performance of the purposes set out in this Privacy Statement, if the law requires us to do so or if you have provided your consent to this end.
The third parties to whom the personal data are made available are obliged to handle your personal data confidentially. If these parties qualify as a ‘data processor’ within the meaning of the applicable privacy legislation, we will ensure that a data processing agreement is concluded with these parties, which complies with the requirements included in the GDPR.
We can share personal data with:
- Employees of EHA, one of the Consortium Partners or project leaders of the T2EVOLVE project;
- Suppliers (for example our hosting provider);
- Courts and government institutions; and/or
- Other parties, such as regulators and other authorities where required by law or with your consent.
In order to provide our services, we may need to transfer your personal data to a recipient in a country outside the European Economic Area with a lower degree of protection of personal data than the European law offers. In that case, we will ensure that such a transfer of personal data is in accordance with the applicable laws and regulations, for example by concluding a model contract prepared and approved for that purpose by the European Commission and we will assess whether any additional measures are needed in order to ensure an adequate level of data protection, such as pseudonymisation or encryption.
How long do we retain your personal data?
We do not retain your personal data in an identifiable form for longer than is necessary to achieve the purposes included in this Privacy Statement. If you withdraw your consent re. photo materials on the website, we will remove your photo as soon as possible. Other personal data will remain online for the duration of the T2EVOLVE project. Please inform us if you are no longer involved in the T2EVOLVE project to enable us to remove your personal data from the website.
Specific retention periods can be extended if statutory retention obligations apply or will become applicable. We may also retain the personal data for a longer period of time if this is necessary for the handling of incidents and/or legal disputes.
We have taken appropriate technical and organisational measures to secure your personal data against unauthorised or unlawful processing and against loss, destruction, damage, modification or publication. If you have any questions about the security of your personal data, or if you suspect or see signs of misuse, please contact us via: firstname.lastname@example.org.
Your privacy rights
You have the following rights in respect of the processing of your personal data:
- The right to request whether we process your personal data and if so, the right to access your personal data;
- the right to rectification of your personal data if these are incorrect or incomplete;
- the right to have your personal data deleted (‘right to be forgotten’);
- the right to object to the processing of your personal data or to limit the processing of your personal data;
- the right to withdraw permission for the processing of your personal data, if the processing is based on your permission;
- the right to receive or surrender your personal data to a third party appointed by you in a structured, customary and machine-readable form (‘right to data portability’).
To exercise your rights, you can contact us via email@example.com or by post via:
European Hematology Association
2514 AA The Hague, The Netherlands
In order to prevent that we disclose information to the wrong person, we can ask you for additional information to verify your identity. In principle, we will inform you of whether we can comply with your request, within one month after receipt. In specific cases, for example when it concerns a complex request, this term may be extended by two months. We will inform you of such an extension within one month after receiving your request. On the basis of the applicable privacy legislation, we can refuse your request under certain circumstances. If this is the case, we will explain to you why. You can find more information about your privacy rights on the website of the Dutch Data Protection Authority.
If you have a complaint about the processing of your personal data through this website, we will be happy to work together to find a solution. If this does not lead to the desired result, you will have the right to file a complaint with the authorised regulator. In the Netherlands, this is the Data Protection Authority. If you live or work in another country of the European Union, you can file a complaint with the regulator of that country.
This Privacy Statement was last amended on 10 February 2021. We reserve the right to amend this Privacy Statement. The most recent version of this Privacy Statement will always be posted on the website www.t2evolve.eu. If substantial amendments are made that could have a significant impact on one or more of the data subjects involved, we will try to inform these data subjects separately.