Privacy Notice
www.healthysailing.eu
This Privacy Notice (the “Notice”) is intended to inform you about the terms and conditions concerning the collection, storage, and use of your personal information when you visit or use our website (www.healthysailing.eu ), provided that you are a natural person.
This is the official website of the Healthy Sailing Project (Project Nr. 101069764) which aims to improve the quality of passenger shipping services, facilitate recovery from the COVID-19 pandemic and make passenger shipping safer, more resilient, competitive and efficient. The project is executed by the Healthy Sailing Consortium, which brings together 24 multi-disciplinary partners from 12 countries. The Laboratory of Hygiene and Epidemiology of the University of Thessaly, Greece, acts as the Coordinator of the Consortium and the Project.
This notice applies exclusively to your personal data collected during your browsing and use of the website and does not extend to all the data processed by the Healthy Sailing Consortium for the purposes of the project. For any processing of your personal data which does not take place through our website, but which is related to the purposes of the Healthy Sailing Project, you will be informed thoroughly, through more specific informative texts and notices which will be provided to you by the involved consortium members which function as the Controller or Joint Controllers for those specific purposes.
- Controller
The Laboratory of Hygiene and Epidemiology of the University of Thessaly (hereinafter “UTH” or “we” or “us”), in its capacity as the coordinator of the Healthy Sailing Project, acts as the Data Controller of any personal data entered in or collected through our website.
Our headquarters are located in Larissa, Greece, at 22 Papakyriazi Str. If you wish to contact us, for any issue related to the processing of your Personal Data and the exercise of your rights, you can use the following contact details.
Tel: 00302410565096. Email address: admin[at]healthysailing.eu
Data Protection Officer’s (DPO) Email address: dpo@uth.gr
- A few words about our website www.healthysailing.eu
This website is the official website of the Healthy Sailing Project. It contains informative material about our consortium, operations, activities, and outputs, providing you with the opportunity to be informed about and keep up to date with our news and the progress of the project, and to contact us regarding any comments, proposals, or concerns related with the project.
Additionally, our website’s member area allows members of the Healthy Sailing Consortium to communicate with each other and access and contribute to the project’s materials and outputs.
The personal data that you provide to us while browsing our website are subject to processing and will be kept on file under the responsibility of UTH, according to the conditions contained in this Notice.
- What is Personal Data?
The term “personal data”, as used in this Notice, refers to any information relating to you as a natural person, either as an individual or as a professional, that can be linked to you and/or can identify you, directly or indirectly, such as, for example: full name, postal address, email address, contact telephone number, details about your opinions or situation, etc. (hereinafter referred to as “Personal Data or Data”)
- What is the Processing of Personal Data?
Processing of Personal Data refers to any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Which types of Data do collect about you, and how?
As a rule, we only collect the personal data you provide to us directly, during your browsing of our website. Specifically:
A) When you browse our website, we collect data and metadata about your use of the website through the use of cookies or similar technologies. For more information about the collection and use of this data, please read our Website’s Cookies Policy
B) When you register in our Consortium Member’s area, we collect your username, first name, last name, email address, password, as well as your actions related to the project’s documents (e.g. document downloads, edits etc.)
C) When you subscribe to our Newsletter, we collect your full name, country of residence, and your email address
- Are we processing special categories of personal data or data concerning criminal convictions?
The term “special categories” of personal data refers to specific categories of data, the high sensitivity of which is recognized by law, such as health data, sexual orientation, data on political opinions, biometric data, etc.
As a rule, we do not process the abovementioned categories of data, nor do we process criminal conviction data, via our website.
- For what purposes is your data collected?
We collect your Data exclusively for purposes related to fulfilling the Healthy Sailing Project’s aims and to maintaining the proper daily operation of the project and our website.
More Specifically, your data is processed for the following purposes:
(a) When you have subscribed to our Newsletter, to send our Newsletter to you,
(b) If you are a member of the Healthy Sailing Consortium, with access to the members’ area of our website, to provide you with access to the relevant project documents and allow you to perform necessary actions for the execution of your project tasks.
(c) to monitor the traffic to the website,
(d) to ensure the security of information on the website; and
(e) to comply with any obligations imposed on us by applicable laws and regulations.
- What is the legal basis for the processing of your Data?
According to the applicable legislation (GDPR, Law 4624/2019), the processing of your personal data, for any intent and purpose, must be based on specific legal grounds.
The processing of website users’ data for the abovementioned purposes (chapter 7 of this Notice) is carried out on the following legal bases:
-
- A) For disseminating our Newsletter to you (purpose “a”), the processing is carried based on your explicit consent. In particular, you have provided us with your consent by “checking” the relevant consent checkbox when you subscribed to our newsletter. You may withdraw that consent at any time by clicking here
- B) Where your data are processed for the provision of access to the members area of the website and the execution of the project’s tasks through the relevant website features (purpose “b”), the processing is carried out because it is necessary for the pursuance of the legitimate interests of the Consortium members; in particular, for the pursuance of the Healthy Sailing Project’s aims, and for the timely and smooth execution of the project in accordance with the Consortium and Grant Agreements.
- C) Where data is processed to monitor website traffic (purpose “c”) and to ensure the information security of our website (purpose “d”), the legal basis for the processing is the pursuit of our legitimate interests. More specifically, processing “c” seeks to increase the reach and ensure the smooth operation of our website, while processing “d” seeks to secure the data and intellectual property of both the Healthy Sailing Project and the visitors of our website.
- D) With regard to the use of cookies on our website, to the extent that the cookies used are not necessary for the functioning and the smooth and secure operation of our website, the lawfulness of their processing relies on your consent, which you may choose to provide to us through the options of our website’s “cookie banner”. For more information on this issue, please see our Cookies Policy.
- Who are the recipients of your Data/Where is your data transferred?
As a rule, your data is only being processed by the competent, in each case, staff of UTH, who have been duly informed about the secure processing of your personal data.
Additionally, your data may also be transferred, where applicable and necessary, to:
1) Healthy Sailing Consortium members/partners, to the extent that such data transfers are necessary for the attainment of the Healthy Sailing Project’s goals and the execution of the consortium member’s project obligations. A joint controller agreement, setting out data processing rules, and ensuring the implementation of relevant data protection principles, obligations, and safeguards, has been signed between all the Healthy Sailing Consortium members.
2) Supervisory, auditing, independent, judicial, public and/or other official authorities and bodies within the scope of their statutory powers, duties and authorities when the transmission, of your data, to them is required by law.
3) Third parties (natural persons/legal persons – other data subjects etc.) when their legal right of access to the data in question or our obligation to disclose the data to them is provided for by law.
- Do we transfer your data outside the European Union?
As a rule, we do not transfer your Data outside the EEA. Your personal data are stored and processed exclusively within the European Union.
We may need to transfer some of your personal data to Healthy Sailing Consortium members in the United Kingdom (e.g. The University of Surrey or the University Greenwich), to the extent that such data transfers are necessary for the attainment of the Healthy Sailing Project’s goals and the execution of the consortium member’s project obligations. In instances where data transfers to the United Kingdom need to be performed, the legal basis for the transfer is the UK adequacy decision (Commission Implementing Decision of 28..6.2021).
- For how long is your data stored and when do we delete them?
We retain your personal data, which were collected for the dissemination of our Newsletter to you, until you withdraw your consent. The data is then irreversibly deleted.
If you are using our website’s member area, we retain your data for a period of three years following the conclusion of the Grant and Consortium Agreements.
Any personal data stored in our server security logs for information security purposes (i.e. IP address), is retained for a period of 40 days. Thereafter, the data is deleted.
We delete the Data collected by Cookies in accordance with our Cookies Policy.
- Is your data safe?
We are committed to safeguarding your Personal Data. We have taken appropriate organizational and technical measures to ensure the security and protection of your Data from any form of accidental or unlawful processing. These measures are reviewed and modified at regular intervals and also on an ad-hoc basis when necessary.
- Which rights do you possess in regard to your personal data?
You have the right to access your personal data.
You may request us to provide you with information about the processing of your personal data and with a copy of your personal data that we have collected.
You have the right to rectify inaccurate personal data.
If you find that there is an error in your Data, you may submit a request for us to correct it (e.g., correcting your name or updating a change of telephone number).
You have the right to erasure/right to be forgotten.
You may ask us to delete your Data if it is no longer necessary for the processing purposes listed above or if you wish to withdraw your consent, where your consent is used as the legal basis for the processing.
You have the right to restrict the processing.
You may ask us to restrict the processing of your Data for as long as your objections to the processing are pending or if part of the processing is no longer necessary to fulfil the purposes for which your Data was collected.
You have the right to object to the processing of your Data.
You may object to the processing of your Data where it is carried out in the pursuit of our legitimate interests, and we will stop processing your Data if there are no other compelling and legitimate grounds that override your rights and interests.
You have the right to withdraw your consent for the processing of your Data.
You may, at any time, decide to withdraw your consent for the processing of your personal data for the purpose of receiving our Newsletter. You may do so by clicking here.
- How can you exercise your rights?
To exercise your rights, you may send us a request either to our postal address (22 Papakyriazi Str, Larissa, 41222, Greece), to our e-mail address (admin[at]healthysailing.eu), or to the email address of UTH’s Data Protection Officer (dpo@uth.gr) with the title “Exercise of the right of access/ correction/ deletion/ portability/ restriction/ objection” and the description of your request. From our part, we will examine your request and reply to you as soon as possible.
If you are using our website’s member area, you may also decide to change your privacy settings and request us to provide you with or delete your personal data, by choosing the relevant option in the “privacy” tab of the members interface.
- When will you receive a response to your request?
We will respond to your Requests free of charge and without delay. We aim to always respond to your requests within one (1) month of receiving them. However, if your Request is complex or there are a large number of pending Requests, we will let you know within the first month if we need an extension of two (2) additional months within which to respond to you.
If your Requests are manifestly unfounded or excessive, in particular because of their repetitive nature, we may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action, or refuse to follow up on your request.
- Right to lodge a complaint
If you believe that: a) your request has not been adequately and/or lawfully fulfilled, or b) your personal data protection rights are being violated by any processing carried out by us, you have the right to lodge a complaint with the Hellenic Data Protection Authority-HDPA (postal address: 1-3 Kifisias Ave,P.C. 115 23, Athens, website: https://www.dpa.gr/, tel: 210 6475600, e-mail: contact@dpa.gr).
- How will you be informed about potential updates to this Privacy Notice?
We will update this Privacy Notice whenever necessary. If there are significant changes to this Notice or to the way we use your Personal Data, we will notify you either by posting a notice in a prominent place within our website before the changes take effect or by any other appropriate means. We encourage you to periodically read this Notice to keep updated on how your Data is being protected.
Day of Publication: 10 November 2022