HOW THE DIH-HERO CONSORTIUM HANDLES YOUR PERSONAL DETAILS
DIH-HERO makes every effort to protect your privacy. In this privacy statement we will explain how we handle your personal details. We process personal details in accordance with the General Data Protection Regulation (GDPR).
This statement applies to information that is collected and used in computerized systems within DIH-HERO, including the DIH-HERO website and portal. This statement does not apply to websites that mention DIH-HERO, but whose content we are unable to influence directly.
COLLECTING YOUR PERSONAL DETAILS
DIH-HERO collects personal details if this is necessary in order to provide services, conduct transactions and brokerage, distribute information or grant access. The information that we collect is always intended for a specific purpose; in other words, we do not collect more information than is necessary for that purpose.
Personal details are usually provided by the data subject. If necessary, this information may be sent to or entered into another system within the consortium, from an internal source system. We also receive personal details from the systems of third parties, which may be closed source systems or an open source system.
We may also collect your details if you leave them on the DIH-HERO website, in order to keep you informed of the diverse activities of the projects.
It is also permitted to collect personal information within the framework of scientific research. This concerns the personal details of participants in a study. This information is processed in accordance with the law and the ‘Code of conduct for the use of personal details in scientific research’ (VSNU). If medical details are involved, Federa’s relevant codes of conduct will also apply (the codes on ‘Good conduct’ and ‘Proper Use’). If necessary, the study will be assessed beforehand by the university’s ethical committee.
USE OF YOUR PERSONAL DETAILS
REGISTRATION
DIH-HERO uses personal details collected from you for operational management purposes and to be able to properly perform its legal tasks and obligations with regard to service provision, brokerage, dissemination, administration and conducting research. The following overview describes the most important processes that DIH-HERO uses to collect personal information, stating the most important elements of each process:
- Service provision: user profile, contact information administration
- Research and research support: Research administration and research details
- Dissemination: campaigns, contact, mailing lists and newsletters, participation in various activities; details of companies, organizations and persons with whom the university engages in diverse types of collaborations, such as contracts, processor agreements or collaboration agreements for the delivery or receipt of services and products
- Operational management and finances: financial administration, payment systems, IT management and legal procedures
- Facilities: access and management systems, CCTV, identity management
- Generic:
- Web content management
- Service provision platform (Including Financial support to third parties; brokerage)
- Archiving
- Visual material for communications of DIH-HERO
- Participation
DIH-HERO will notify the coordinator’s ‘Data Protection Officer’ team (in Dutch: FG team) of registrations. This gives DIH-HERO a complete overview of all registrations.
The data we collected can be used for statistical and scientific research. We always act in accordance with the legal requirements.
WEBSITE AND WEB SYSTEMS
DIH-HERO uses various tools to make its websites more user-friendly and to ensure that they function optimally. This includes measuring surfing behaviour using web statistics and other systems that are integrated into the website to collect active feedback from users or to conduct research with various versions of websites.
In order to show users more relevant content that is tailored to their situation, information on some parts of websites may be personalized on the basis of information that users have filled in earlier, their location/country or on the basis of other choices made on the website.
CONTACT BY EMAIL
We roughly distinguish two types of automated email: transactional email that you have initiated/requested yourself, and informative email. Transactional email is an essential part of a service that you have chosen, such as resetting a password or confirming an application or a request for information. You therefore cannot unsubscribe for this type of email.
If you have consented to receiving informative emails such as newsletters or invitations to events, you may withdraw your consent. This type of email has opt-out options. Due to the decentralized nature of email communication, there is no consortium-wide opt-out option.
Just as for the websites, DIH-HERO uses analysis tools to analyse the reading and clicking behaviour for newsletters in order to analyse and improve our newsletters. Linking this information to your personal details enables us to send you more relevant email communications or interest-related information.
COOKIES
Cookies are small text files that are automatically placed on your computer, tablet, mobile telephone or other equipment when you visit our websites. There are various types of cookies. We always place functional cookies that ensure that our websites work properly. We inform you beforehand of how you can turn off any other cookies we may place (such as tracking cookies). If you continue to surf on our websites, these cookies will be installed. The data that we receive from these cookies enable us to send or show you special offers and advertisements that are relevant to you.
RETENTION PERIOD
Your personal details will not be kept for longer than is necessary to achieve the objectives for which they were collected and processed. An exception may be made if it is necessary to keep information for historical, statistical or scientific purposes or on the grounds of a statutory regulation.
PROTECTION OF YOUR PERSONAL DETAILS
MEASURES
DIH-HERO attaches great importance to protecting your privacy and takes appropriate measures in order to do so. We take organizational and technical measures to ensure that it is safe for you to visit our websites. We use the available resources to minimize the risk of unauthorized persons gaining access to your personal details or unlawful use or disclosure of your details.
ACCESS OF CONSORTIUM / THIRD PARTIES
The information that DIH-HERO collects about you cannot be accessed by everyone. Only members of the consortium have access to information and then only if they need it in order to perform their task. These persons are authorized to access information using name and password security. All staff with such access are bound by a confidentiality clause.
ISSUING TO THIRD PARTIES
DIH-HERO will only pass on personal details to third parties under specific circumstances. For example, if we are legally obliged to do so or if the data subject has given us their consent. One example of parties to which we provide information is the European Commission DIH-HERO will only pass on your information if we consider it necessary in order to:
- comply with statutory regulations or legal processes concerning DIH-HERO or its websites;
- protect the rights and property of DIH-HERO and related websites;
- protect your personal safety under critical circumstances.
DIH-HERO regularly engages other companies to perform limited services on its behalf, such as sending and delivering information (direct marketing) and answering questions. We only give these companies the personal details they need to provide the service in question. DIH-HERO concludes processor agreements with these companies, which oblige them to handle all information confidentially and to refrain from using it for any other purpose.
Information that cannot be traced to individual persons may be issued to third parties for statistical and historical purposes.
STORING YOUR INFORMATION
Personal details that we have collected from you may be stored and processed in the Netherlands or any other country within the European Union. In exceptional situations, data may be processed in a country outside the European Union. We only permit this if the legally required security and privacy measures have been taken.
YOUR RIGHTS
INSPECTION
If DIH-HERO has processed your personal details, you are entitled to inspect them. If you would like to exercise this right, please contact the coordinator at dih-healthcare@utwente.nl
RECTIFICATION
If you consider that this information is incorrect or incomplete, you may ask us to rectify it. You may also ask us to delete or protect data, for example if they are not relevant to the purpose for which they were collected. Please contact the coordinator at dih-healthcare@utwente.nl
INFORMATION
This privacy statement informs you of the way in which DIH-HERO handles your personal details.
FILE A COMPLAINT
If you are not satisfied with the way we handle your personal data and you do not agree with the Data Protection Officer, you can file a complaint to the supervisory authority. This is the Dutch Data Protection Supervisor (in Dutch: Autoriteit Persoonsgegevens). On the website www.autoriteitpersoonsgegevens.nl you can find how to submit a complaint.
CHANGES TO THE PRIVACY STATEMENT
We may change the privacy statement if there are new developments in our working practice or if there are changes in the relevant laws or legal precedents. Therefore, check it occasionally to see if anything has changed. The most recent substantive change to this privacy statement was made on 22 March 2019.