Data Protection Policy
The data processing on the Cyber-Trust website is pursuant to the provision of the EU General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regime applicable to ADITESS – Advanced Integrated Technologies Solutions and Services, which is headquartered in Strovolos, Cyprus (EU Member State). For further information, please check Section 2 of the present data protection policy.
Personal data, as defined by Article 4(1) General Data Protection Regulation (GDPR) include any information relating to an identified or identifiable living natural person. Personal data can be your first name, last name, e-mail address, email format and IP address. Hereinafter, by using the terms “we” and “our”; we refer to the data controller, as member of the Cyber-Trust consortium. Hereinafter, by using the terms “you” and “your”, we refer to the Cyber-Trust website visitor.
1. General information: What is Cyber-Trust?
Cyber-Trust is a research project that has received funding from the European Union’s Horizon 2020 – Research and Innovation Framework Programme, H2020-DS-SC7-2017, under grant agreement no. 786698. The project started on 1 May 2018 and ends on 31 April 2021. The Cyber-Trust consortium consists of nine partners from academia, consultancy and business. The present website is part of the dissemination and communication activities undertaken by the Cyber-Trust consortium within the aim to successfully communicate its research output on a rather innovative topic to a wider public and facilitate the creation of synergies with interested stakeholders.
2. Contact information of the data controller and of the Data Protection Officer
ADITESS – Advanced Integrated Technologies Solutions and Services 40 Vyzantiou Str.Strovolos 2064 Cyprus(hereinafter referred to as “ADITESS”)
E-Mail: ekoutras <at> aditess <dot> com
Telephone: +357 22250959
Fax: +357 22250957
The Data Protection Officer at ADITESS may be reached at the above-mentioned address. In case you have any questions about the processing of your data when using the Cyber-Trust website or your rights as data subject, you can also submit your query via our contact form, with the indication “Data Protection Inquiry”.
3. Data processing
a) When visiting the Cyber-Trust website
You may access the website www.cyber-trust.eu without having to disclose any data about your person. Nevertheless, the installed browser on your device sends automatically information to the server of the Cyber-Trust website, including information about your browser type and version, as well as the date and time of access, so as to establish a connection and permit your access to the website.
b) When filing a question via our contact form
We offer the possibility to our website visitors to contact us or register an enquiry by submitting an online form through our website. Submitted queries through the form will be sent to the mailbox of the employees in charge of taking care of your requests and will be stored in their email provider servers. Please notice that your data will be stored for as long as necessary for the fulfillment of the purposes specified (reply to your inquiry) and any statutory requirements.
Our contact form requires the minimum information needed in order to be able to respond back to your request. When registering, you need to enter the following mandatory data, marked as such (e.g. with *). These include:
- First name and surname, and
- Email address
The data processing takes place exclusively at your request and in line with article 6(1)(a) of the GDPR. The submitted message, your full name/nickname and email address are processed based on your informed consent. You may withdraw your consent at any time with future effect, by sending an informal email to the email address mentioned in Section 2 of the present policy, requesting the removal of your data.
To secure the website from malicious activity, we use the Securimage-WP CAPTCHA protection to the contact and comment forms of our website. This tool does not use cookies.
c) Leaving comments on our website
When you use the comment function, the time at which you created the comment and your email address will be stored along with your comment and your full name, unless you decide to upload your post by using a nickname. The comments as well as your full name/nickname remain publicly visible on our website for as long as the content commented upon has been completely deleted or the comments are required to be removed, for instance, upon your request or under legal justification. Please note that your data will be stored for as long as necessary for the fulfillment of the purposes specified (public posting of your comments on the Cyber-Trust website) and any statutory requirements. The submitted comments, your full name/nickname and email address are processed based on your informed consent per Art. 6 (1) (a) GDPR when you click on ‘By clicking on the submit button, I agree to the Cyber-Trust website Data Protection Policy.’ You may withdraw your consent at any time with future effect and request the deletion of your post, by sending an informal email to the email address mentioned in Section 2 of the present policy, requesting the removal of your data.
4. Cookies
Cookies are small text files that are automatically placed on your browser and stored on your device when you visit a website. The only cookies used on the Cyber-Trust website are first-party cookies (cookies set by the website you are visiting and not third parties), placed with the support of MATOMO in order to capture statistical data on the website usage and for security purposes. MATOMO is an open-source analytics platform. It powers the Europa Analytics, the corporate service that monitors and evaluates the effectiveness and efficiency of the European Commission’s websites.
ADITESS retains control of the data collected through those first-party cookies by storing the data in servers controlled by ADITESS.
The Cyber-Trust website uses the MATOMO-powered cookies to communicate to the European Commission the efforts we are making to disseminate our research output by providing relevant anonymous statistical data about web visits.
The data collected for those purposes by MATOMO are:
- IP address
- Country
The analytical reports generated by MATOMO – to which ADITESS has access – can only be accessed by duly authorised ADITESS staff and used for the communication of our website visibility and usage based on our contractual obligations to the European Commission. The IP anonymiser feature provided by MATOMO is enabled, making it impossible to identify a particular Cyber-Trust website visitor via the sole IP address. The generation of visitor profiles is disabled. Matomo automatically deletes visitors’ logs after 13 months. Anonymised and aggregated data are stored for an indefinite period by the Cyber-Trust website operators for as long as necessary to fulfil the consortium’s contractual obligations.
Cookies strictly necessary for the security and basic function of the website are installed automatically and dot require your consent. Cookies which are not required for the aforementioned reasons, require your explicit consent. Some cookies are deleted automatically after you close your browser. Other cookies, the so-called long-term/persistent cookies, may remain on your device or be automatically deleted after a defined period of time. You can provide or withdraw your consent at any time through the website’s cookie banner. The cookie banner is always accessible at the right bottom page of the website, by clicking on the ‘Privacy and Cookies Policy’.
The list of cookies on the Cyber-Trust website is the following:
cyber-trust.eu | cookielawinfo-checkbox-necessary | It stores the user’s decision on accepting cookies. |
viewed_cookie_policy | Cookie used to control whether the cookie policy popup should be shown or not. | |
MATOMO_SESSID | Cookie used for integrating the analytics tool Matomo (formerly Piwik) |
If you wish to adapt your settings through our cookie banner
If the Do Not Track option is not enabled or if you visit our website for the first time, you will be presented with a cookie banner where you can install a cookie called “cookielawinfo-checkbox-necessary” which will keep track of your choice. If you consent to anonymized analytics, then the analytics services powered by MATOMO are activated and some relevant cookies will be loaded. You can withdraw your consent or decide to consent again at any time.
If you do not wish to install cookies for anonymised analytics
By default, the browsing experience of our website visitors is not tracked. Moreover, you can in general prevent the storage of cookies, by properly configuring your browser settings, for instance, by choosing the “disable cookies” function or the Do Not Track option, by enabling notifications before a new cookie is installed or by using a tool/add-on for cookies management. The Cyber-Trust website will respect your choice and your browsing experience on our website will not be tracked for our anonymised statistics.
5. Social media plug-ins
We use social media to present and communicate our work through widely used communications channels, and maximise the impact of our research activities as stated in Cyber-Trust’s grant agreement. Thus, on certain webpages of the Cyber-Trust website, we use social media plug-ins (the so-called social media buttons) to enable this interaction. These plug-ins are small buttons, which can be recognized by bringing a social media logo, for instance the Facebook or Twitter logo. The function of these buttons is to allow you to share the contents of the Cyber-Trust website in your profile on social networks, to access via links the Cyber-Trust accounts in other social platforms, or to watch an embedded (or not) YouTube video of Cyber-Trust activities. As of now, the Cyber-Trust consortium is active on four social networks: Facebook, Twitter, LinkedIn and YouTube.
The Cyber-Trust website uses the Shariff solution, which is an open-source, low-maintenance, privacy-preserving tool maintained by the German computer magazine c’t and heise online. As long as you do not interact with the social media buttons on the Cyber-Trust website by clicking on them, personal data of yours are not transmitted to the social media platforms by the mere fact that you are visiting the Cyber-Trust webpages, where these buttons appear. However, if you click on such a button, a connection is established between the Cyber-Trust website and the social network. In addition to the contents in question, the operator of the social network may also obtain additional, partly personal, information, for instance, information about your Cyber-Trust website visit.
The Cyber-Trust website does not set cookies when displaying links to our social media channels, when you browse our website. Nevertheless, each social media platform has their own data protection policy when accessing their websites. For example, if you choose to read our news on Twitter, you will be asked for explicit consent to accept Twitter cookies, and the same applies for all the other platforms. Moreover, if you do not wish the social media platforms to track data collected about you via our website back to your personal accounts, then please log out of your social media accounts before visiting our website. Specifically, we use the following social media plug-ins:
Facebook Ireland Limited: share/link button
By clicking on the Facebook icon on our website, you will be re-directed to the Facebook website, which has its own cookie and privacy policies over which we have no control. For more information, please refer to the Facebook privacy notice.
Twitter International Company: share/link button
By clicking on the Twitter icon on our website, you will be re-directed to the Twitter website, which has its own cookie and privacy policies over which we have no control. For more information, please refer to the Twitter privacy statement.
LinkedIn: share/link button
By clicking on the LinkedIn button on our website, you will be redirected to the LinkedIn website, which has its own cookie and privacy policies over which we have no control. For more information, please refer to the LinkedIn privacy statement.
YouTube: link button
At the moment, there are no embedded videos on the Cyber-Trust website. If, in the future, there will be such embedded videos, we will be using the “extended data protection mode”, provided by YouTube. In doing so, access to the Cyber-Trust website visitors´ personal data by solely loading a webpage containing an embedded YouTube video from the Cyber-Trust official YouTube account is prevented. In order to watch a Cyber-Trust video on our website, a message will alert you that you need to accept YouTube cookies to do so. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube until you consent to YouTube cookies and then are redirected to the YouTube website. For more information on data protection with LinkedIn, please refer to the privacy policy of Google.
6. Data subjects’ rights
As a data subject, you have the following rights:
- pursuant to Article 7(3) GDPR, to withdraw your consent at any time and without any consequences for you. This means that in future we may no longer continue to process the data as based on this consent;
- pursuant to Article 15 GDPR, to obtain information about whether your personal data are processed by us and where that is the case, access to those personal data. In particular, you may obtain information about the purpose of processing, the category of the personal data, the categories of recipients, to whom your data has been or is disclosed to, the storage period planned, the existence of a right to request from the controller rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint and the source of your data if it has not been collected by us. Pursuant to Article 12, we must provide any communication relating to the processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
- pursuant to Article 16 GDPR, to obtain the rectification of inaccurate personal data without undue delay or the completion of your personal data stored with us;
- pursuant to Article 17 GDPR, to obtain the erasure of your personal data stored with us unless processing is necessary to exercise the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims;
- pursuant to Article 18 GDPR, to obtain the restriction of the processing of your personal data;
- pursuant to Article 20 GDPR, to receive your personal data, in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller (right to data portability);
- pursuant to Article 21 GDPR, to object, on grounds relating from your particular situation, at any time to processing of your personal data, which is based on data processing for the purposes of legitimate interests. If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless processing serves the establishment, exercise or defence of legal claims.
- pursuant to Article 77 GDPR, to lodge a complaint with a national supervisory authority. You can contact the supervisory authority of your habitual residence or workplace or our company headquarters. In the latter case, you can file a complaint with the Office of the Cypriot Commissioner for Personal Data Protection.
If you wish to exercise any of your rights or you wish to receive more information, please go to Section 2. Contact information of the data controller and the Data Protection Officer, where you can find the most updated contact information.
7. Data security
All your personal data are transferred in an encoded manner using the widely used and secure TLS (Transport Layer Security) encryption standard. You will recognise a secure TLS connection by the additional “s” after “http” (i.e., https://..) in the address bar of your browser or from the lock icon. Moreover, we use suitable technical and organisational measures, which are being continuously enhanced, to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties.
8. Amendments to this Data Protection Policy
This data protection policy is effective as of April 2019. The policy was reviewed and amended in May 2020.
We keep our Data Protection Policy under regular review to make sure it is up to date and precise. Thus, it may become necessary to change it due to the potential addition of new features to the Cyber-Trust website or due to further legal requirements.