Who is the data controller?
As coordinator of the DIAMAS project, AIX MARSEILLE UNIVERSITY is responsible for processing personal data under Article 13 of the EU General Data Protection Regulation n. 679/2016. As such, the contact point for all questions related to the processing of personal data in the context of the DIAMAS project is: DPO@univ-amu.fr.
Purposes and legal basis for the processing of data
In case you provided your personal data to the project, they will be processed only for the Institutional purposes related to the project goals. Pseudonymised for research purposes under article 89 GDPR will always take place, unless it is necessary to contact you for dissemination activities for project purposes at some point in its duration. However, consent will be requested in such cases e.g., newsletters. For project events, some personal data will be collected for administration and organisation of events (in-person and online). Events will be accompanied by their own privacy statement when this data is provided.
Rights of data subjects
As data subjects, you have the right to obtain confirmation as to whether or not your personal data exist, to be informed of the content and source of such data, to check their accuracy and request their correction, as well as restrict processing of your personal data and any unlawfully processed data erased, made anonymous or blocked.
You shall exercise your rights, submitting your request to the Project coordinator email: Pierre Mounier – firstname.lastname@example.org. You may also lodge a complaint to the data protection officer of AIX MARSEILLE UNIVERSITY: Mr. Hervé ISAR – DPO@univ-amu.fr, or seize the Commission nationale informatique et Liberté (www.cnil.fr) if you consider that your rights have been infringed.
DIAMAS Internal meetings & GDPR
During the DIAMAS internal meetings (WP meetings, WP Leaders meetings (Executive Committees), and General Assemblies), general personal data types will be collected in the project rolling minutes, like the contact details of the DIAMAS project partners (e.g., name, organisation, and email). These data shall only be shared among the DIAMAS Partners and with the European Commission when required in the context of an audit.
DIAMAS virtual events & GDPR
GDPR compliant video event tool:
Our virtual events will be hosted on Zoom, which was selected for its advanced features, security measures and commitments to abide by the requirements set forth in the GDPR.
Recording of virtual events:
To enhance the accessibility of our virtual events, we may occasionally record them. These recordings will serve various purposes, such as post-event reviews and future references for participants who could not attend. We will only record the event with your explicit consent, which will be requested at the beginning of the virtual event on Zoom through a recording consent disclaimer.
In compliance with Article 6.1.a. of the GDPR, the recording consent disclaimer prompts participants in meetings or webinars to provide their consent to be recorded. Participants will be notified when a recording is starting or if they join a session that is already being recorded. The participant can choose to either give their consent and continue with the session or leave if they do not wish to be recorded.
Storage of recordings:
We will securely store the recorded virtual event sessions in our DIAMAS project’s Google Drive managed by the DIAMAS project coordinator. Google Drive is a cloud storage service that offers strong security measures and data encryption to safeguard personal information. The recordings will be preserved according to the provisions of Article 5.1.e of the GDPR for a period of 2 years after the end of the project.
Joint virtual events:
When hosting joint events, data will be shared with other projects where explicitly stated.
Attendee registration and data collection:
To ensure successful management of our virtual events, we will kindly request attendees to register. During the registration process, we will ask for some personal information such as your name, email address, affiliation, and type of your organization. These general personal data types shall only be used for conducting anonymised statistics for the DIAMAS project’s sole internal purpose.
As a participant of a DIAMAS virtual event, you are entitled to certain rights under the GDPR that you can exercise: the right to access (Article 15), rectify (Article 16), and erase (Article 17) your personal data, as well as the right to restrict (Article 18) or object (Article 21) to its processing. If you wish to exercise any of these rights or have any privacy-related concerns, please contact the following email: DPO@univ-amu.fr.
Survey data processing & GDPR
Through a comprehensive survey, the DIAMAS project will seek to gather Institutional Publishing Service Providers (IPSPs) data from all European Research Area (ERA) countries. A further selection will be made based on the survey results as a function of 3 major selection criteria (Regional representation, Research and Innovation performance, and Open Access penetration).
The data gathering and analysis will provide a comprehensive overview of the variety of disciplines served across Europe, the languages used, and the types of institutional actors involved, to provide specific tools and standards for each area. Data will be analysed to evaluate where IPSP services and practices can be streamlined and harmonised. The results of the landscape analysis will be openly published according to the FAIR principles and open to corrections by the institutional actors involved.
Article 5.1.b. of the GDPR requires that personal data shall be collected for specified, explicit, and legitimate purposes: After the launch of the survey, general personal data types will be collected, limited to names and emails of the survey respondents; only if the respondents approve their consent form. Moreover, Article 5.1.f. of the GDPR states that personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage. As a result, for security purposes, the respondents’ emails and names will be anonymised prior to the survey analysis results release.
The personal data collected and generated by the survey will be preserved according to the provisions of Article 5.1.e of the GDPR for a period of 2 years after the end of the project.
DIAMAS Project interviews & GDPR
Interviews will be conducted in the context of the DIAMAS project. Article 6.1.a of the General Data Protection Regulation (GDPR) requires that data processing is lawful only if and to the extent that the data subject has given consent to the processing of their personal data for one or more specific purposes. It is planned to interview a range of Institutional Publishing Service Providers (IPSPs) to capture the European and publishing diversity.
Article 5.1.b. of the GDPR requires that personal data shall be collected for specified, explicit and legitimate purposes: Throughout and during the interview process, general personal data types will be collected, limited to names, contact information, job titles, and voices of the interviewees. Moreover, Article 5.1.f. of the GDPR states that personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage. As a result, for security purposes, the dataset collected in the context of the interviews will be anonymised prior to the interviews transcripts’ public release.
DIAMAS Project Newsletter & GDPR
By subscribing to the DIAMAS project newsletter, you agree to receive emails highlighting the news, events, communications, and research developments related to the DIAMAS project.
Moreover, by accepting to subscribe to the DIAMAS project newsletter, we hereby inform you have consented to your email addresses being sent based on Article 6.1.a of the General Data Protection Regulation (GDPR). Article 6.1.a of GDPR states that processing is lawful if the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
Similarly, you are also entitled as a data subject (subscriber) to object to the future processing of your personal data at all times in accordance with the legal regulations pursuant to Art. 21 of the General Data Protection Regulation (GDPR). As such, every DIAMAS newsletter will have an opt-out link if people wish to stop receiving emails. Should the subscriber want to opt out of the DIAMAS project newsletter, he or she can do so by sending an email to email@example.com, and the person will be removed from the subscriber list.
Cookies created on a visitor’s computer/smartphone do not contain personal identification data and do not compromise his or her privacy or security.
What cookies does the DIAMAS project website use?
The DIAMAS project website uses the following cookies:
- session cookies: they are temporary and allow users access to personalized services and to take full advantage of the website’s features.
- analysis cookies: with the help of Google, they allow the performance of visitors traffic analysis. The information thus gathered has no personal significance as the data are collected and analysed anonymously. The project makes specific use of Google Analytics cookies in the manner shown on this page.
- social cookies: they are supplied directly from the social media domains that the project website hosts through links to official pages, sharing buttons and links. The use of these buttons involves the exchange of information with these websites, therefore, the management of the information and how to eliminate it is regulated by them.
Usage of third-party websites
The DIAMAS website may include links to third-party websites, in particular websites. We are not responsible for the privacy and cookies policies of third parties, nor are we responsible for the information or content these websites contain. We encourage you to read the privacy & cookies policies of third parties before using their websites.
How can you disable cookies?
If cookies are blocked, the use of the project website and some of its services may be limited. Below are details of how to disable cookies on popular browsers:
- Internet Explorer: managing cookies
- Mozilla Firefox: clear cookies and sites; blocking cookies
- Google Chrome: managing cookies
- Safari: managing cookies
It is possible to disable cookies of Google Analytics by visiting the Google web page (Google GaOptOut) and downloading the free plug-in for a specific browser.
Changes to this policy
We may revise this Privacy & Cookies policy from time to time, for example, due to changes in our practices or for other operational, legal, or regulatory reasons. You should check this page to ensure you are up to date with the most current version of the policy.
HISTORY OF VERSIONS
Published on November 2022
Published on August 2023