Data Protection and Cookie Notice

We – the SecureHospitals.eu consortium (hereinafter: “we”, “us”, “our”) – provide you with this Data Protection Notice to inform you, our platform users, about how and when we process your personal data. This notice covers the processing of your personal data as part of your visit to our platform (SecureHospitals.eu), your registration for and use of our platform, and your communication with us via e-mail, telephone or social media.


General 

  1. The data controller for the processing of your personal data is Interspread Gmbh, Holochergasse 20/4, 1150 Vienna, Austria (https://www.interspread.com), the coordinator of the SecureHospitals.eu project (hereinafter: “project”).
  2. You can contact us via e-mail at office@securehospitals.eu
  3. Where we refer to certain laws or regulations, such reference shall also include any change, replacement or annulment of said laws and regulations, including any related executive decisions.
  4. We might have to modify, change or amend this Data Protection and Cookie Notice. We can do this from time to time and at our own discretion. You can always consult the last version of this Data Protection and Cookie Notice on our platform.

Types Of Personal Data We Process 

  1. When you visit our platform, we collect:

    • Technical information associated with the device you use, such as your IP-address, browser type and versions used, geographical location and operating system used by the accessing system;
    • Information concerning your browsing behaviour, such as how long you visit, what links you click on, what pages you visit and how many times you visit a page.

  2. When you visit our platform as a registered user, we collect:

    • Basic identity information you provide to us to build your profile (such as your name, the company you work for, your job title, your e-mail address and phone number); 
    • Technical information associated with the device you use, such as your IP address, browser type, geographical location and operating system;
    • Any other personal data you choose to provide to us.

  3. The platform contains information that enables a quick electronic contact with us. When you fill out a contact form on our platform, register for our newsletter or contact us in another way, we collect:

    • Basic identity information you provide to us (such as your name, the company you work for, your job title, your e-mail address and phone number); 
    • The content of your communication and the technical details of the communication itself (with whom you correspond at our end, date, time, etc.);
    • Your choice to receive our newsletter;
    • Any other personal data you choose to provide to us.
  4. We receive all personal data mentioned above directly from you. It may happen that we receive additional information about your surfing behaviour from partners such as Google. If you require more information about the personal data these parties process about you and make available to others, you are kindly requested to consult their respective privacy policies.

Purposes For Which We Use Your Personal Data

  1. We process your personal data to provide you in a personalised and efficient way the information, products and services you request and to deliver the content of our platform correctly, including allowing you to participate in interactive features of the platform when you choose to do so.

  2. We process your personal data for our internal project administration and our project’s research marketing purposes, i.e. to provide you with project updates and training opportunities (such as workshops, webinars, summer schools).

  3. We process your personal data to provide customer care and support for our users.

  4. We process your personal data to comply with legal obligations or to comply with any reasonable request from competent law enforcement agents or representatives, judicial authorities, governmental agencies or bodies, including competent data protection authorities. Your personal data may be transferred upon our own initiative to the police or to judicial authorities as evidence or if there are justified suspicions of an unlawful act or crime committed by you through your use of our platform or services.

  5. We process your personal data to perform statistical analyses so that we may improve our platform and the content provided there.

  6. We monitor the usage of the platform in order to detect, prevent and address technical issues.

  7. We process your personal data to ensure the long-term viability of our information technology systems and platform technology. We therefore process your personal data for the preservation of our legitimate interests or the legitimate interests of our partners or any third party, if your use of our platform, products and services can be considered (a) a violation of any applicable terms of use or the intellectual property rights or any other right of a third party, (b) a threat to the security or integrity of our platform, (c) a danger to our platform or any of our or our subcontractors’ underlying systems due to viruses, Trojan horses, spyware, malware or any other form of malicious code, or (d) in any way hateful, obscene, discriminating, racist slanderous, spiteful, hurtful or in some other way inappropriate or illegal.


Legal Basis For Processing Your Personal Data

  1. When we process your personal data for the purposes outlined in Article 3.1 and in order to take steps prior to entering into a contract with us, we base the processing of your personal data on the necessity for the performance of that contract, or in the process of entering into that contract.

  2. The processing of your personal data for the purposes outlined in Article 3.2 and Article 3.3 is based on your consent.

  3. For the purpose mentioned in Article 3.4, the processing of your personal data is necessary for a legal obligation that we must comply with.

  4. For the purposes mentioned in Article 3.5, Article 3.6 and Article 3.7 the processing of your personal data is necessary for purposes of our legitimate interests or for the protection of the legitimate interest of others, such as:

    • Continuous improvements of our platform and platform content to ensure that you have the best user-experience possible;

    • Keeping our platform, products and services safe from misuse and illegal activity;

    • Efficient administration of our platform;

    • To protect and defend the rights (of property) of SecureHospitals.eu;

    • To protect the personal safety of users of the platform or the public;

    • Our project’s research marketing activities.


To Whom We Send Your Data

  1. We share your personal data with the members of the SecureHospitals.eu consortium as far as this is necessary for the research conducted under the SecureHospitals.eu project.

  2. We rely on third-party processors who process your personal data on our behalf in order to provide you with our products and services and to improve them. These third-party processors are only allowed to process your personal data on our behalf and upon our explicit written instructions.

    We warrant that all third-party processors are selected with due care and are obliged to observe the safety and integrity of your personal data.

  3. We do not send your personal data in an identifiable manner to any third party without your explicit permission to do so other than the ones mentioned in Articles 5.1 and 5.2.


Location And Transfer

  1. We process your personal data within the European Economic Area (EEA). However, in order to process your personal data for the purposes outlined in Article 3 above, we may also transfer your personal data to third parties who process on our behalf outside the EEA.

  2. Each such partner outside the EEA that processes your personal data will be bound to observe adequate safeguards with regard to the processing of your personal data. Such safeguards will be the consequence of:

    • The recipient country having legislation in place which may be considered equivalent to the protection offered within the EEA; or

    • A contractual arrangement between the SecureHospitals.eu project coordinator and that entity.


Quality Assurances

  1. We do our utmost to process only those personal data that are necessary to achieve the purposes set out in Article 3 above.

  2. Your personal data are only processed for as long as needed to achieve the purposes mentioned in Article 3 above or up until such time where you withdraw your consent for processing them.

    We will de-identify your personal data when they are no longer necessary for the purposes outlined in Article 3 above, unless there is:

    • An overriding interest of us or of any other third party in keeping your personal data identifiable,

    • A legal or regulatory obligation or a judicial or administrative order that prevent us from de-identifying them.

  3. We take appropriate technical and organisational measures to keep your personal data safe from unauthorised access or theft as well as accidental loss tampering or destruction. Access by our personnel or our third-party processors will only be on a need-to-know basis and be subject to strict confidentiality obligations. You understand, however, that safety and security are best efforts obligations which can never be guaranteed.

  4. If you are registered to receive our newsletter via e-mail, you can opt-out from this by following the opt-out link provided in the newsletter or by sending us an e-mail with your request at office@securehospitals.eu.


Your Rights

  1. You have the right to request access to all personal data processed by us pertaining to you. We reserve the right to charge an administrative fee for multiple subsequent requests for access that are clearly submitted for causing nuisance or harm to us. Each request will specify for which processing activity you wish to exercise your right to access and will specify to which data categories you wish to gain access to.

  2. You have the right to ask that any personal data pertaining to you that is inaccurate, is corrected free of charge. If you submit a request for correction, your request needs to be accompanied of proof of the flawed nature of the data for which correction is asked.

  3. You have the right to withdraw your earlier given consent for processing of your personal data.

  4. You have the right to request that personal data pertaining to you is deleted if the data is no longer required in the light of the purposes outlined in Article 3 above or if you withdraw your consent for processing them. However, you need to keep in mind that we will evaluate a request for deletion against:

    • Our overriding interests or the overriding interests of any other third party, and

    • Legal or regulatory obligations or administrative or judicial orders which may contradict such deletion.

    Instead of deletion you can also ask that we limit the processing of your personal data if (a) you contest the accuracy of the data, (b) the processing is illegitimate, or (c) the data is no longer needed for the purposes listed under Article 3 above.
  5. You have the right to oppose the processing of personal data if you are able to prove that there are justified reasons connected with these particular circumstances that warrant such opposition. However, if the intended processing qualifies as direct marketing, you have the right to oppose such processing free of charge and without justification.

  6. You have the right to receive from us in a structured, commonly-used and machine-readable format all personal data you have provided to us.

  7. If you wish to submit a request to exercise one or more of the rights listed above, you can contact us by e-mail at office@securehospitals.eu.

    A request to exercise a right will not be construed as consent with the processing of your personal data beyond what is required for handling your request. Such request should clearly state which right you wish to exercise and the reasons for it if such is required. It should also be dated and signed and accompanied by a digitally scanned copy of your valid identity card proving your identity.

    We will promptly inform you of having received this request. If the request proves valid, we shall honour it as soon as reasonably possible and at the latest thirty (30) days after having received the request.

    If you have any questions or complaints regarding how we process your personal data, please feel free to contact us by e-mail at office@securehospitals.eu. You also have the right to file a complaint with the competent data protection authority.


Cookies

  1. Cookies are small text files which are stored on a device’s hard drive and which contain certain information and sometimes personal data.
    Social media plugins are small pieces of software developed and provided by social media service providers, which add social media integration when built into our platform.

  2. When you visit the platform, we place a number of cookies. Most data pertaining to these cookies, their placement and use allow to identify you, and we use them to gain insight in how you and other visitors use our platform by gathering statistical and usage data, enabling us to provide you with a better user-experience on our platform.

  3. You can avoid cookies being placed by configuring your browser as such. Guidelines about how to do this can be found here:

  4. However, not allowing cookies when visiting the platform may cause certain or all features of our platform to stop working properly.

  5. You may at all times withdraw your consent with our use of cookies. It suffices to delete the cookies, which have been placed on your device. To do so, you are kindly asked to refer to the appropriate instructions of your browser manufacturer, as listed above.

  6. We would like to draw particular attention to the fact that this platform uses functions of Google Analytics, which support interest-based advertising and advertising based on user browsing behaviour. Google Analytics uses a third-party cookie from DoubleClick to evaluate data regarding users’ browsing behaviour on different websites. These data can be used to prepare statistical statements on demographic data and areas of interest of website users.

    We point out that we cannot view data related to individual users and that the statistical data we use cannot be traced back to specific users.

    • You can disable the DoubleClick cookie at any time here.

    • For more information about Google’s terms of use and privacy, please click here.

  7. We collect personal data from third party social networking sites (such as the “Like” functionality on Facebook, the “Follow” functionality on Twitter or the YouTube functionality) through so called social plug-ins. The purpose of the data collection and the further processing and use of the data by the providers on their pages as well as the rights and setting options for the protection of your privacy can be found in the data protection references of the respective providers. If you do not want the third-party social networking site to allocate data collected through our platform to your account with this social network, you must log out of the respective social networking site before visiting our platform.