General Data Protection Regulation (GDPR)
The GDPR is EU Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. It repeals Directive 95/46/EC. The GDPR comes in force on 25 May, 2018. More information can be found on the EC GDPR site.
JPI Oceans as data owner and processor
JPI Oceans gathers personal data (name, email address, phone number, affiliation) through subscriptions on our newsletter, registrations for JPI Oceans activities and events, and from our members. All data gathered and processed by JPI Oceans is subject to the EU General Data Protection Regulation (GDPR), which aims to protect the privacy of all EU inhabitants. Note that JPI Oceans partly makes use of the IT system of the Flanders Marine Institute (VLIZ
. To send newsletters JPI Oceans makes use of Mailchimp as the data processor (see point 5 below). To register participants for events in some cases JPI Oceans uses Eventbrite as the data processor.
Your rights as a data subject
A data subject is the natural person for whom personal data is processed. Each person has the right to be informed on what personal data is being processed and to have access to their personal data.
As a data subject, you can request:
- corrections or updates to your personal data
- to restriction or stop the processing of your data;
- to erase your data from our database
Note that not all rights are absolute: JPI Oceans can have compelling legitimate grounds that outweigh the interests and rights of the objector (accountancy, juridical reasons...). When a request is made, JPI Oceans may demand extra information to confirm your identity. All requests made by data subjects will be logged.
Legal grounds for data processing
There are several legal grounds for data processing. The most common is prior consent, which can be withdrawn at any time, or it can stem from an agreement with our member institutes. JPI Oceans further has the legal obligation to process personal data for accountancy purposes, and has to keep this data according to the legal obligations. JPI Oceans also processes personal data for common interest as JPI Oceans maps and describes the European marine and maritime science and innovation landscape, and gathers professional data on scientists, industry representatives, policy makers and institutes for this purpose.
Services requiring personal data
For some of the JPI Oceans services and activities processing of personal data is necessary. By entering your personal data, you agree to the data processing. This data is kept for as long as the agreement lasts, and at least as long as is required for legal purposes (e.g. accountancy). For purposes concerning proof in juridical disputes, JPI Oceans may store personal data up to 10 years after the occurrence, which is the maximum legal term for placing personal claims. JPI Oceans requires personal data for the following:
1. JPI Oceans membership
JPI Oceans collects data of its member organisations. This includes the contact details (name, e-mail, address, phone number) of the delegates and alternates and any other persons from the organisations that have been nominated to participate in JPI Oceans Working or Expert Groups, events and publications. JPI Oceans uses this data to inform members on JPI Oceans activities and for membership administration (legal obligation and reporting to the member countries and European Commission). The institutional affiliation is saved for institutional members. More information on JPI Oceans membership can be found here
2. Participation in (on-line) surveys
The personal data collected depends on the type of survey, and can contain: full name, e-mail address, country, organisation name and type, telephone number.
3. Visitor tracking on websites and cookies
4. Conference and other event participation
In order to participate in events organised by JPI Oceans, registration is required for organisational purposes (venue size, catering services, inform participants on programme updates, etc.). Registration forms will contain a section to allow participants to subscribe to further communications by JPI Oceans, or to remove their data once the event has taken place (this is the default option). For each event, several e-mails may be sent as part of the communication agreement: save-the-date, posting of the tentative programme, abstract submission calls, closing of the early bird or final programme, and the closing e-mail with links to pictures taken and download links for presentations.
During our events, pictures/film can be taken which can be communicated to the participant, used in the JPI Oceans annual report and other JPI Oceans publications, or posted on our website. If you do not want your pictures to be published, you can send a request for the removal of photographs or films to the e-mail address used for event administration or to email@example.com . Photos in which the requester are shown will be removed from our web sites and servers; for films, the film segment will be cut out or the film deleted out if the requester is clearly visible.
5. Mailing lists organised or serviced by JPI Oceans
6. Personal data offered for job applications
Personal data offered in the context of job applications will be used solely for processing the application, unless consent was given for alerts on future job offers. The data will only be available to JPI Oceans personnel handling the job offer and to the members of the selecting panel (JPI Oceans and/or external experts).
The emails and personal data received will be stored for 10 years for evidence purposes in case of juridical claims by the applicant.
7. Drupal, our content management system (CMS)
The JPI Oceans website is created in Drupal. For content management several editors are appointed, and these need an account to be able to log in to and change a site. All session information and changes made by the editors are stored in Drupal. Each editor can list their actions for each of the sites via a Drupal module.
Questions and Complaints
If you have any questions regarding personal data stored by JPI Oceans, you can contact us by e-mail at firstname.lastname@example.org by phone: +32 (0)2 626 16 60 or on the following address: Rue du Trône 4, 1000 Brussels, Belgium
, the National Data Protection Authority (DPA) for Belgium. If there is a data breach, JPI Oceans is bound to inform the Privacy Commission within 72 hours, and affected users - if identifiable - will also be notified.