- GENERAL TERMS
1.2 CDR is committed to ensure that the privacy of its users is protected and that we are compliant with the General Data Protection Regulation (EU) 2016/679 and the Danish applicable law.
- THE ORGANISER
2.1 Central Denmark Region is a Danish legal entity. We are registered at the Danish Central Business Register with CVR: 29190925. Our headquarter is located in Viborg in Central Denmark.
2.2 For the purpose of General Data Protection Regulation, CDR is your data controller. You can reach us anytime at:
- Address: Region Midtjylland, Regionshuset Viborg, Skottenborg 26, 8800 Viborg
- E-mail: Sonja.email@example.com
- TYPES OF PERSONAL DATA THAT WE MAY COLLECT
Information regarding personal identification
3.1 Please take in consideration that we can collect personal identification information from our Users in a variety of ways, including, but not limited to, when Users visit our website, register on the website, fill out a form, respond to a survey, subscribe to our newsletter and in connection with other activities, services, features, or resources we make available on our website.
3.2 We will only collect personal identification information from our Users if they voluntarily submit such information to us. Users can always refuse to supply personal identification information.
3.3 Taking into consideration the previous statement, the User has the control over the personal data information that he/she provides us with.
3.4 If an individual decides to fill in the form regarding the participation in our Programs, he/she will provide us with the following personal data: full name, e-mail address, and various other information regarding their projects related to culture, health and well-being which would improve the chances that the respective initiative will be promoted and made visible within our website and project.
3.5 Furthermore, in the mapping entry form, the user will have the possibility to provide us with one or more links to other specialized websites (such as, but not limited to: Facebook, LinkedIn, Instagram etc.). Regarding this matter, if the applicant will provide links to a certain external source, the Organizer will collect that type of information too.
Information regarding non-personal identification
3.6 We may collect non-personal identification information from our Users whenever they interact with our website. This type of information may consist of:
- The type of browser from which our website is being / has been accessed;
- The IP address of the device used to connect to our website;
- Date / hour when our website was accessed from a device;
- The operating system of the device;
- The Internet service provider used;
- THE LEGAL BASIS OF PROCESSING PERSONAL DATA
4.1 The legal basis of processing the personal data stated above resides in article 6 paragraph 1 letter a) of the General Data Protection Regulation of E.U. 2016/679, in particular because the User provides us with his / her express consent regarding this type of data processing, on the specific purposes stated below at paragraph 6.
- DURATION OF THE PROCESSING
5.1 As a general rule, we will store personal data for the period in which the Program will take place. After the Program reaches the end, we may store the personal data processed during the Program for an additional period of 5 years. We will not publish or make public any personal data.
5.2 We constantly review the data collected by analyzing the extent to which their retention is necessary for the purposes mentioned, your legitimate interests or the fulfillment of legal obligations by the Organizer.
- PURPOSES OF PROCESSING PERSONAL DATA
6.1 The organizer collects and uses Users’ personal information for the following purposes:
- To validate and ask further information, when necessary, regarding the initiatives/projects/policies/programmes submitted through the website for the CultureForHealth Mapping.
- To facilitate communication between the Participants and Organizer, using the e-mail address provided, in order to have a viable communication procedure, through which the Participants can be contacted in order to promote the Participant’s initiative through the Program website and/or to receive an invitation to attend other CultureforHealth activities.
- SECURING PERSONAL INFORMATION
7.1 In order to secure the personal information collected, we are adopting appropriate data collection, storage / processing practices and security measures to protect against unauthorized access.
7.2 Access to personal information will only be granted to our authorized personnel and to our partners within the Program and only for the purpose of fulfilling the duties specific to accomplish the purposes stated above. Our personnel and our partners has the legal and the contractual obligation to keep your data secured and confidential.
7.3 If at any given time a data breach occurs we will contact all users/participants/applicants via email in order to notify them about the breach and what are the next measures / steps that need to be done in order to maintain the security of their personal information. In that case, we will also notify the Danish National Supervisory Authority for Personal Data Processing within 72 hours since the breach occurred.
- TRANSFER OF PERSONAL DATA BETWEEN ENTITIES
8.1 We do not sell, trade or rent Users’ personal identification information to other third-parties.
8.2 The personal data collected will be used by the Organizer and its partners in CultureForHealth project in order to fulfill the purpose of the Program. Regarding this subject, we mention that the Partners of the Organizer may also have access to the personal data collected, as this Project is international and it is organized by four different Entities from four different countries. Phases of the Project are linked, thus, in some particular cases, personal information can be disclosed to one or more of our Partners in order to ensure that the Participant has a clear path to follow during the Program and that there will no problems to occur during the development of their work.
8.3 Being given the architecture of the Program, we may also disclose some personal information to:
- IT service providers which host and do maintenance for our website,
- State entities which may request us personal information, in accordance with the applicable law.
- Our partners, as stated above.
- Funders of CultureForHealth Program
- RIGHTS REGARDING PROCESSING PERSONAL INFORMATION
According to the General Data Protection Regulation 2016/679 the rights provided by the Regulation are as follows:
- The right to be informed: the right to be informed about the collection and use of users’ personal data;
- The right of access: Users’ right to access his/her personal data. The user can ask confirmation of whether his/her data is being processed or not, other supplementary information (including mandatory privacy information) or a copy of the personal data that is processed;
- The right to rectification: The User can ask the data controller to rectify inaccurate or incomplete data;
- The right to erasure: The User can ask the data controller to erase his/her personal information data that has been processed;
- The right to restrict processing: The User has the right to limit the processing of his/her personal data in case he/she considers that the information is not accurate and in other circumstances as stated in the Regulation;
- The right to data portability: The User has the right to receive his/her personal data which he or she has provided to the data controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided;
- The right to object: The User has the right to oppose to any processing of personal data
- The right to not be evaluated based on automated processing: The User has the right not to be subject to a decision that is based solely on automated processing and which significantly affects he/she (eg. profiling for jobs, insurance premiums etc.).
- YOUR ACCEPTANCE OF THESE TERMS
11.1 By using this website, The User therefore accepts this policy and our Terms and Conditions. If the User does not agree to this policy, we advise ceasing immediately the usage of this website.
- CONTACTING US
12.1 Anyone who needs additional information regarding this GDPR Policy, contact us at:
Address: Region Midtjylland, Regionshuset Viborg, Skottenborg 26, 8800 Viborg
Email address: Sonja.firstname.lastname@example.org