Privacy Notice

Protection of personal data
The AICIB is committed to respect for private life. Its policy on protection of personal data is founded on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

Most pages of the AICIB site require no personal information except in certain cases to allow requests for on-line services to be met.

Where a user connects to the site, certain of his/her particulars, such as Internet digital address (IP), navigation round the site, software used, time spent and other like data are stored on the AICIB servers. These items do not specifically identify the user. The information is only put to internal use.

Any personal information, such as name, electronic or postal address or other information, which may be supplied when completing the forms stored on this site, is not made available to the public, or disclosed or sold to third parties. The AICIB retains the data only for as long as needed for their processing and for the purpose to which consent has implicitly been given. Beyond that, the information is not re-used.

Data subjects are entitled to request further information about their personal data by contacting AICIB Data Protection Officer: privacy@aicib.pt.

Cookies
AICIB uses cookies on its sites in order to provide services and functionalities to its users.
What types of cookies are used on AICIB Internet site?
• Strictly necessary cookies
o Cookies which are essential for the management of your connection status.
• Functional Cookies
o These cookies enable an Internet site to remember your previous actions in order to provide you with advanced functionalities.

Confidentiality
AICIB, as the Recipient, hereby acknowledge that the any scientific or technical information, invention, design, process, procedure formula, improvement, technology or method or other like information provided by the applicant, as the Discloser, shall be regarded and kept as Confidential Information.

Reproduction of material
Unless otherwise indicated, reproduction of material posted on AICIB website is authorised for private use only. This authorisation is subject to the condition that the source be indicated.
AICIB’s logotype is protected by intellectual property rights vested in this agency. Consequently, it may not be reproduced, modified, re-circulated, commercially exploited or re-used in any form whatsoever without the prior written consent of the agencies or persons concerned.

Processing of personal data linked to meetings and events
This privacy statement provides information about the processing and the protection of your personal data.

Data Controller: AICIB

1. Introduction
The Agência para a Investigação Clínica e Inovação Biomédica (hereafter ‘AICIB’) is committed to protecting your personal data and to respecting your privacy. AICIB collects and further processes personal data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

This privacy statement explains the reasons for the processing of your personal data, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you have in relation to your personal data. It also specifies the contact details of the responsible Data Controller with whom you may exercise your rights, the Privacy Liaison and the National Portuguese Authority – Comissão Nacional de Proteção de Dados.

This privacy statement concerns the processing of personal data by AICIB when managing meetings and events.

2. Why and how do we process your personal data?
The purpose of the processing is to ensure the proper organisation, operation and management of meetings, workshops, seminars, away days and other similar events for the general public, media or various stakeholders, including Info/Open days, Citizens’ dialogues, seminars, etc. (hereafter ‘meetings or events’), organised or co-organised by AICIB. Personal data is collected to ensure the dissemination of information to the media, citizens and stakeholders about the activities of AICIB and the objectives and goals of its activities and actions.

Specifically, personal data may be collected for the following purposes:

  • meetings or events;
  • sending e-mails/letters (including invitations) by manual, electronic/automated means;
  • publishing and sharing participants/attendance lists;
  • processing opt-ins (explicit consents, g. participation at event, subscription to a newsletter) collected through online registration forms;
  • collecting and managing lists/mailing lists for meetings or events.
  • publishing minutes, reports, notices, proceedings, news, newsletters, photographs, (live) web-streaming and/or audio and video recording of speakers and participants, presentations of speakers, including on internet/intranet, in the context of events organised by AICIB;
  • collecting and managing lists and mailing lists for meetings, news and publications.

Live web-streaming and audio-visual recording at the meeting/event of the speakers, organisers and participants, as well as photographs of the speakers and panoramic photographs of participants and organisers will be taken and published in the context of the meeting/event at a site or place indicated in the specific privacy statement linked to the event.

The audience or non-speaker participants are not photographed individually or in groups. They may however appear on panoramic photographs of the whole event/audience.

Participants who do not wish to be part of the above web-streaming and recording/publishing activities have the possibility to object to processing e.g. by sitting in back rows which are not recorded/photographed, by wearing special badges, by attending the online meeting/event without intervention).

Your personal data will not be used for automated decision-making including profiling.

3. On what legal ground(s) do we process your personal data?
We process your personal data, because:

1) processing is necessary for the performance of a task carried out in the public interest that AICIB is vested by its bylaws.

The processing operations of personal data linked to communication actions is a task resulting from AICIB’s own prerogatives at institutional level.

2) you have given consent to the processing of your personal data for one or more specific purposes (Article 6(1)(a) of Regulation (EU) 2016/679).

For specific processing activities, the consent of the data subject is necessary. In compliance with Article 7 of Regulation (EU) 2016/679, the consent must be freely given, specific, informed and unambiguous and it may be expressed by an email, submitted through an e-registration form, or in any other written form.

Your consent is required for the following actions during the meeting/event (if applicable):

    • The sharing of the meeting/event participants list containing your name and affiliation with other participants, in case you are willing to intervene. If you do not wish to consent, you will be able to attend the meeting/event as a mere spectator.
    • The sharing of the meeting/event attendee list containing your name and affiliation among participants, in order to create working groups to continue the collaborative work launched during the meeting/event;
    • The processing of your personal data for inviting you to future events the data controller may organise;
    • The processing of your personal data for managing your subscription to a newsletter of the data controller;
    • The processing of your consent for taking photographs, making live web-streaming and/or audio and video recordings of speakers and participants at meeting/event. If you do not wish to consent, you will be able to attend the meeting/event as a mere spectator.

If you opt in, you are giving us your explicit consent under Article 6(1)(a) of Regulation (EU) 2016/679 to process your personal data for those specific purposes. You can give your consent via a clear affirmative act by ticking the box(es) on the online registration form. We may obtain your consent directly from you via email, or a sign-up form that is distributed during a meeting, or through an opt-in option that is provided for in the online registration form. Your consent for these services can be withdrawn at any time and detailed information on how to withdraw consent will be contained in the privacy statement linked to the specific meeting/event.

4. Which personal data do we collect and further process?
In order to carry out this processing operation, the Data Controller may collect the following categories of personal data:

    • Identification data: first/last name, gender (for the correct title), function/title, name of organisation, postal address, city/zip code, country, e-mail, phone/mobile numbers, areas); nationality, online identifiers (device ID, IP address and/or cookie identifier);
    • professional background: function/title, name of organisation, areas of expertise, fields of interest;
    • personal data available via audiovisual content (e.g. photographs/pictures, photo shoots, presentations etc.) that might be available on the internet/intranet in the context of the meetings and in the framework of European Commission activities (only with the explicit permission of each participant): voice recordings, video recordings, or an image of a data subject.

5. How long do we keep your personal data?
The Data Controller only keeps your personal data for the time necessary to fulfil the purpose of collection or further processing.

5.1 Personal data related to the organisation and management of the meeting/event.
Personal data provided during the registration, before, during or after the event will be stored stored indefinitely or until the given consent is withdrawn. They will be archived and stored in Records System of AICIB under its responsibility.

5.2 Personal data available via audiovisual content.
Audiovisual material collected in the course of the meeting/event, will be kept indefinitely or until the given consent is withdrawn.

Recordings from the web-streamed meeting/event will be kept indefinitely or until the given consent is withdrawn.

Selected audiovisual content may be archived for permanent preservation, in line with the provisions of article 89 of GDPR, for historical purposes to document, preserve and make the history and audiovisual heritage of AICIB publicly available.

5.3 Personal data shared with the controller for future mailing purposes (e.g., for receiving newsletters or invitations to similar events) are processed in line with article 7 of GDPR.

6. How do we protect and safeguard your personal data?

All personal data in electronic format (e-mails, documents, databases, uploaded batches of data, etc.) are stored on the servers of AICIB and in a Cloud located inside the EEA.

In order to protect your personal data, AICIB has put in place a number of technical and organisational measures. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorised access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organisational measures include restricting access to personal data solely to authorised persons with a legitimate need to know for the purposes of this processing operation.

7. Who has access to your personal data and to whom is it disclosed?

Access to your personal data is provided to the authorised personnel of AICIB and its contractors responsible for carrying out this processing operation according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements.

Authorised staff AICIB have access to the personal data provided by participants for the registration to the event, lists of participants, mailing lists, paper files and electronic files containing information related to day-to-day correspondence. The data is necessary for the organisation and management of meetings and follow-up activities.

Authorised staff of AICIB processors and external contractors may be provided with the data relevant for them to provide the required logistical and organisational support. That may include mailing lists and/or drawing up their own mailing lists, and creation of their own paper/electronic records based on contacts with the panel members for the purposes of organising meetings. For meetings that include or are managed by external contractors, there may be exchanges of information with participants in order to arrange travel and accommodation.

Security services may collect and handle personal data of the participants for security purposes, prior to events held at the premises of the event. Security services should be interpreted as services contracted by AICIB.

7.1 Cookies
Cookies are short text files stored on a user’s device (such as a computer, tablet or phone) by a website. Cookies are used for the technical functioning of a website (functional cookies) or for gathering statistics (analytical cookies).

If registration for the meeting/event takes place via an external processor website, the cookies employed are those of the processor.

7.2. Third party IT tools, including Social Media
We may use third party IT tools to inform about and promote the meeting/event through widely used communication channels, including the social media.

You may be able to watch our videos, which may be also uploaded to one of our social media pages and follow links from our website to other relevant social media.

In order to protect your privacy, our use of third party IT tools to connect to those services does not set cookies when our website pages are loaded on your computer (or other devices), nor are you immediately redirected to those social media or other websites. Only in the event that you click on a button or “play” on a video to watch it, a cookie of the social media company concerned will be installed on your device. If you do not click on any social media buttons or videos, no cookies will be installed on your device by third parties.

We recommend that users carefully read the relevant privacy policies of the social media tools used. These explain each company’s policy of personal data collection and further processing, their use of data, users’ rights and the ways in which users can protect their privacy when using those services.

The use of a third party IT tool does not in any way imply that AICIB endorses them or their privacy policies. In the event that one or more third party IT tools are occasionally unavailable, we accept no responsibility for lack of service due to their downtime.

8. What are your rights and how can you exercise them?

You have specific rights as a ‘data subject’ under Chapter III of Regulation (EU) 2016/679. As regards this processing operation, you can exercise the following rights:

  • the right to access your personal data;
  • the right to rectification in the case that your personal data is inaccurate or incomplete;
  • the right to erasure of your personal data;
  • where applicable, the right to restrict the processing of your personal data;
  • the right to data portability;
  • the right to object to the processing of your personal data, which is lawfully carried out pursuant Consent on grounds relating to your particular situation.

You have consented to provide your personal data to AICIB for the present processing operation. You can withdraw your consent at any time by notifying the Data Controller. The withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent.

You can exercise your rights by contacting the Data Controller, or in case of conflict the Privacy Liaison. If necessary, you can also address the Portuguese National Authority – Comissão Nacional de Protecção de Dados.

Where you wish to exercise your rights in the context of one or several specific processing operations, please provide their description in your request.

9. Contact information

The Data Controller
If you would like to exercise your rights under Regulation (EU) 2016/679, or if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller, by sending an email to privacy@aicib.pt.

The Portuguese National Authority – Comissão Nacional de Proteção de Dados (CNPD)
You have the right to have recourse (i.e. you can lodge a complaint) to the CNPD in www.cnpd.pt/cidadaos/participacoes/geral/ if you consider that your rights under Regulation (EU) 2016/679 have been infringed as a result of the processing of your personal data by the Data Controller.