This Privacy and Data Protection Policy describes how Mandat International, the Data Controller of this website, collects and processes personal data, for what purposes and, if applicable, to whom it discloses it. Furthermore, this Policy provides information which rights the data subjects are entitled to in order to provide and enforce personal data protection.
By operating this website https://naiades-project.eu (hereinafter referred to as “website”), Mandat International (hereinafter “Mandat International”, “we”, “us”, “our”) processes personal data. Our services include, inter alia, website, online and onsite services, and other communication activities, as well as events and activities related to its aims. Mandat International treats personal data confidentially and processes it in accordance with the applicable law, in particular the European General Data Protection Regulation (GDPR).
Data Controller
The controller of the processing operation is:
Mandat International
Chemin du Champ-Baron 3,
1209 Geneva
Switzerland
+41 (0) 22 774 42 22 contact@mandint.org
Data Minimisation
Mandat International avoids collecting unnecessary personal data and follows “privacy by design” and “personal data minimisation” policies for data processing and retention.
What Personal Data Is Collected
Personal data means any information relating to an identified or identifiable person (data subject), Article 4(1) GDPR. Information about an identified person can be, for example, name or email address. Personal data is also such data that allows a conclusion to be drawn about a person and thus finding out who they are, for example, by providing their address or bank details, date of birth or username, IP addresses and/or location data. This does not include data where the identity has been removed (anonymised data).
In order to provide its services, Mandat International collects general personal data such as:
- Name;
- Email address;
- Technical Data, which includes Internet Protocol (IP), browser type and version, time zone settings and location, browser plug-in types and versions, operating system and platform, and other technology on users’ terminal devices to access the website. These queries to the website are recorded in the web server logs.
Our website uses the log analyser AWStats to evaluate the log files. The IP addresses of website visitors are pseudonymised in our logfiles. AWStats does not use HTTP cookies or JavaScript code from the visitors’ browsers. These data (log files) cannot be assigned to specific persons and these data will not be combined with other data sources. The program is installed on the own hosting package and does not transmit data to foreign servers.
We use AWStats to compare website visits to expected Key Performance Indicator (KPI) in terms of dissemination. This helps us to compile reports on website activity in order to improve our website functionalities and services.
Please find more information about AWStats on their website: https://awstats.sourceforge.io.
Purpose and Use of Collected Information
Mandat International processes personal data for the purposes of its aims, activities, and services, including:
- Facilitating access to information, resources, tools, events and service providers;
- Communication with users via Contact Form;
- Improving users experience and the quality of delivered services;
- Authenticating, securing, and collecting statistics on remote connections.
How Data Can Be Collected
Mandat International can receive information and personal data through its websites, email notifications and other interactions means, and may include:
- Information provided by the users when using our services;
- Information provided by users’ devices for connectivity, such as IP address, etc. Such data may be logged for security and statistical reasons;
- Cookies and similar technologies, whose use is voluntarily limited and minimised on our website.
Legal Grounds for Data Processing Activities
Where the data processing is not based on explicit data subject’s consent, the processing is conducted if necessary for the purposes of the legitimate interests pursued by the controller, as in Article 6(1f) GDPR. Our legitimate interests are stated in section “Purpose and Use of Collected Information”. If a data processing activity aims at conclusion or fulfilment of a contract, the data processing is carried out on the basis of contractual obligations, as in Article 6(1b) GDPR.
Policy Towards Children
Our services are not directed to minors of age. Any participant to a Mandat International Service who is a minor of age shall have a parental agreement before sharing any personal data with us. Anyone who becomes aware that someone under 16 years of age has provided us with personal data without parental agreement should inform us.
Data Storage and Retention Period
Our servers are located in Europe. The data retention period is minimised and data that are not useful anymore are deleted or anonymised. The data retention period is determined by taking into account the legal, security, management and other legitimate service requirements. Where data subject withdraws consent or request the deletion of their data, Mandat International will proceed accordingly. Nevertheless, where applicable, some personal data may be kept by us even after consent has been withdrawn if required by a legitimate purpose such as:
- Legal and administrative obligations;
- Documenting and archiving delivered services;
- Potential legal claims.
Recipients, Sharing and Transfer of Information
Personal data are processed with care and our policy requires to avoid any unnecessary data transfers to third parties or to geographic locations that may expose the data at risk. All data is exclusively managed by our team. No personal data is share with external organisations or companies.
Security
Mandat International uses physical, technical, and administrative measures to safeguard information in its possession against loss, theft and unauthorized use, disclosure, or modification. Please note, however, that no data transmission or storage can be guaranteed to be 100% secure. As a result, while Mandat International strives to protect the information it processes, this should not be taken as a warranty. If you identify any weakness in our security, please inform us.
Data Subject Rights
Users have rights on their personal data. They can contact our Data Protection Officer in order to assert their rights as a Data Subject, including the right to access, rectify, erase personal data; the right to withdraw consent and to restrict or object to the processing of personal data; and the right to portability of personal data. Data Subjects also have the right to lodge a complaint with a supervisory authority in case their rights would be violated.
Information on Data Processing
Mandat International does not use the personal data collected on this website to perform automated decision making (as defined in Art. 22 of the GDPR) or to profile the data subjects.
Changes to this Policy
Mandat International may revise this Privacy Policy from time to time and make changes at its sole discretion. The most current version of the policy will govern our use of processed information and will be available on the NAIADES website: https://naiades-project.eu. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Privacy Policy.
Data Protection Officer and Contact
If you have any questions about this policy or your personal data protection by Mandat international, you can contact our Data Protection Officer through our contact form.