[1] Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L295/39 of 21.11.2018).

[2] Act of Establishment: Commission Implementing Decision (2021/173/EU) of 12 February 2021 establishing the European Climate, Infrastructure and Environment Executive Agency, the European Health and Digital Executive Agency, the European Research Executive Agency, the European Innovation Council and SMEs Executive Agency, the European Research Council Executive Agency, and the European Education and Culture Executive Agency and repealing Implementing Decisions 2013/801/EU, 2013/771/EU, 2013/778/EU, 2013/779/EU, 2013/776/EU

• for the participants: first name, last name, e-mail address, affiliation, dietary requirements, photo images of the participants; for the presenters: name and – if applicable – their pre-recorded video and any other personal data provided by the presenter.

This information is mandatory for the purposes outlined above.

In addition, the following non-mandatory personal data are collected based on your explicit prior consent. For all participants, including speakers and panellists: your social media account handles, comments you decide to share, feedback, questions, contributions during the event (e.g. an online interaction platform such as Slido). For speakers and panellists: audio-visual materials depicting you in your presentation, if applicable.

Please note that the online sessions of workshops will be recorded. Participants’ video camera and microphone are disabled by default. Upon registration to the event, the speakers can give their explicit consent to: have their personal data included in their presentation (e.g., name, email address, social media accounts), if applicable; have their image and voice recorded and published on NoBoCap and European Commission’s social media accounts and websites. In the absence of consent, moderators and/or speakers should have the possibility to remain unseen by not activating their video during the event.

Please be informed that the event will be photographed and video recorded. The photographs and videos will be used for promotional materials, social media, website content and other related activities of the NoBoCap community.

In compliance with the General Data Protection Regulation (GDPR), we would like to outline the following:

1. Data Collection and Use: The photographs and videos taken at this event will be collected and used strictly for the purposes stated above. They may be shared on our NOBOCAP official website, social media channels or printed materials.
2. Consent: By attending the event, you consent to being photographed and video recorded and understand that these images may be used for the stated purposes. If you do not wish to be photographed or video recorded, please inform the event organizers upon arrival or email us in advance at nobocap@rohealth.ro.
3. Data Storage and Security: All photographs and videos will be stored securely and handled in accordance with GDPR guidelines. Only authorized personnel will have access to these images and recordings.
4. Rights: You have the right to request access to, rectification, or deletion of your photographs and videos at any time. To exercise these rights, please contact us at nobocap@rohealth.ro.
5. Withdrawal of Consent: If you wish to withdraw your consent for your photographs or videos to be used, you can do so at any time by contacting us at nobocap@rohealth.ro. We will promptly remove and cease using your images and recordings upon receiving your request.

We are committed to protecting your privacy and ensuring your data is handled with care and respect

Upon registration to the event, you can give your consent to be included in a mailing list managed by the RoHealth as coordinator of NOBOCAP to keep you informed about the NoBoCap project activities and to be invited to events related to the EU4H-programme 2022-PJ.

The recipients of your personal data will be RoHealth (as coordinator NOBOCAP), EU4HEALTHSOLUTIONS and project staff in charge of the organisation of NOBOCAP COMMUNITY SUMMIT 2024 hybrid event, EU4HEALTHSOLUTIONS’s contractor OFCORES, and contractor’s approved third-party tools and providers: online meetings platform (e.g. Zoom, MS Teams) and the live-streaming organiser.

The name you will choose when logging into online meetings platform (e.g. Zoom, MS Teams) is visible for all participants and speakers.

The recording and presentations from speakers will be publicly available (if agreed by the speakers) on the above-mentioned, dedicated communication channels.

The following third-party tools will be used for the organisation of the online webinar sessions:

• For the purpose of organising the online speakers’ interactions, the live-streaming organiser will collect the data from speakers and participants: title, first name, last name, organisation, function, email address, country. 
• For the purpose of hosting web meetings, the online meetings platform (e.g. Zoom, MS Teams)], third-party tool under the data controller’s responsibility, collects data when the participant registers and use the online meetings platform (e.g. Zoom MS Teams) service. It collects name, email address, password, public IP address, browser, phone number (optional), mailing address (optional), geographic region, avatar (optional), user information included in the customer’s active directory (if synched), Unique User ID (UUID). The online meetings platform (e.g. Zoom, MS Teams)] and the contractor have access to the data. It hosts the collected personal data within the European Union. 
• For the purpose of Q&A, quizzes, and polls, an online interaction platform. (e.g. Slido)] third party tool under the data controller’s responsibility, collects the following personal data: first name (optional), last name (optional), email (optional), company (optional); IP address, language, website data, geolocation, and browser-generated information (including device information, operating system, device type, system, cookies or other technologies used to analyse users’ activity). Some of your personal data might be transferred to third countries or international organisations as follows: the online meetings platform (e.g. Zoom, MS Teams) user-generated information is stored in the data center in customer’s region as provided during the ordering process. Data is replicated across data centers within the same region to ensure availability. [online meetings platform (e.g. MS Teams)] Analytics Platform data, which utilizes Host and Usage Information, is stored in the United States. For free user accounts, the data defined in this privacy data sheet may be stored in the online meetings platform (e.g. Zoom, MS Teams) data center outside the account holder’s region. 

The processing of your data will not include automated decision-making (such as profiling).

The following technical and organisational security measures are in place to safeguard the processing of your personal data:

• All personal data in electronic format (e-mails, documents, databases, uploaded batches of data, etc.) are stored on the servers of OFCORES (and of its contractors if contractors are engaged to assist the controller in the organisation and management of meeting(s) or event(s);
• All processing operations are carried out pursuant to Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission;
• In order to protect your personal data, EU4HEALTHSOLUTIONS and project partners has put in place a number of technical and organisational measures. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to personal data solely to authorised persons with a legitimate need to know for the purposes of given processing operations.
• EU4HEALTHSOLUTIONS and project partners are bound by specific contractual clauses for any processing operations of your personal data on their behalf and by the confidentiality obligations deriving from the General Data Protection Regulation (‘GDPR’ - Regulation (EU) 2016/679).

From the contractor side, the following technical and organisational security measures are in place to safeguard the processing of your personal data:

• Data minimisation: EU4HEALTHSOLUTIONS /or another event organiser only collects and processes the strictly necessary data for the correct execution of their missions.
• Organisational measures: EU4HEALTHSOLUTIONS /or other event organiser follows internal policies & procedures and deliver training to employees and partners.
• EU4HEALTHSOLUTIONS’s partners and sub-contractors are bound by contractual clauses defining the same level of data protection; data processing agreements set out the nature of processing and the type of data they are mandated to process according to their instructions.
• They have appointed a data protection officer (DPO) (nobocap@rohealth.ro) who you may contact for all your questions about data processing activities at ROHEALTH (can be changed to organisers e-mail address).
• The Event partner, Aldenarda NV, under the name of OFCORES, is also acting as appointed data protection officer (DPO). You can reach them via team@ofcores.events.

You can find further information at: www.nobocap.eu

Your personal data will be kept for a maximum period of 3 years from the 25 June 2024. Data will be deleted at the end of this period. Data storage method: electronically.

If you will give your consent to be included in the NoBoCap mailing list, your personal data will be kept until the end of the project.

You have the right to access your personal data and to request your personal data to be rectified, if the data is inaccurate or incomplete; where applicable, you have the right to request restriction or to object to processing, to request a copy or erasure of your personal data held by the data controller. If processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on your consent before its withdrawal.

Your request to exercise one of the above rights will be dealt with without undue delay and within one month. Your right to information, access, rectification, erasure, restriction or objection to processing, communication of a personal data breach of confidentiality of electronic communications may be restricted only under certain specific conditions as set out in the applicable Restriction Decision in accordance with Article 25 of Regulation (EU) 2018/1725.

If you have any queries concerning the processing of your personal data, you may address them to EU4HEALTHSOLUTIONS (as data controller for the event) or to ROHEALTH (entity acting as data controller) via: nobocap@rohealth.ro.

You shall have right of recourse at any time to the ROHEALTH Data Protection Officer at nobocap@rohealth.ro and to the European Data Protection Supervisor at https://edps.europa.eu.

Version 2.0 July 2024