Introduction
BID limits collection of personal data to what is strictly necessary, in accordance with the principle of data minimisation. By means of this policy, BID hereby gives an undertaking to data subjects to maintain a written register of the categories of processing activities performed as data processing manager or subcontractor in respect to BID.
Definitions
Project Contact details:
Dr. N.I. Kramer
Toxicology
Wageningen University & Research
Stippeneng 4
6708 WE Wageningen
The Netherlands
Telephone number: +31 317 487 622
E-mail: nynke.kramer@wur.nl
Web: https://www.wur.nl/en/persons/nynke-kramer.htm
Consortium: Agreement of understanding between several persons, associations or companies for the purpose of cooperating to carry out one or more economic, financial, scientific or cultural operations intended to fulfil the Project. It endures as long as the activity for which it was established by its founders.
Partner(s): Persons and institutions outside the BID Consortium.
Site: All the content of the different pages and services of the site, accessible using the following URL address: https://www.betterinvitrodosing.com/
User: The person using the Site and services to which the site may give access.
Data subject: Any person whose personal data are processed by BID as part of the project, whether it is a Partner, a Partner’s employee, a User or another party.
Information and rights of data subjects
BID hereby informs you clearly about how it processes personal data as part of its business activity, how data are collected, used and protected. BID is available to provide data subjects any information about processing carried out as part of the Project.
For any request or complaint about the processing of personal data, it is possible to contact BID Project Manager at this e-mail address:
Dr. Eefje Poppelaars: es.poppelaars@vivaltes.com
In particular, any data subject has the right to ask BID:
- For access to the personal data supplied;
- To correct the data;
- To object to the processing, when such processing is based on BID’s legitimate interest and given the particular situation of the data subject;
- To exercise their right to portability of their information.
On the right to portability, BID offers you the option to return all the personal data about a subject, at their express request. The data subject is thus guaranteed better control of their data and retains the possibility of reusing them. These data will be supplied in an open and easily reusable format, directly into the hands of the subject or other data controller when desired and when technically possible.
For it to be accepted, the request message must be accompanied by proof of identity. The data subject may authorise a person of their choice to exercise their rights, provided that this person proves their identity, that of the applicant and the extent of their authority in the form of explicit written evidence.
Any person receiving the newsletter has the option to unsubscribe, unless this person is bound to receive the aforesaid newsletter under its obligations to a Partner. BID ensures an effective unsubscribe link is provided in the Project newsletter.
The Privacy Policy may be modified by BID at any time, particularly to comply with regulatory, case law, editorial or technical developments. Before browsing, the data subject should refer to the latest online version on the Site or sent electronically.
Data collected and purposes of processing
As part of carrying out the Project, the Partners transfer personal data to BID making it possible to identify and contact (first & last name, business e-mail address, photograph) their employees due to their job titles or third-parties involved in the Project, such as experts (hereafter designated the ‘Partners Data’).
In this case, the Partner remains responsible for supplying the legal information to the people involved in the processing operations prior to or when the data are collected.
The purpose of processing Partners Data is:
- To compile files on members of the Consortium and people likely to contribute to the Project due to their job titles or expertise;
- BID manages, monitors and guides the Project in fulfilment of its obligations to the Consortium;
- Communication on the Project;
- Sending a newsletter and information about events related to the Project;
- Compiling statistics related to the Project.
Further, as part of using the website, BID may collect the following data categories about Users of the Site directly from data subjects (hereafter designated the ‘Users Data’):
1) Identification data (first & last name, telephone number, e-mail address), relating to professional life (organisation, job title), the purpose of which is:
- To respond appropriately to persons wishing to contact BID by completing the Site contact form;
- Sending newsletters, as long as the User ticks the box provided to express their acceptance.
Any data collection form states the objectives of gathering these data (purposes) and if these data are compulsory or optional to administer the request. This Confidentiality Policy is freely accessible to the User, who should read it before sending their data to BID.
2) BID follows a standard procedure of using log files. These files log visitors when they visit websites. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks.
The information is used for analysing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Cookies
BID uses the Google Analytics solution, which uses internal cookies to generate reports on Users’ interactions with the Site. The cookie records information about browsing on the service (pages, date and time viewed).
If the User doesn’t want cookies to be used on their computer, most browsers allow cookies to be disabled through settings options and it is possible to refuse to have cookies saved on their computer. However, in this case, the User is informed that certain services may no longer work correctly.
Recipients of data
BID complies with the legal rules that prevent, limit or govern the distribution of information or data.
Personal data are collected by BID for internal use only. Under no circumstances will these data be sold, transferred, or communicated to third parties under conditions not specified herein.
Based on legal obligations, the personal data of data subjects may be disclosed pursuant to a law, a regulation or in accordance with a decision by a competent regulatory or legal authority. The personal data collected may be added to BID’s database. It may be passed to third parties after being anonymised, solely for statistical purposes.
If your personal data are communicated to a third party, BID will ensure that the third party is bound to apply conditions of confidentiality at least identical to those herein.
The Site uses Social Plugins (Plugins) of different social networks like Twitter/LinkedIn/Facebook/YouTube, which are marked by their logos. When you open a site with these plugins, browser data are transferred to the owners of those social networks. Thus, they are informed that you have opened the respective site. If the User is logged in to one or several of these social networks, these data can be linked to his/her account. The IP address may be logged without being a member of a social network or logging into a network.
Please note that data processing takes place outside the European Union. We have no influence over and take no responsibility for the volume of data transferred through social plugins.
For more information, please look up the data security policies of the respective network:
- twitter.com/privacy
- linkedin.com/legal/privacy-policy
- facebook.com/privacy/explanation
- policies.google.com/privacy
- youtube.com/howyoutubeworks/policies/community-guidelines
By logging out of networks before surfing or using privacy protecting software, you can limit the amount of data transferred.
Storage of data
More generally, data purging procedures are implemented to plan their effective deletion as soon as the storage or archiving duration necessary to fulfilling the predetermined or required purposes is reached.
Any person not actively involved in relation to the processing purposes described over a three-year period will have their data deleted.
Cookies are stored for a maximum period of 13 months after they are first saved on the User’s computer, corresponding to the validity period of User consent to use these Cookies. The lifetime of cookies is not extended by each visit. The User’s consent must therefore be renewed at the end of this period.
Subcontracting
BID ensures that any subcontractor or subsequent subcontractor provides adequate contractual guarantees regarding the use of appropriate technical and organisational measures to protect the data of data subjects.
Procedures in case of security breach detected by BID
BID undertakes to implement all appropriate technical and organisational measures using physical and logistical security resources to guarantee an adequate security level to meet risks of accidental unauthorised or illegal access, disclosure, alteration, loss or destruction of the personal data collected. However, BID cannot guarantee that all risks of data misuse are eliminated.
In the event that BID were to become aware of illegal access to personal data stored on its servers or those of its contractors, or unauthorised access resulting in the risks identified above being realised, BID undertakes to:
- Notify the person affected by the incident as quickly as possible, if this meets a legal requirement;
- Investigate the causes of the incident;