EGI Federation Home
About
EGI Foundation
EGI Federation
EGI Infrastructure
EGI Community
EGI Digital Innovation Hub
Foundation Team
Frequently Asked Questions
Services
Services for Research
Services for Business
Services for Federation
Solutions
Use Cases
Success Stories
EGI for Data Spaces
EGI for EOSC
Projects
ENVRI-Hub NEXT
EOSC Beyond
iMagine
interTwin
SPECTRUM
Project Archive
Resources
Newsletter
Publications
Training Materials
Media Kit
News & Events
News
EGI Conference
Community Events
Trainings & Webinars
Participate
Join the EGI Federation
Open Calls
Jobs
Share your news and events
Contact us

Privacy Notice for the EGI Conference

Privacy

Name of the event

EGI Conference

Description

The EGI Conference (hereinafter referred to as: “the Conference” or “the event”) is an event organised to gather the members of the EGI Federation and present and discuss all activities taking place across the EGI Federation. Different activities are conducted as part of the management of this event: abstract, session and registration management, broadcasting or recording of sessions and dissemination activities before, during and following the events.

This privacy notice describes how we, the EGI Foundation (hereinafter referred to as "we" or "the Data Controller"), collect and process data by which you can be personally identified (“Personal Data”) when you use the service.

Data controller

EGI Foundation
Science Park 140
1098 XG Amsterdam
Netherlands

Data protection officer

EGI Foundation
Data Protection Officer
Science Park 140
1098 XG Amsterdam
Netherlands
E-mail: dpo@egi.eu

Jurisdiction and supervisory authority

Jurisdiction: NL, The Netherlands

EGI Foundation's lead supervisory authority is the Dutch Data Protection Authority. They can be contacted at https://autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/contact-us

Personal data processed

The service may process the following personal data:

Identification data:

  • Name
  • Identification number
  • E-mail address
  • Address
  • Bank details
  • Affiliation
  • IP address

Behavioural data:

  • Usage data
  • Technical logs with timestamps
  • Data allowing conclusions on the personality:
  • Membership information on group, roles or communities

Biographical data:

  • CV data

Purpose of the processing of personal data

The purpose of the collection, processing and use of the personal data mentioned above is:

  • Process your booking, contact you regarding your participation in the event, organise and facilitate the event (including the creation of attendance lists and attendee badges) and to carry out post-event evaluation.
  • The organisation of events (abstract, session and registration management), broadcasting or recording of sessions and dissemination activities before, during and following the events.
  • Identify the users accessing the services related to the event management and track usage of resources for accounting and security management.

Legal basis

The legal basis for processing personal data are: performance of a contract with the data subject and legitimate interests pursued by the controller or by a third party according to Art. 6 (1) (f) GDPR.

Third parties to whom personal data is disclosed

Personal data will not be used beyond the original purpose of their acquisition. If a forwarding to third parties should be necessary to answer an inquiry or to carry out a service, the consent of the data subject is considered to have been given when using the respective function or service. In particular, the data you provide to us will not be used for advertising purposes.

For the purpose given in this privacy notice, personal data may be passed to the following third parties:

Within the EU / EEA:

  • CESNET: sub contracted processor, resource provider for the Collaboration Tools, providing services like Indico.
  • Google Ireland Limited: sub contracted processor, resource provider (provision of Google Workspace).
  • Mentimeter: resource provider for collecting feedback of attendees during events.
  • Guarant: sub contracted processor, service provider for the registration management.
    Individuals are responsible for organising the events, reviewing abstracts and managing sessions.
  • Events' attendees.
  • Anonymous users that may be accessing public events.
  • Persons accessing public broadcasts.
  • The records of your use and technical log files produced by the service components may be shared for security incident response purposes with other authorised participants in the academic and research distributed digital infrastructures via secured mechanisms, only for the same purposes and only as far as necessary to provide the incident response capability where doing so is likely to assist in the investigation of suspected misuse of Infrastructure resources.

Outside the EU / EEA:

  • Zoom Video Communications Inc: subcontracted processor, resource provider for online events.
  • Whova Inc: sub contracted processor, service provider for event management software and a smartphone app that will be used to ease interactions and information sharing.
  • Individuals responsible for organising the events, reviewing abstracts and managing sessions.
  • Events' attendees.
  • Anonymous users that may be accessing public events.
  • Persons accessing public broadcasts.
  • Any data transfer to a third country outside the EU or the EEA only takes place under the conditions contained in Chapter V of the GDPR and in compliance with the provisions of this privacy notice and any related policies adopted by the EGI Federation.

Your rights

You can exercise the following rights at any time by contacting our data protection officer using the contact details provided in the Data Protection Officer section:

  • Information about your data stored with us and their processing
  • Correction of incorrect personal data
  • Deletion of your data stored by us
  • Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations
  • Objection to the processing of your data by us
  • Data portability

You can complain at any time to the supervisory data protection authority (DPA) responsible for you. Your responsible DPA depends on your country and state of residence, of your workplace or of the presumed violation. A list of the supervisory authorities with addresses can be found at https://edpb.europa.eu/about-edpb/board/members_en.

You can contact EGI Foundation's lead supervising authority using the contact details provided in the Jurisdiction and Supervisory Authority section.

Data retention and deletion

The personal data related to your registration, will be deleted within three months after the event.

The records of the usage and technical log files produced by the supporting services are deleted or anonymised after, at most, 18 months as documented in EGI-doc 2732: Policy on the Processing of Personal Data.

Security

We take appropriate technical and organisational measures to ensure data security and the protection against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access.

A comprehensive overview of the technical and organisational measures taken by EGI Foundation can be found at EGI Document 3737: EGI Foundation Technical and Organisational Measures (TOM)

Related policies

EGI Foundation is conforming to REFEDS Code of Conduct and your personal data will be processed in GI Foundation is conforming to REFEDS Code of Conduct and your personal data will be processed in accordance with the Code of Conduct for Service Providers and the EGI-doc-2732-v3: Policy on the Processing of Personal Data.

Note

This privacy notice is based on the AARC Policy development kit (licenced under CC BY-NC-SA 4.0)