Home

Privacy statement

The protection of your personal data is important to us. Personal data is information about personal or factual circumstances of a specific or identifiable natural person. This includes, for example, the civil name, the address, the telephone number and the date of birth, but also all other data that can be related to an identifiable person.

Since personal data enjoy special legal protection, they are only collected by us insofar as this is necessary for the provision of our website and the provision of our service. Below, we describe which personal information we collect during your visit to our website and how we use it.

Our data protection practice is in accordance with the legal regulations, in particular those of the General Data Protection Regulation of the EU (GDPR). We will only collect, process and store your personal data insofar as this is necessary for the functional provision of this website and our contents and services, as well as for the processing of enquiries and, if applicable, for the processing of orders/contracts, but only insofar as there is a justified interest within the meaning of Art. 6 Para. 1 S.1 lit.f GDPR or any other provision of permission.

Your data will only be used for further purposes if you have previously given your consent separately, and in such cases they will only be used for the purposes which are precisely specified in the consent, e.g. for sending advertising information by newsletter.

Responsible person in terms of art. 4 no. 7 GDPR

The Controller within the meaning of the GDPR and of national data protection laws of the member states as well as other data protection provisions is:

EIODOS Foundation
Irești Street, no. 18, Sector 1, Bucharest

Email: office@eidosfoundation.org

Provision of the website and creation of logfiles

Whenever you access our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

Scope processing of the data

(1) Information about browser type and version used
(2) The operating system of the retrieval device
(3) The IP address of the retrieval device
(4) Date and time of access
(5) Websites and resources (images, files, other page content) accessed on our website.
(6) Websites from which the user's system accessed our website (referrer tracking)
This data is stored in the log files of our system. These data are not stored together with the personal data of a specific user, so that individual site visitors are not identified.

  • Legal basis for the processing of personal data

Art. 6 para.1 lit. f GDPR (legitimate interest). Our legitimate interest consists in ensuring that the purpose described below is achieved.

  • Purpose of data processing

The logging is done to maintain the compatibility of our website for as many visitors as possible, for troubleshooting and to combat abuse. For this it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, the data is used to optimize the website and to generally ensure the security of our information technology systems.

  • Duration of storage

The above-mentioned technical data will be deleted as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after our website has been accessed.

  • Possibility of logging an objection and of erasure of data

The possibility of lodging an objection and erasure of data is based on the general regulations described in the following data protection declaration regarding the right of objection under data protection law and the right to erasure.

Special functions of the Internet page

Our site offers you various functions, the use of which involves the collection, processing and storage of personal data by us. Below, we explain what happens with these data:

  • Ticket system:
    • Scope of processing of personal data

We use a form system provided by Typeform.com to collect attendees data. By using this form system on our website you will be redirected to the domain of Typeform in order to apply to attend. Within the framework of your filling, we receive the data entered by you via the form cart system, such as name, first name, address, etc..

  • Legal basis for processing personal data

The legal basis for data processing is the Term of services of Typeform for data processing pursuant to Art. 28 GDPR and Art. 6 Para. 1 lit. b GDPR (contract initiation) or Art. 6 Para. 1 lit. f GDPR (legitimate interest). The legitimate interest is to ensure that the form system functions and displays correctly and to enable the application filling for the event.

  • Duration of Storage

The data will be deleted as soon as they are no longer required for processing the order and there are no longer any legal storage obligations. This will normally be after 5 years.

  • Possibility of lodging an objection and of erasure of data

The possibility of lodging an objection and of data erasure are based on the general regulations described in the following data protection declaration regarding the right of objection under data protection law and the claim for erasure.

  • Contact form(s):
    • Scope of processing personal data

The data you enter in our contact forms.

  • Legal basis for processing personal data

Art. 6 para. 1 lit.a GDPR (consent through clear confirmatory action or conduct)

  • Purpose of data processing

The data collected via our contact form or via our contact forms will only be used for processing the specific contact request received via the contact form.

  • Storage time

After processing your request, the collected data will be deleted immediately, unless there are legal retention periods.

  • Possibility of lodging an objection and of erasure of data

The possibility of lodging an objection and of data erasure are based on the general regulations described in the following data protection declaration regarding the right of objection under data protection law and the claim for erasure.

Integration of external web services and processing of data outside the EU

On our website, we use active Java Script content from external providers, so-called web services. When you access our website, these external providers may receive personal information about your visit to our website. In this case, it may be possible to process data outside the EU. You can prevent this by installing a Java Script blocker such as the browser plug-in 'NoScript' (www.noscript.net ) or by deactivating Java Script in your browser. This may result in function restrictions on Internet pages that you visit.
We use the following external web services:

  • Google

Our website uses several web services provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland ("Google Services"):

Google.com

- This service ensures the general connectivity and functionality of the website and ensures that the other Google services can be reloaded.

Gstatic.com

This service is a part of Google Maps that ensures the functionality of the map section.

Googleapis.com

This Google service is the map provided by Google Maps. Only with the help of this script we can present you a map section with our event location.

In this context, your browser may transmit personal data to Google services. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest lies in the error-free functioning of the website. The Google services have certified itself within the framework of the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list ). The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information on the handling of the transferred data can be found in the privacy policy of the Google services:

https://policies.google.com/privacy . You can prevent the collection and processing of your data by Google by deactivating the execution of script code in your browser or by installing a script blocker in your browser (this can be found e.g. under www.noscript.net or www.ghostery.com ).

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend using encrypted communication or communicating via the post for information with a high need for confidentiality.

Right to accessand correction requests - erasure & blocking of data - revocation of consents - right to object Art. 13 para. 1 lit. c GDPR in connection with Art. 13 Para. 2 lit. b, lit. c GDPR

Right to access
You have the right to request a confirmation as to whether we process your personal data. If this is the case, you have a right to access the information specified in Art. 15 para. 1 GDPR, provided that the rights and freedoms of other persons are not infringed (cf. Art. 15 para. 4 GDPR). We will also be pleased to provide you with a copy of the data.

Claims for correction
Pursuant to Art. 16 GDPR, you have the right to have incorrectly stored personal data (such as address, name, etc.) corrected by us at any time. You can also request the completion of the data stored by us at any time. A corresponding adjustment will be made without delay.

 

Right of erasure
Pursuant to Art. 17 Para. 1 GDPR, you have the right to have the personal data collected about you deleted if one of the following grounds applies:

  • when the data is no longer needed
  • due to the revocation of your consent, the legal basis of the processing has been canceled without replacement
  • you have objected to the processing and there are no legitimate reasons for the processing
  • your data have been unlawfully processed
  • a legal obligation requires this or the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

The right does not exist according to art. 17 para. 3 GDPR,

  • if the processing is necessary for the exercise of the right to freedom of expression and information
  • if the data have been collected on the basis of a legal obligation
  • if the data are necessary for reasons of public interest
  • if the data are required for the assertion, exercise or defence of legal claims.

 

Right to restriction of processing
According to Art. 18 Para. 1 GDPR, you have the right in individual cases to demand the restriction of the processing of your personal data. This is the case if

  • the accuracy of personal data is disputed by you;
  • he data are no longer required for the purpose of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
  • an objection has been filed against the processing pursuant to Art. 21 (1) GDPR and it is still unclear which interests outweigh which.

 

Right of revocation
If you have given us express permission to process your personal data (Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you may revoke such permission at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.



Right of objection
Pursuant to Art. 21 GDPR, you have the right to object at any time to the processing of personal data relating to you which has been collected on the basis of Article 6 Para. 1 lit. e or lit. f. You are only entitled to this right if special circumstances speak against the storage and processing of your personal data.

 


How do I exercise my rights?
You can exercise your rights at any time by contacting us using the contact details below:


EIODOS Foundation
Irești Street, no. 18, Sector 1, Bucharest

Email: office@eidosfoundation.org

Right to data portability

Pursuant to Art. 20 GDPR, you have a right to the transfer of personal data concerning you. The data will be made available by us in a structured, common and machine-readable format. The data can be sent either to yourself or to a responsible person named by you. We will provide you with the following data on request in accordance with Art. 20 Para. 1 GDPR:

  • Data collected on the basis of express consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR
  • Data we have received from you pursuant to Art. 6 para. 1 lit. b GDPR within the scope of existing contracts
  • Data processed within the framework of an automated procedure

We will transfer personal data directly to a responsible person of your choice as far as this is technically feasible. Please note that according to art. 20 GDPR we are not allowed to transfer data that interfere with the freedoms and rights of other persons. The right to data transfer does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of public authority.

Right of appeal to the supervisory authority pursuant to Art. 77 Para. 1 GDPR

If you suspect that your data is being illegally processed on our site, you can of course at any time bring about a judicial clarification of the problem. Irrespective of this, you have the option of contacting a supervisory authority pursuant to Art. 77 para. 1 GDPR. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.