Effective date: May 1, 2020
CARDET (“us”, “we”, or “our”) operates the https://upgradme.eu/ website as part of the EU-funded project “UPGRAD_ME 2.0”.
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
ADDRESSED TO ALL DATA SUBJECTS
- About CARDET
- Our Privacy Commitment
- What Data We Collect and Process
- How We Use Data
- Accessing Your Personal Information and Your Rights
- About Minors (Children)
- Sharing Personal Information Outside the European Union
- Data Security and Retention
The Center for the Advancement of Research & Development in Educational Technology (CARDET) is an independent, non-profit, non-governmental, research and development organization based in Cyprus. We collaborate with local and international organizations, public and private bodies, and across diverse disciplines in designing solutions for local and global challenges. Our aspiration is to be one of the leading research institutes in the Euro-Mediterranean region in the areas of education, sustainable development, social justice and technology-empowered solutions.
Our Privacy Commitment
“Personal Data” is defined by GDPR as any information relating to an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Sensitive Personal Data” refers to personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation (referred to as “Special Categories of Data” in the EU General Data Protection Regulation).
What Data We Collect and Process
As part of the projects, studies, and other engagements which are part of CARDET’s normal activity, we will process information you share with us. This may include:
- Directly identifying data, like your full name, home address or personal email address that by itself, or in combination with other readily available data, could identify you, or another member of your household
- Demographic data such as age, gender, marital status, occupation and income range
- Your behaviors and preferences to help us better understand behavior, use, and trends “Behavior data” refers to when, why or how you take some action or behave in a certain way and “Preference data” refers to the specific choices you make
- Any content or material you choose to submit, upload or share with CARDET, including without limitation, photos, videos and images
- Certain profile information stored in your social media platform account, should you agree to participate in research projects through a third party service such as Facebook or Twitter
- Voluntarily provided or disclosed Sensitive Information. “Sensitive Personal Data” means personal identifying information that discloses or reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation
- Your voice / physical appearance in cases we will be audio/video taping your participation in a focus group discussion, in-person interview or something of a similar nature.
How We Use Data
We use the data we collect for the purpose of fulfilling our contractual obligations as to the execution of a particular project, research study or other engagement. We assure you that we adhere to these principles:
- We use tools and methods to make sure that there is no reasonable possibility of identifying you from the reports, apps and any other deliverables that we create. For example, we combine the responses we collect from you with the responses of many others to produce aggregated results from which you cannot be uniquely identified.
- We may use data about you for quality assurance and research and development purposes such as data analysis, audits, and developing new products and services.
- We may use your data to contact you by the means you provide us for this purpose. When we contact you – by phone (including mobile phone), email, SMS, or postal mail depending on what data you provide to us – we usually do so to respond to your inquiries, validate or clarify your response or send you information regarding your participation.
- We may de-identify (anonymize) data about you and use it for historical, academic or longitudinal research. We ensure in such cases that there is no reasonable possibility of re-identifying you from the data used.
Accessing Your Personal Information and Your Rights
Participation in our projects/studies is always voluntary and you may withdraw at any time. If you withdraw from a project, we may continue processing the data we collected during the time you were a participant. By contacting us at email@example.com
you may choose to exercise any of your privacy rights listed here:
- The right to obtain information about your personal data without undue delay, including the purpose of the processing, what kinds of personal data are being processed and who are the recipients of such data
- The right to request access to your personal data (including confirmation as to whether or not personal data concerning you are or are not being processed)
- The right to request data rectification/correction, erasure or restriction of processing if you establish or believe that the collected data is inaccurate
- The right to request that certain data about you be erased
- The right to propose other restrictions on the processing of data about you, and
- The right of data portability (“take back”) for data you have provided
Furthermore, if you believe that CARDET has not complied with the Privacy laws or the terms of this Policy, you have the right to file a complaint with the relevant supervisory authority (click here for details).
About Minors (Children)
For our projects and research studies, we never knowingly collect data directly from minor children (under age 18). If a specific project is about children, they may participate only after we obtain the explicit consent of a parent or guardian. Once data collection about them has been authorized by a parent or guardian, all of the provisions of this notice apply to data about children of any age (up to the age of 18).
Data Security and Retention
We will retain your data for as long as needed for the purposes described in this Notice and in accordance with applicable law. When you are no longer an active respondent, we will continue to use data about your demographic characteristics, as well as behavior and preference data for historical and statistical research, but we keep this data separate from data that could be used to identify you, and strictly limit access to your identifying data. All data will be permanently de-identified when we no longer need to identify you for audit, legal, fraud prevention or related purposes.
This Notice replaces any other statement, whether written or oral, made to you about our practices with respect to CARDET’s collection and use of personal data about you.
Last updated: December 1, 2020