Data processor
The Executive Unit for the Financing of Higher Education, Research, Development and Innovation (UEFISCDI).
Contact: support@uefiscdi-direct.ro
UEFISCDI protects the confidentiality of personal data (PD) brought to its knowledge. Within this fundamental obligation, UEFISCDI undertakes to protect and properly use personal data that have been collected through its websites / platforms.
Our intention is to collect only the personal data that are minimally necessary in order to be able to carry out the activities of UEFISCDI in optimal conditions so that we can offer you services according to your expectations.
Wherever terms such as UEFISCDI, we, us, ours and us appear on this platform, they refer to the Executive Unit for the Financing of Higher Education, Research, Development and Innovation.
Personal Data processed
The EERTIS platform, URL: www.eertis.eu, (hereinafter referred to as “Site” or “platform”) abides by the following principles when handling personal information:
- The processing of personal data is done fairly, legally and transparently;
- We collect a small amount of personal information about our users to provide them with customized content tailored to their needs;
- We collect anonymous usage statistics in the Platform.
- We strive to protect the personal data which we hold;
Third parties to whom personal data is disclosed
Please note that the information collected is intended only for use by UEFISCDI and is communicated only to the following categories of recipients: third party providers directly or indirectly involved in the processes related to the above mentioned purposes (IT service providers, consultancy service providers, etc.), public authorities empowered by law or with which UEFISCDI has concluded collaboration protocols in order to fulfill the specific tasks conferred by European and national legislation, as well as the European Commission, in order to monitor and control the financing programs carried out by UEFISCDI.
Your data may be transferred abroad to the European Commission in accordance with applicable European law.
Your consent
Your use of the Platform signifies that you agree to all terms of this Privacy Notice. If you communicate with us and provide us with personal information, we will assume that you agree that we can use this information to communicate with you. If you disagree with any part of this Privacy Notice, please do not use the Platform or communicate with us.
What kind of data we collect and how?
The Platform collects different types of data, all in compliance with the current European legislation on Data Protection, to enable the Owner to provide its services. This data includes:
Basic information about a provider, such as the name, description, legal status, etc.
Marketing information related to multimedia or logo used.
Classification information, such as scientific domain related to this provider.
Location information, coordinates etc.
Contact information, i.e. contact details for the provider managers.
Maturity information, i.e. certifications received.
Research Infrastructure information, research domain, etc.
Financial information, such as price of equipment etc
The data collected is provided by the registered EERTIS users through the onboarding process and updated either manually or automatically (via an API).
Changes regarding the privacy policy
This Privacy Notice may be updated as a result of changes in the relevant legislation in the field or changes in the structure and functions of the Platform. In the event of changes to the personal data processing policy, users will be notified by e-mail and/or notifications within the platform before the changes take effect.
We encourage users to check this page regularly to keep up to date with our latest personal data processing practices.
Data Protection Code of Conduct
Users’ personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.
The GDPR Regulation offers users a number of rights, which are briefly presented below:
- the right to information and access to personal data, on the basis of which confirmation can be obtained from us that we process or not personal data, having access to those data and information on the methods and purposes of their processing;
- the right to rectification of data, which may be exercised in order to obtain, without undue delay, the rectification of inaccurate data or the completion of personal data which are incomplete;
- the right to delete data (the right to "be forgotten"), by virtue of which the deletion of personal data can be obtained, without undue delay, for one of the following reasons:
ˆthe data are no longer necessary for the purpose for which they were collected or processed;
ˆthe user withdraws his/her consent and there is no other legal basis for the processing;
ˆthe user opposes the processing and there are no legitimate reasons prevailing with regards to the processing;
ˆpersonal data have been processed illegally;
ˆpersonal data must be deleted in order to comply with a legal obligation;
ˆpersonal data have been collected in connection with the provision of information society services.
- the right to restrict the processing may be exercised in the following situations:
ˆwhen the accuracy of the data is contested, for a period that allows us to verify their correctness;
ˆthe processing is illegal and the user opposes the deletion of the data, instead requesting the restriction of their processing;
ˆwe no longer need personal data for the purpose of processing, but the user requests them to establish, exercise or defend a right in court;
ˆwhen the user opposes the processing for reasons related to his/her particular situation, for the period of time in which it is verified whether the legitimate rights of the operator prevail in this case.
- the right to object, under which the user may object to the processing of personal data, including the creation of profiles, on grounds relating to his/her particular situation, in cases where the processing is necessary to perform a task in the public interest, when it takes place for the purpose of the legitimate interests pursued by us or by a third party. In such cases the processing will be done only if it is justified by legitimate and compelling reasons, which prevail over the interests, rights and freedoms of the user, or when the purpose of the processing is to establish, exercise or defend a right in court.
- the right to data portability, which allows the user to receive personal data concerning him/her and which he/she has provided in a structured, commonly used and automatically readable format and to transmit this data to another operator, under the conditions where the processing is based on consent or a contract and is carried out by automatic means.
Under this right, personal data concerning the user may be transmitted directly from one operator to another where this is technically feasible.
Terms and definitions
Personal data: any information about an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location data, an online identifier , or to one or more specific elements, proper to his physical, physiological, genetic, mental, economic, cultural or social identity.
Processing: any operation or set of operations performed on personal data or personal data sets, with or without the use of automated means, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or provision in any other way, alignment or combination, restriction, deletion or destruction
Consent: any specific, informed and unambiguous manifestation of free will by the user, by which he/she accepts, via a statement or some unequivocal action, that the personal data concerning him/her be processed
User: A person, with full capacity to exercise, aged at least 18 years, who expresses their consent to the use of PD registered with UEFISCDI.
