The Bioinformatics Postgraduate Programme, in accordance with Regulation (EU) 2016/679 (G.D.P.R.) and the Greek legislation on the protection of natural persons with regard to the processing of personal data, provides the following privacy notice to explain what personal data is collected, for what purposes, how it is processed and how we keep it secure.
1. Who controls your personal data and how to contact us?
Personal data are collected and processed by the administrators of the Bioinformatics post-graduate programme website.
2. What is the lawful basis for data collection?
Data are collected to help monitor website functionality, resolve issues and improve the allocated resources.
3. What personal data is collected from users?
The personal data collected by the website’s services are as follows:
a. Website and API
-User I.P. address
-Date and time of a visit to the service
-Amount of data transmitted
b. Teaching material (secure area)
-Usernames and passwords provided to the Programme’s registered Graduate students
The data controllers use the aforementioned data for the following processes:
-To provide the user access to the service
-To conduct and monitor data protection activities
-To conduct and monitor website security
-To better understand the needs of the users and guide future improvements of the service
4. Who has access to your personal data?
Any collected personal data is solely accessed and controlled by the website’s administrators (see question 1)
5. Will your personal data be transferred to third-party organisations?
There are no personal data transfers to any third-party organisations whatsoever outside of the Bioinformatics Postgraduate programme.
6. How long is your personal data kept?
Any personal data directly obtained from you will be retained as long as the service is live, even if you stop using the service. We will keep the personal data for the minimum amount of time possible to ensure legal compliance and to facilitate internal and external audits if they arise.
7. The website’s data controllers provide the following rights regarding your personal data:
You have the right to:
- Not be subject to decisions based solely on an automated processing of data (i.e. without human intervention) without you having your views taken into consideration.
- Request at reasonable intervals and without excessive delay or expense, information about the personal data processed about you. Under your request we will inform you in writing about, for example, the origin of the personal data or the preservation period.
- Request information to understand data processing activities when the results of these activities are applied to you.
- Object at any time to the processing of your personal data unless we can demonstrate that we have legitimate reasons to process your personal data.
- Request free of charge and without excessive delay rectification or erasure of your personal data if we have not been processing it respecting the data protection policies of the respective controllers.
It must be clarified that rights 4 and 5 are only available whenever the processing of your personal data is not necessary to:
- Comply with a legal obligation.
- Perform a task carried out in the public interest.
- Exercise authority as a data controller.
- Archive for purposes in the public interest, or for historical research purposes, or for statistical purposes.
- Establish, exercise or defend legal claims.