Privacy Policy


The present document contains the privacy policy provided by the TREIO Consortium with respect to the management and administration of the TREIO website accessible via https://treio.eu/ (the Privacy Policy), and it regulates the data protection mechanisms provided by the TREIO Consortium to any user of the information services and content accessible through the TREIO website.

The TREIO website is developed, managed, and administered by the TREIO Consortium via LIBRe Foundation (Bulgaria).

Should any questions or concerns regarding the present Privacy Policy occur, you can contact the TREIO Consortium via

the Institute of Legal Informatics and Judicial Systems to the National Research Council (Italy), acting in their capacity of a project coordinator and official representative of the TREIO Project, or via

LIBRe Foundation (Bulgaria), acting in their capacity as TREIO website administrator,

using the following email address: office@treio.eu, or the contact form provided at the TREIO website and available at https://treio.eu/signal.

Definitions

For the purposes of the application and interpretation of the present Privacy Policy, the terms and phrases used have the following meaning:

‘TRaining on European Investigation Order’ Project (the TREIO Project) is a project funded by the European Union’s Justice Programme (2014-2020) under Call JUST-JTRA-EJTR-AG-2019 and implemented under Grant Agreement No. 882068 within the 01/04/2020 – 31/03/2022 (24 months) period.

‘TREIO Consortium’ is the TREIO Project Consortium, formed by the following beneficiaries (partners) acting jointly as a consortium under Grant Agreement No. 882068: Institute of Legal Informatics and Judicial Systems to the National Research Council (Italy), acting in their capacity of a project coordinator and official representative of the TREIO Project; Institute for Research on Population and Social Policies to the National Research Council (Italy); University of Groningen (Netherlands); LIBRe Foundation (Bulgaria); European Cybercrime Training and Education Group (Belgium); Federal Ministry of Justice (Austria); Aristotle University of Thessaloniki (Greece); University of Vienna (Austria); Agenfor International Foundation (Italy); Public Prosecutor's Office (Portugal); Ministry of Justice (Greece); and Supreme Judicial Council (Bulgaria).

‘TREIO website’ is developed, managed and administered by the TREIO Consortium via LIBRe Foundation, where LIBRe Foundation is a foundation, non-profit organization, established and operating in accordance with the laws of the Republic of Bulgaria, registered under company file No. 220/2015 as docketed in the Register of Non-Profit Legal Entities by the Sofia City Court, Unique Identification Code 176860854, with seat and address of management: 64, Dimitar Petkov Str., Ent. B (Б), Floor 3, 1309 Sofia, Bulgaria; a Partner in the TREIO Consortium.

Your Privacy

The General Data Protection Regulation (GDPR) which became applicable in the territory of the European Union since 25 th May 2018 aims to protect your basic rights and freedoms as users of the services offered via the TREIO website by setting requirements and measures in order to ensure your personal data protection at any given time.

As a data controller for the personal data processed through the TREIO website, LIBRe Foundation (Bulgaria) deeply believes that protecting your privacy and other fundamental rights and the integrity and confidentiality of your personal data is an integral part of the values and the aims of the TREIO Project.

One of your rights under European law is to be informed when your personal data - also known as personal information - is processed (collected, used, stored, deleted and so on) by any organisation, including the institutions and bodies of the European Union. You also have the right to know the details and purpose of that processing.

Some of the services offered through the TREIO website require the processing of your personal data. The present document gives you information about the compliance measures we have taken to protect your rights and freedoms while respecting the principles of lawful, transparent, and honest processing of personal data.

Here you can find out what kind of personal data we process, for what purposes and under what terms, with whom and under what conditions we share them. You can also read about how you can access your personal data and exercise the full amount of rights guaranteed by the General Data Protection Regulation.

Here we give you a general overview of some of the ways this website processes your personal data.

At any time, you may exercise your right of objection to the processing of personal data relating to you by contacting us directly.

Your Personal Data and the TREIO Website


LIBRe Foundation collects your personal information for the sole purpose of facilitating the provision of services through the TREIO website.

We do not reuse the information for another purpose that is different to the initial purpose.

We put in place measures to guarantee that your data are kept up-to-date and processed securely.

We will never divulge your personal data for direct marketing purposes.

You have the right to access your personal information, to have it corrected and the right to recourse; at any time if you believe your data protection rights have been breached.

We do not keep your personal information for longer than necessary for the purposes for which we collected it. However, we may keep your information for a longer period for statistical purposes with the appropriate safeguards in place.

PERSONAL DATA NECESSARY FOR ACCESS TO THE TREIO WEBSITE'S NEWSLETTER SUBSCRIPTION

We need your email to be able to send you the TREIO Newsletter (including project-related policy briefs and events’ announcement). If you do not confirm your email address within 3 days’ time, it will be deleted from our system. In case you confirm your email address, finalizing the subscription process, it will be used for the purpose of sending the TREIO Newsletter only. We collect the information to provide you with a service and let you know about TREIO most recent activities, event announcements and project advancements.

The legal basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR. We rely on your consent to process the personal data you provide to us for sending you this newsletter. You have the right to withdraw your consent, or to object to the processing of your personal data for this purpose at any time. You can do that by clicking on the ‘unsubscribe’ link at the bottom of each newsletter or by sending an email to: office@treio.eu. If you do that, we are going to update our records immediately to reflect your preferences.

In case you do not consent to processing your email address for sending you the TREIO newsletter, you can still access all newsletters and policies and related events’ news through the TREIO website via the ‘Media’ and ‘News’ Sections.

PERSONAL DATA NECESSARY FOR USE OF COOKIES AND SOCIAL MEDIA

For more information, please visit our Cookies Notice.

PERSONAL DATA NECESSARY FOR ACCESSING THE TREIO WEBSITE’S FILE EXCHANGE PLATFORM

The following personal data are processed only for the purposes of providing access to the TREIO File Exchange Platform of the TREIO website for registered Team Members of the TREIO Consortium.

Full Name – we will only process your name for the purpose of registration and further personalization of the communication between you, as a Team Member, and us, as a data controller as well as in between Team Members. This will also enable other Team Members to see your name and to address your personally (processed on the ground of Art. 6(1)(b) of GDPR, meaning we have a contract with you and we need to identify you as a party to this contract).

Email – we need your email address for the initial registration of a Team Member in order to provide access to the File Exchange Platform of the TREIO website for TREIO Consortium members and in case you consented to receive a newsletter in which case it will be used in order to send the newsletter to you (processed on the ground of Art. 6(1)(b) of GDPR).

Place of Work – we will only process your institutional affiliation for the purpose of registration and further personalization of the communication between you, as a Team Member, and us, as a data controller, as well as in between Team Members. This will also enable other Team Members to see your institutional affiliation and to address your personally in your capacity as your institution’s employee (processed on the ground of Art. 6(1)(b) of GDPR).

Username we use it to protect the Team Member Account against tampering and unauthorised access (processed on the ground of Art. 6(1)(f) of GDPR, meaning we rely on legitimate interest to ensure sufficient levels of information security).

Password – we use it to protect the Team Member Account against tampering and unauthorised access (processed on the ground of Art. 6(1)(f) of GDPR).

Personalized Picture/Photo – if you decide to provide your personalized photo, we will only process it for the purpose of displaying a photograph which is visible to other Team Members with access to the File Exchange Platform of the TREIO website (processed on the ground of Art. 6(1)(a) of GDPR, meaning we rely on you consent to process the data).

Phone number – if you decide to provide your us with a phone number, it will be processed only for the purpose of providing professionally-oriented information to other Team Members of the File Exchange Platform of the TREIO website by making it visible to them (processed on the ground of Art. 6(1)(a) of GDPR).

Address – if you decide to provide your us with an address, it will be processed only for the purpose of providing professionally-oriented information to other Team Members of the File Exchange Platform of the TREIO website by making it visible to them (processed on the ground of Art. 6(1)(a) of GDPR).

Website – if you decide to provide us with your website details, it will be processed only for the purpose of providing professionally-oriented information to other Team Members of the File Exchange Platform of the TREIO website by making it visible to them (processed on the ground of Art. 6(1)(a) of GDPR).

Twitter Account – if you decide to provide us with your website details, it will be processed only for the purpose of providing professionally-oriented information to other Team Members of the File Exchange Platform of the TREIO website by making it visible to them (processed on the ground of Art. 6(1)(a) of GDPR).

The TREIO File Exchange Platform is a self-hosted content collaboration platform, provided by Nextcloud GmbH, and running on a remote web server. You can get familiar with their Privacy Policy here.

Both the File Exchange Platform and the TREIO website are hosted by SuperHosting.BG OOD. You can get familiar with their Privacy Policy here.

Your Rights

RIGHT TO ACCESS

You have the right to ask us for copies of your personal information. This right always applies. You can make a subject access request to find out what data is held and how it is used by using our contact form. Please identify the following:

what kind personal data you want to access, or would you like to access all the personal data you have for you;

your name and contact details; and

if you need the data in a specific format.

We may refuse your access request if your data includes information about another individual, except where the other individual has agreed to the disclosure, or it is reasonable to provide you with this information without the other individual’s consent.

We are going to provide the requested information in the one-month term specified in Article 12(3) of the General Data Protection Regulation.

If you are unhappy with the result, please first get back to us so that we can investigate the matter further.

RIGHT TO ERASURE

You have the right to ask us to erase your personal information in certain circumstances. This is your so called ‘right to be forgotten’. If you want to exercise this right of yours contact us via our contact form and let us know what you want to be erased.

This right is not absolute so make sure your case follows under one of the following circumstances:

we do not need your data anymore (example: you do not work for one of our Partners anymore);

you initially consented to the use of your data, but have now withdrawn your consent (have in mind that this applies only to the personal data we process on the ground of your consent);

you have objected to the use of your data, and your interests outweigh ours;

we have a legal obligation to erase your data;

you suspect we have used your data unlawfully.

If your request meets one of the above scenarios we will erase your data. We can refuse to erase your data on one of the grounds in Article 17(3) of the General Data Protection Regulation, namely if your data is necessary for reasons of:

freedom of expression and information;

legal obligation to keep your data;

public health;

establishing, exercising or defending legal claims;

when erasing your data would prejudice scientific or historical research, or archiving that is in the public interest.

If your request is justified, we are going to erase your data in the one-month term specified in Article 12(3) of the General Data Protection Regulation.

If you are unhappy with the result, please first get back to us so that we can investigate the matter further.

RIGHT TO RECTIFICATION

You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.

If you want to exercise this right of yours contact us via our contact form and let us know what you want data you consider incorrect and how you want it to be amended.

When we receive your request, we are going to investigate the issue and either correct it or inform you why we consider the data accurate. We can also refuse on the ground of your request being “manifestly unfounded or excessive” which means it will cost us a significant amount of money or it will take a vast amount of resources.

If your request is justified, we are going to erase your data in the one-month term specified in Article 12(3) of the General Data Protection Regulation. In some cases we may need some extra time for investigation up to two more months but we will let you know about the delay in the initial one month period.

If you are unhappy with the result, please first get back to us so that we can investigate the matter further.

RIGHT TO RESTRICTION OF PROCESSING

You have the right to ask us to restrict the processing of your information in certain circumstances. It may involve asking us to stop processing your data for a certain period of time, stop us processing your data in a certain way or even stop us deleting your data. In any circumstances you can exercise your right by using our contact form.

You may ask us to temporarily limit the use of your data when we are considering:

a challenge you have made to the accuracy of your data;

an objection you have made to the use of your data.

You may also ask us to limit the processing of your data but not deleting it if:

processed your data unlawfully but you do not want them deleted;

we no longer need your data but you want us to keep it in order to create, exercise or defend legal claims.

What we will do to restrict the use of your data may include:

temporarily moving your data to another system;

making the data unavailable to users;

temporarily removing it from the TREIO website.

We will securely store your data and not use it unless:

you give us your consent to do so;

the data is needed for legal claims;

the data is used is to protect another person’s rights;

the data is used is for reasons of important public interest.

We can refuse your request on the ground of being “manifestly unfounded or excessive” which means it will cost us a significant amount of money or it will take a vast amount of resources. If your request is justified, we are going to erase your data in the one-month term specified in Article 12(3) of the General Data Protection Regulation. In some cases we may need some extra time for investigation up to two more months but we will let you know about the delay in the initial one month period.

If you are unhappy with the result, please first get back to us so that we can investigate the matter further.

RIGHT TO OBJECT TO PROCESSING

You have the right to object to processing if we process your information on the ground of our legitimate interests.

If you feel we should stop processing your data on this ground, you can contact us and justify your reasons using our contact form.

Note, however, that we may continue legitimately use your despite your objection if we can prove we have a strong reason to process your data that overrides your objection.

If your request is justified, we are going to stop processing your data in the one-month term specified in Article 12(3) of the General Data Protection Regulation.

If you are unhappy with the result, please first get back to us so that we can investigate the matter further.

RIGHT TO DATA PORTABILITY

You have the right to get your personal data from us in a way that is accessible and machine-readable. This right may seem similar to your right to access but it is only applicable to

data that is held electronically;

data you have provided to the organization.

Data you have provided does not just mean information you have typed in, such as a username or email address. It may also include such things as website or search usage history or traffic and location data.

If you want to exercise this right of yours contact us via our contact form, indicating what kind of data you would like to receive from us in a machine-readable format.

Before sending you this data we may need to confirm your identity in order to prevent fraud and other people getting access to your data. Then we will provide it in the required format.

If your request is justified, we are going to stop processing your data in the one-month term specified in Article 12(3) of the General Data Protection Regulation.

We can refuse your request on the ground of being “manifestly unfounded or excessive” which means it will cost us a significant amount of money or it will take a vast amount of resources. It can happen for example in case of a repetitive requests.

If you are unhappy with the result, please first get back to us so that we can investigate the matter further.

EXERCISING YOUR RIGHTS

If you were not able to exercise one or more of your rights, you may contact the Bulgarian Commission for Personal Data Protection and submit your complaint via:

Address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592

Phone number: +3592/91-53-518

Email: kzld@cpdp.bg

Website: www.cpdp.bg

Nevertheless, we advise you to try and contact us on the matter first.

The present Privacy Policy is adopted with a decision of the LIBRe Foundation’s director on behalf of the TREIO Consortium on 29 May 2020 prior to the launch of the TREIO website.

Any subsequent changes to the Privacy Policy shall be effective from the date indicated with the corresponding amendments.

© 2020 TREIO Consortium

Privacy Policy

pdf, 600 KB / TREIO Project